Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

syssvcnt.exe

Started by Bombbuster , Feb 19 2007 09:30 AM

Please log in to reply

#1
Bombbuster

Posted 19 February 2007 - 09:30 AM

Member

Member
10 posts

Can anyone tell me what SYSSVCNT.EXE is and why it seems to hijack my CPU (98% usage)? It slows my PC to crawl.

Edited by Bombbuster, 19 February 2007 - 09:31 AM.

#2
Retired Tech

Posted 19 February 2007 - 01:12 PM

Retired Staff

Retired Staff
20,563 posts

Please follow the procedures outlined here: Malware Removal Guide

You will need a PC which can connect to the internet

Run all the programmes as advised then post a current Hijack This Log in a new topic in the Malware Forum

For the purpose of accurate malware analysis, Hijack This Logs are only dealt with in the Malware Forum. Posting them anywhere else will result in a delayed response

If you are unable to run any of the programmes, please ask for advice in the Malware Forum

Reference: Viruses and other injurious files can camouflage itself as a syssvcnt. exe. Especially, if the file is in C: \windows or C:\Windows\System32

#3
Bombbuster

Posted 28 February 2007 - 04:52 PM

Member

Topic Starter
Member
10 posts

Keith...... I've followed MALWARE removal steps (ATF Cleaner, System restore,AVF Spyware) I have Cox internet with Mcafee anti virus (don't know if it's any good or not) I've downloaded Panda Activescan but I get an error msg stating "Error on page" when I select "my computer" any thoughts?
By the way thanks for assisting me. I can spell computer but that's about it!!
Tom

#4
ultimateslacker2

Posted 28 February 2007 - 04:55 PM

Member 1K

Retired Staff
1,581 posts

You need to post a HJT log in the malware forum and a professional will analyze it for you :whistling:

#5
Bombbuster

Posted 02 March 2007 - 07:37 PM

Member

Topic Starter
Member
10 posts

Thi is what the pands activescan found. I have not done a HJT folder yet should I?

