Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Certainly Infected

  • Please log in to reply
No replies to this topic

#1 oooh_yea_ok


  • Members
  • 1 posts
  • Local time:01:10 AM

Posted 16 August 2008 - 02:43 PM

Live Onecare has given two messages of Trojan Downloader. The First one it said it quarantined. The second, Win32/small.IQ, it said it removed. OneCare will not open so I can't see the quarantine folder, I guess. Onecare would not close and the 'report problem to Microsoft' dialog said that WinSSUI.exe would not close properly.

I have gotten dialogs saying program sysvxd.exe is doing wrong. I don't have the message, now. I think it involved ntvdm and 16 bit...

I googled sysvxd and found a bleeping computer post. I printed 'how to use combofix' and started down that instruction. When checking my system version using sysdm.cpl, this url showed in the run list upon typing the 's': sunsource.net/TUPPCP.HTML. I don't recognize it.

It may not be important but I'll mention that when I first saw the dialog saying sysvxd.exe was at doing wrong I tried moving that vile to a folder I made within WINNT called hidebug. I just searched again and the file is also back in WINNT.

I ran hijackthis and can't make any sense of the log files, of coarse. Please Help! ?

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users