« previous next »
Pages: [1]   Go Down

Author Topic: Yet another siszyd32 infection  (Read 3533 times)

0 Members and 1 Guest are viewing this topic.

markvonneumann

  • Guest
Yet another siszyd32 infection
« on: January 12, 2010, 05:23:10 AM »
Here is the OTS log as essexboy requested :
http://www.mediafire.com/?qknfzytdmoc

I'd appreciate any help you can give with this bugger. Have never got so nasty a thing as this one.

Cheers.
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Yet another siszyd32 infection
« Reply #1 on: January 12, 2010, 08:38:16 PM »
Here you go

Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

Code: [Select]
[Unregister Dlls]
[Registry - Safe List]
< SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
YN -> "{A3717295-941D-416F-9384-ED1736729F1C}" [HKLM] -> Reg Error: Key error. [scpLIB]
[Files/Folders - Created Within 30 Days]
NY ->  8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY ->  4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  1 C:\*.tmp files -> C:\*.tmp
[Files/Folders - Modified Within 30 Days]
NY ->  xpvmctx.sys -> C:\WINDOWS\System32\drivers\xpvmctx.sys
NY ->  fjhdyfhsn.bat -> C:\WINDOWS\System32\fjhdyfhsn.bat
NY ->  avdrn.dat -> C:\Documents and Settings\Ingrid Treml Neumann\Dados de aplicativos\avdrn.dat
NY ->  8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY ->  4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp
NY ->  1 C:\*.tmp files -> C:\*.tmp
[Files - No Company Name]
NY ->  xpvmctx.sys -> C:\WINDOWS\System32\drivers\xpvmctx.sys
NY ->  fjhdyfhsn.bat -> C:\WINDOWS\System32\fjhdyfhsn.bat
NY ->  avdrn.dat -> C:\Documents and Settings\Ingrid Treml Neumann\Dados de aplicativos\avdrn.dat
[Empty Temp Folders]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new OTS log.

I will review the information when it comes back in.

THEN

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.
Logged
Pages: [1]   Go Up
« previous next »