Incident Status Location

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Barbara\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@adrevolver[2].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Barbara\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@atdmt[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@casalemedia[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@fastclick[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Barbara\Cookies\[email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@questionmarket[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@tribalfusion[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Barbara\Cookies\barbara@zedo[1].txt
Virus:Trj/Banker.FTI Disinfected C:\Documents and Settings\Barbara\Desktop\super_gerball.exe
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Casey\Cookies\casey@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Casey\Cookies\[email protected][1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Casey\Cookies\casey@adrevolver[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Casey\Cookies\[email protected][2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Casey\Cookies\casey@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Casey\Cookies\casey@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Casey\Cookies\casey@atwola[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Casey\Cookies\casey@casalemedia[1].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Casey\Cookies\[email protected][2].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Casey\Cookies\casey@clickbank[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Casey\Cookies\casey@doubleclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Casey\Cookies\casey@fastclick[2].txt
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Casey\Cookies\casey@fortunecity[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Casey\Cookies\[email protected][2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Casey\Cookies\casey@mediaplex[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Casey\Cookies\casey@overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Casey\Cookies\casey@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Casey\Cookies\casey@realmedia[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Casey\Cookies\casey@target[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Casey\Cookies\casey@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Casey\Cookies\casey@tribalfusion[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Casey\Cookies\casey@zedo[1].txt
Hacktool:Exploit/iFrame Not disinfected Personal Folders\Deleted Items\INC.SCOREBOARD.T
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\pretty pic about you?\posting_class_photos.htm.com
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\denied!\bill.exe
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\denied!\product.doc.com
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\question\yours_more.zip[yours_more.exe]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Re: unknown\product.scr
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Re: excuse me\undefinied_location.zip[undefinied_location.txt.pif]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Re: does it?\jokes.scr
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\oh\final.doc.com
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Re: unknown\posting.zip[posting.txt.pif]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Returned mail: see transcript for details\<Server Error>\death.htm.scr
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Returned Mail: Message Could Not Be Delivered\great!\release.zip[release.rtf.scr]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\never!\auction_old_photos.zip[auction_old_photos.exe]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\see this!\swimmingpool.zip[swimmingpool.htm.com]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\what's up?\material.zip[material.exe]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\oh\sexual.scr
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\do not give up!\stuff.zip[stuff.doc.scr]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Re: Re: Re: Re:\regid_moonlight.exe
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\Here is it\sexual_nomoney.zip[sexual_nomoney.com]
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\that's not the truth?\transfer.exe
Virus:W32/Netsky.C.worm Disinfected Personal Folders\Deleted Items\I have your password!\word_doc.txt.com
Virus:W32/Netsky.P.worm Disinfected Personal Folders\Deleted Items\Re: Administration\readme.zip[document.txt .exe]
Hacktool:Exploit/iFrame Not disinfected Personal Folders\Deleted Items\Mail Delivery (failure [email protected])
Virus:W32/Netsky.P.worm Disinfected Personal Folders\Deleted Items\Mail Delivery (failure [email protected])\message.scr
Hacktool:Exploit/iFrame Not disinfected Personal Folders\Deleted Items\Returned mail: see transcript for details\Mail Delivery (failure [email protected])
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Tom\Cookies\tom@2o7[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Tom\Cookies\tom@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Tom\Cookies\tom@atdmt[1].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Tom\Cookies\tom@atwola[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Tom\Cookies\tom@bluestreak[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Tom\Cookies\tom@casalemedia[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Tom\Cookies\tom@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Tom\Cookies\tom@fastclick[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Tom\Cookies\[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Tom\Cookies\tom@trafficmp[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Tom\Cookies\tom@zedo[1].txt
Virus:W32/Mydoom.A.worm Disinfected Personal Folders\Deleted Items\Status\rrnzf.zip[rrnzf.txt .pif]
Virus:W32/Netsky.B.worm Disinfected Personal Folders\Deleted Items\unknown\bill.rtf.scr
Virus:W32/Bagle.E.worm Disinfected Personal Folders\Deleted Items\Jessica\eeabdaddcb.zip[ueqvylax.exe]
Spyware:Spyware/Support Not disinfected C:\Program Files\Support.com\bin\tgcmd.exe
Virus:Trj/Downloader.FNP Disinfected C:\WINDOWS\Downloaded Program Files\CONFLICT.1\miniclipGameLoader.dll
Adware:adware/ieplugin Not disinfected C:\WINDOWS\kwv2.dat

#6
Retired Tech

Posted 03 March 2007 - 05:14 AM

Retired Staff

Retired Staff
20,563 posts

Click start then control panel, network and internet, internet options, delete all browsing history (IE7) or delete cookies (IE6)

Run Pandascan then it should not find the cookies

I would post the HJT Log because although Panda disinfected everything it found, there were a lot, and there could be others

