siszyd32.exe

[slovene59]

I have the same situation and solved today very easy. Just install freefixer from net, install it, and whwn finished, check the syszyd32 at startup column. Tis syzyd32 is a somekind of virus and produce 100% usage CPU on svchost.exe .
It works at me !

[gitarslinger]

Add me to the list of people needing to get rid of this.  This, and sr882388, and powerreg scheduler, and a likely problem with a bad services.exe file.  I've posted the details at http://forum.avast.com/index.php?topic=53063.0

Yep, I posted it in the general forum by mistake.  Chalk it up to newbie exuberance.

Can anyone help me get this junk off my computer?  I'd be well and truly grateful.

Regards,
Jim

[gitarslinger]

Essexboy,

Might I appeal to you directly to have a look at my issues with siszyd32 and sr882388?  Some folks are having a go, and I've taken most of the suggested steps, but I have noticed myself and another has mentioned that you seem to have a knack with this particular set of nasties.  I would be grateful for any help you could offer.

The thread is http://forum.avast.com/index.php?topic=53063.0

Thanks much in advance.

Jim

[essexboy]

Got it and replied in the original thread 

[digitalxni]

@Essexboy: If you could take a look at my thread on siszyd32, I'd be most grateful!

http://forum.avast.com/index.php?topic=52978

Thanks!

[shawnywind]

Essexboy, I'd also appreciate it if you could help me out with my siszyd32 issue.

I've got a separate thread here:

http://forum.avast.com/index.php?topic=53190.0

I'd really appreciate your help since I'm completely in dark on this matter.

[essexboy]

Answered

[Fraster]

Hi there.
This is the first virus I've not been able to get rid of myself, and so is the first time I have used a forum for support on such an issue.
if you could help me out here Essexboy, I would be eternally grateful. Im not sure if I need this combofix.exe? But Ive downloaded OTS and scanned as you required previously. I have attached the result here.

As regards to the virus, It is exactly the same as everyone else here it seems. SVChost hogging all the resorces, siszyd32 runs at startup and cant be disabled.

http://www.mediafire.com/?ytmyocammne

Hope this works..  Thanks a bunch!

[essexboy]

Part of the problem may be this    ophcrack-vista-livecd-2.3.1.iso a good vehicle for viruses and malware.  Also I find Avast better than AVG 

Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

Code: [Select]

[Unregister Dlls]
[Modules - Safe List]
YY -> urixugesavadebib.dll -> C:\Users\Fraser\AppData\Local\urixugesavadebib.dll
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {8504a8af-5a60-90ff-aaae-5e26ef0a86c6} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> "Qrofejogumajapi" -> C:\Users\Fraser\AppData\Local\urixugesavadebib.DLL [rundll32.exe "C:\Users\Fraser\AppData\Local\urixugesavadebib.dll",Startup]
[Files/Folders - Created Within 30 Days]
NY ->  HotbarSA -> C:\ProgramData\HotbarSA
NY ->  2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp
NY ->  2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp
[Files/Folders - Modified Within 30 Days]
NY ->  Rcusokarade.dat -> C:\Users\Fraser\AppData\Local\Rcusokarade.dat
NY ->  Jgudiqusoletu.bin -> C:\Users\Fraser\AppData\Local\Jgudiqusoletu.bin
NY ->  fvgqad.dat -> C:\Users\Fraser\AppData\Roaming\fvgqad.dat
NY ->  avdrn.dat -> C:\Users\Fraser\AppData\Roaming\avdrn.dat
NY ->  zm-w_WijtWsa.exe -> C:\Windows\System32\zm-w_WijtWsa.exe
NY ->  MWC-1D6zKsNM.dll -> C:\Windows\System32\MWC-1D6zKsNM.dll
NY ->  2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp
NY ->  2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp
[Files - No Company Name]
NY ->  siszyd32.exe -> C:\Users\Fraser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\siszyd32.exe
NY ->  Rcusokarade.dat -> C:\Users\Fraser\AppData\Local\Rcusokarade.dat
NY ->  Jgudiqusoletu.bin -> C:\Users\Fraser\AppData\Local\Jgudiqusoletu.bin
NY ->  fvgqad.dat -> C:\Users\Fraser\AppData\Roaming\fvgqad.dat
NY ->  avdrn.dat -> C:\Users\Fraser\AppData\Roaming\avdrn.dat
NY ->  sysfolderazipcnt.dll -> C:\Windows\System32\sysfolderazipcnt.dll
NY ->  azipcontmn.dll -> C:\Windows\System32\azipcontmn.dll
[Empty Temp Folders]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new OTS log.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

[Fraster]

Thank you my good man. You sir, are a genius!
You deserve a knighthood or something  
Its a rare person who gives up his valuable time to help others.

This fix has stopped the siszyd32 running at start up, which is great.
Here is the log you requested. If anything comes up again, il post back here, but its looks good!
I think I'll give this boy a couple more months, back up my data and reinstall windows anyway, Its got a lot of junk on it.

Anyway. thanks again.

Fraster

[essexboy]

OK I would now recommend that you run MBAM to see if I missed anything

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

[Fraster]

Did that, ta.
Seemed to remove a bunch of adware, but nothing too serious.

Heres the log.

Thanks again

[markvonneumann]

Hi essexboy

here goes my siszyd32 thread :
http://forum.avast.com/index.php?topic=53322.0

Thanks for the help.
Mark

[essexboy]

 @Fraster  If you could now run OTS and hit the cleanup button my tools will disappear

@markvonneumann looking

[deki79ns]

Hi essexboy.

Just like many others I have this annoying siszyd32 problem. I did the Malwarebytes' Anti-Malware scan since I heard it now is able to fix this proble. But since I'm not sure it actually is able to help me deal with this issue I also did OTS scan and I'm posting the scan log here as well as on the separate thread and I beg for your help.

Separate thread is here:
http://forum.avast.com/index.php?topic=53483.0

Thanks!