Author Topic: siszyd32.exe again  (Read 12093 times)

0 Members and 1 Guest are viewing this topic.

virdi

  • Guest
Re: siszyd32.exe again
« Reply #15 on: January 12, 2010, 04:25:14 AM »
OTS fix failed once again... Here's the repair Log http://www.mediafire.com/?j2nghinmoeu

I scanned it again with your "custom scan" Here's the latest OTS Scan file: http://www.mediafire.com/?yz4tytmm3nn

Thanks!

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: siszyd32.exe again
« Reply #16 on: January 12, 2010, 08:43:42 PM »
Aye, did you follow up with Combofix as that will remove the main rootkit ?

virdi

  • Guest
Re: siszyd32.exe again
« Reply #17 on: January 12, 2010, 08:49:08 PM »
no, i havn't run Combo Fix yet. Should I run CF even if the OTS log says that .sys move failed?

Can you look at the latest OTS log above ans suggest OTS fix script so I can fix using OTS once more and then run CF afterewards.

Thanks!

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: siszyd32.exe again
« Reply #18 on: January 12, 2010, 08:52:07 PM »
No what is happening is that the rootkit is stronger than OTS removal procedures, with CF as long as you allow the download of the recovery console it will then utilise that to kill and remove it.  This is one of the stronger malware tools