is xcommsvr.exe backdoor?

Discussion in 'Windows Desktop Systems' started by speedrayo, Feb 22, 2002.

  1. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    whats for xcommsvr.exe? do u have like that? check CTRL + ALT + DEL if u see there xcommsvr.exe is relate xp or backdoor or what?
    [​IMG]

    Thank you.
     
  2. dotbatman

    dotbatman Guest

    I can't find anything on the MS Knowledgebase, but try tracing the destination IP with NeoTrace. You can download a free version, just do a google search. Knowing who the destination IP is might give you an idea.

    I'm looking for a complete list of Windows services, i'll write back when i find it (anyone know where to find one?)
     
  3. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    Thank you...yeah...thats i want list of windows services...let me know..thank you....that file xcommsvr.exe from Romania possible backdoor because....last monday to today.....Eject of my Cdrw...i was piss off...then i download zone alarm...then...No problem my cdrw thank god....i guess...my computer is safe. :D


    [​IMG]
     
  4. dotbatman

    dotbatman Guest

    holy crap!

    it was going to Romania?!

    Are you saying this came from a CD you loaded?

    Jeez, ya, a process running in the background trying to contact an obscure port (4020 - 4095 are listed as "unassigned"), I can't see any legit apps that would use that...
     
  5. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    *damn*...few min ago.....cdrw eject itself is Back....F*@K win xp or other....btw i m going to re format...i hope...Cdrw stop eject itself :(.....
     
  6. dotbatman

    dotbatman Guest

    hang on!

    before you reformat, try a Trojan scanner. Check with Symantec or do a Google search, a trojan scanner might be able to find your bad guy.

    Also, the cdrw ejecting by itself, are you sure it's not caused by something else? Can you remember what you were doing when the cdrw tray opened?
     
  7. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    yeah...But i already install AVX will caught immediate trojan or other....But....i puzzle last time...i install easy creator 5 and upgrade....may cause it....i tried uninstall easy creator....its same problem....i'm sick of this.....Its done....I did Trojan remover last version scan all registy, autoexec.bat, startup, system.ini, win.ini, active setup, vxd entries, service files, almost everything...its fine...but i dont know why......my cdrw still eject so....Best way....re formart.

    Thank you for try help me.
     
  8. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    Trojan Remover Found one But it s still scan

    Take lookg screenshot But i Delete immediate that File Trojan.

    [​IMG]
     
  9. speedrayo

    speedrayo OSNN Addict

    Messages:
    87
    above one found it.....its done 100% scanner but i rather format because...some weird of xp like missing icon from autoplay from zip 250 usb....thats why....