Bettingmad
New member
In this thread:
http://forums.spybot.info/showthread.php?t=19261
PSKelley is helping me to try remove some malware and suggested I post in this section because my problem seems new.
Spybot finds WIN32.Delf.uc removes it but it keeps returning.
Adaware finds WIN32.Backdoor.SDBot removes it but it keeps returning.
I use zonealarm and the following files are definitely the ones related to the problem, that at some point have tried to access the internet and been seen in my task list:
Winnt\system32\systs.exe
Winnt\temp\vrt1.tmp
Winnt\temp\vrt2.tmp
Winnt\temp\vrt5.tmp
I have also seen the following recently try to gain internet access but am not 100% sure they are related to my problems and didn't check their location:
syshgxl.exe
sysmqqg.exe
sys2cfm.exe
I had a Win 2000 process running called "tjk8rla0zxexp" which I have stopped but the problems remain.
I have tried a format and re-installing windows 2000 but the problem came back.
The Prevx site mentions that Vrt1.tmp was first seen in October 2007. Their online scan reports my PC is clean.
I have been asked to run the Kaspersky online scan but am unable to do so because with the new W2k install I only have IE5 and the scan needs IE6. I have tried to install IE both from the MS site and via a full download but it fails because it says the software is not digitally signed.
http://forums.spybot.info/showthread.php?t=19261
PSKelley is helping me to try remove some malware and suggested I post in this section because my problem seems new.
Spybot finds WIN32.Delf.uc removes it but it keeps returning.
Adaware finds WIN32.Backdoor.SDBot removes it but it keeps returning.
I use zonealarm and the following files are definitely the ones related to the problem, that at some point have tried to access the internet and been seen in my task list:
Winnt\system32\systs.exe
Winnt\temp\vrt1.tmp
Winnt\temp\vrt2.tmp
Winnt\temp\vrt5.tmp
I have also seen the following recently try to gain internet access but am not 100% sure they are related to my problems and didn't check their location:
syshgxl.exe
sysmqqg.exe
sys2cfm.exe
I had a Win 2000 process running called "tjk8rla0zxexp" which I have stopped but the problems remain.
I have tried a format and re-installing windows 2000 but the problem came back.
The Prevx site mentions that Vrt1.tmp was first seen in October 2007. Their online scan reports my PC is clean.
I have been asked to run the Kaspersky online scan but am unable to do so because with the new W2k install I only have IE5 and the scan needs IE6. I have tried to install IE both from the MS site and via a full download but it fails because it says the software is not digitally signed.