siszyd32.exe - am I free?

[essexboy]

Easier way - run OTS and hit the cleanup button - all gone 

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
  
• On the dialogue box that appears select Create a Restore Point
  
• Click NEXT
  
• Enter a name e.g. Clean
• Click CREATE
  

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  
• In the Drop down box that appears select your main drive e.g. C
• Click OK
  
• The System will do some calculation and the display a dialogue box with TABS
  
• Select the More Options Tab.
  
• At the bottom will be a system restore box with a CLEANUP button click this
  
• Accept the Warning and select OK again, the program will close and you are done
  

[digitalxni]

Ok so just created a new restore point and then ran the OTS clean up and upon reboot explorer crashed and now an instance of svchosts is taking up 50% cpu. erk!

[essexboy]

OK lets run a harder tool

Download avz4.zip from

here
[list=1] 

• Unzip it to your desktop to a folder named avz4
  
• Double click on AVZ.exe to run it.
  
• Run an update by clicking the Auto Update button on the Right of the Log window:
  
• Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again


[list=1]   

• Start AVZ.
• Choose from the menu "File" => "Standard scripts " and mark the "Advanced System Analysis with Malware removal mode enabled " check box.

• Click on the “Execute selected scripts”.
• Automatic scanning, healing and system check will be executed.
• A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
  
• It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
• All applications will work properly after the system restart.

When restarted

[list=1]   

• Start AVZ.
• Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Analysis " check box.

• Click on the "Execute selected scripts".
• A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post or upload to mediafire

[digitalxni]

I have finally returned after a brief excursion and I'm determined to fix this. I've run process explorer and noticed that the svchosts.exe that is taking up 50% at startup is running a windows update process and after a few minutes it stops running and the CPU usage drops back to 0. What I am rather concerned about is the disappearence of some of my hard drive space on C:\. After running all these scans trying to remove the rootkit, the space had dropped by several hundred mb and continues to drop slightly more each day. Even after removing temp files I can't seem to restore it back to what is previously was. Could I still be infected?

[essexboy]

OK run OTS and hit the cleanup button - that will remove the tools

Then

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
  
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

THEN

Download and run Auslogics Disc Defragmenter

If you still have a space problem we will investigate that