#7
Bombbuster

Posted 03 March 2007 - 06:33 AM

Member

Topic Starter
Member
10 posts

This is my HJT "unnstall list:
"Doras Carnival Adventure (remove only)"
2004 Earth Science
Abacast Client
AcademicOnline Interactive Mathematics
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Acrobat Reader 3.01
Adobe Download Manager 2.0 (Remove Only)
Adobe Photoshop 5.0 Limited Edition
Adobe Reader 7.0.9
Adobe® Photoshop® Album Starter Edition 3.0
Amazon Trail
America Online
Anti-Spyware (PestPatrol)
Anti-Virus (Command Software)
AOL Coach Version 1.0(Build:20011028.1)
AOL Explorer
AOL Instant Messenger
AOL Toolbar 2.0
Authentium Web Install Helper
AVG Anti-Spyware 7.5
Backyard Soccer 2004
BIONICLE
Bookworm Deluxe
BroadJump Client Foundation
Broderbund Media Manager
Canon Camera Window for ZoomBrowser EX
Canon PhotoRecord
Canon PowerShot G3 WIA Driver
Canon Utilities File Viewer Utility 1.2
Canon Utilities PhotoStitch 3.1
Canon Utilities RemoteCapture 2.7
Canon Utilities ZoomBrowser EX
Conexant HSF V92 56K RTAD Speakerphone PCI Modem
CorrectConnect
Cox (CVUS)
Cox High Speed Internet Security Suite
Dance Praise
Dell Picture Studio - Image Expert 2000
Dell Solution Center
DellTouch
Diego`s Dinosaur Adventure (remove only)
Diegos Rescue Adventure (remove only)
Easy CD Creator 5 Basic
ESP
Event Planner
eyeQ
Firewall (Core)
Firewall (User)
Hallmark Card Studio 2003
Halls of Injustice (remove only)
HijackThis 1.99.1
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
igLoader
Imaginext™ Battle Castle
InterActual Player
iPod for Windows 2006-01-10
ItsDeductible Express
iTunes
Java 2 Runtime Environment, SE v1.4.0_01
Java 2 Runtime Environment, SE v1.4.1_04
Java Web Start
Jeopardy! 2nd Edition
Jimmy Neutron Invention Revenge (remove only)
JuilliardMusicAdventure
Kids Next Door
Lernout & Hauspie TruVoice American English TTS Engine
Lexmark X5100 Series
Liberty's Kids
LiveUpdate 2.7 (Symantec Corporation)
Lyra Jukebox Applications
Macromedia Shockwave Player
Mavis Beacon Teaches Typing
Microsoft Creative Writer 2
Microsoft Data Access Components KB870669
Microsoft Interactive Training
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Standard Edition 2003
Microsoft Office XP Media Content
Microsoft Office XP Small Business
Microsoft PowerPoint Viewer 97
Microsoft Web Publishing Wizard 1.52
Miniclip
Modem Helper
Money Matters Gold
Monsters, Inc. Wreck Room Arcade
MovieShop
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
Musicmatch® Jukebox
Mystery Case Files Huntsville (remove only)
Mystery Club Gadget Games
NVIDIA Windows 2000/XP Display Drivers
Oasis
OTOY
Panda ActiveScan
Personalized Learning Center
PhoneTools
Pinball Science
Popup Blocker
PowerDVD
PRO200WL
Quicken 2004
QuickTime
Reader Rabbit's Preschool
Reading Blaster Ages 9-12
RealPlayer
SafeCast Shared Components
Scholastic's I SPY School Days
Scholastic's I SPY Spooky Mansion Deluxe
Scholastic's I SPY Treasure Hunt
Screensavers Installer Version 2
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Shockwave
Shockwave Player
Sound Blaster Live! Value
SpongeBob SquarePants Diner Dash (remove only)
SpongeBob SquarePants Krabby Quest (remove only)
SpongeBob SquarePants Obstacle Odyssey (remove only)
Starware316 4.4.1.0
Super Solvers Reading Ages 9-12
Super Solvers Spellbound
The ClueFinders' 4th Grade Adventures
The ClueFinders 5th Grade Adventures
The ClueFinders' Math Ages 9-12
The Great Brain Robbery
The Print Shop
The Rosetta Stone 2000
The Trade Center
Third Party Prerequisites
TradeSeeker
TradeSeeker 5.0.3
TradeWinds 2 (remove only)
Treasure Planet: Battle at Procyon
TurboTax Deluxe 2002
TurboTax Deluxe 2004
TurboTax Deluxe 2005
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TurboTax ItsDeductible 2006
TurboTax Premier Home & Business 2003
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB931836)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Web Filtering (Base 2)
Web Filtering (Base)
Web Filtering (Kids Page)
Web Filtering (RuleSpace Anti-Phishing)
Web Filtering (Rulespace)
WexTech AnswerWorks
WildTangent Web Driver
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WordSmart Challenge
World Book 2006 (Deluxe)
WS4
Yahoo! extras
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar

Question.. When i ran HJT ot a very large list of "stuff" with checkmarks next to it but I don't know how to post that for you folks to look at.