• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3806
  • Last Modified:

Possible sysvxd.exe virus


We have client that is getting an error when clicking through a link in Google, the web launches a seperate page
'16 Bit MS DOS Subsystem'

Anyone seen this error before? I am gussing that it is some form of virus?

  • 3
  • 2
2 Solutions
Vishnu KiranCommented:
Hi YellowbusTeam,

The error as you mentioned '16 Bit MS DOS Subsystem' 'C:\WINDOWS\Sysvxd.exe' while opening a link in Google is this seen only for a specific link.

Confirm if user is able to open any other link from google or any link.

If the error is for any link then possible some kind of antispyware ...I would suggest you download and run the HijackThis tool from TrendMicro I have given the link below:


Let me know the update.



That is one of those bogus website that tells you that you have a problem and that you need to buy something to remove it. I would recommend a few things. One stop using internet Explorer and use Mozilla Firefox or something similar to that. When people write spyware exploits they write it for the most commonly used thing and that is...INTERNET EXPLORER!!! So by using an alternative browser you cut out a lot of that stuff. Two make sure windows is up to date. Three run an anti virus program such as AVG ( www.grisoft.com ) or Avira ( www.avira.com ). Four go and download and run something like Spybot Search and Destory ( www.spybot.com ) or go and google trendmicro housecall and run it. Five go check out OpenDNS ( www.opendns.com ). Its a free service and it filters your internet.  Its free and my experience is that there DNS is faster than my ISP.  I would highly recommend it and read into it...its a great service and its FREE!
YellowbusTeamAuthor Commented:
Hi Surfer24,

Attached is the report our client obtained from the trend micro program you sent us the link to. It has found quite alot of entries, is this now something we need to go through and clear up.

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

YellowbusTeamAuthor Commented:
Hi thebrandednetwork,

The client is currently running NOD32 antivirus business addition, but has no spywear software at present.
What the next step to take if these pieses of software didint find anythig, would it be case of searching through the system to find irregular files.
I would run spybot search and destroy ( www.spybot.com ) and/or tendmicro housecall. If you are in a business environment I would strongly recommend looking into openDNS. Its a free service and easy to setup and any type of junk you may be getting it will keep it off. I will serve as an anti spyware server in a sense.
YellowbusTeamAuthor Commented:
Hi folks,
Does anyone no anything about the following files and whether these could be the culprits?

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInit
ialSetup1.0.1.1.cab -?????

She installed this but could get rid now:
O16 - DPF: {96816368-C1E3-414D-A193-63C3CC921990} (MJPEGRender Control) - http://gretnaweddings-anvilhall.remotemanager.co.uk/common/activex/MJPEGRend

As these are two we pulled out of the Trendmicro hijackthis tool.


Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now