Author Topic: Siszyd32.exe help  (Read 7935 times)

0 Members and 1 Guest are viewing this topic.

deki79ns

  • Guest
Siszyd32.exe help
« on: January 16, 2010, 12:16:52 PM »
Here is the same log I posted on "main" topic and I hope I will get some help. Thanks

Original post:

Re: siszyd32.exe
« Reply #59 on: Today at 10:18:27 AM »
   Reply with quoteQuote Modify messageModify
Hi essexboy.

Just like many others I have this annoying siszyd32 problem. I did the Malwarebytes' Anti-Malware scan since I heard it now is able to fix this proble. But since I'm not sure it actually is able to help me deal with this issue I also did OTS scan and I'm posting the scan log here as well as on the separate thread and I beg for your help.

Separate thread is here:
http://forum.avast.com/index.php?topic=53483.0

Thanks!
« Last Edit: January 16, 2010, 12:20:44 PM by deki79ns »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37698
Re: Siszyd32.exe help
« Reply #1 on: January 16, 2010, 03:54:04 PM »
can you post the Malwarebytes scan log?

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #2 on: January 16, 2010, 04:00:10 PM »
Sure! Here's the one after the scan.

Thanks

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #3 on: January 16, 2010, 04:03:17 PM »
And another one after I did what was recomended action - deletion

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #4 on: January 16, 2010, 04:03:51 PM »
Oops! Log too

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37698
Re: Siszyd32.exe help
« Reply #5 on: January 16, 2010, 04:08:46 PM »
can you do a quick scan now to see if it is clean, and post the log?   i will send a PM to Essexboy and he will look at your OTS log
« Last Edit: January 16, 2010, 05:32:30 PM by Pondus »

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #6 on: January 16, 2010, 04:13:41 PM »
Sure! Just a minute. Scanning it now

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #7 on: January 16, 2010, 04:17:28 PM »
And here's the quick scan log.

Thanks so much in advance

micky77

  • Guest
Re: Siszyd32.exe help
« Reply #8 on: January 16, 2010, 04:43:55 PM »
Hi there, just been looking at  your OTS log, this tool is new to me. Can you see any of these *.tmp files

C:\WINDOWS\System32\*.tmp

C:\WINDOWS\Temp\*.tmp

C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp files

C:\WINDOWS\*.tmp

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #9 on: January 16, 2010, 05:01:04 PM »
I have these:

in WINDOWS\ I have:
set3.tmp
set4.tmp
set8.tmp

in WINDOWS\temp\ I have:
~TM3A.tmp
~TMD.tmp
~TME.tmp
~TMF.tmp
37cc7d894ad7ab763b46897e.tmp

in WINDOWS\System32\ there are these:
tmp81.tmp
tmp82.tmp
CONFIG.TMP

and in C:\Documents and Settings\xp pro\Local Settings\Temp\ there are 291 with *.tmp extension


micky77

  • Guest
Re: Siszyd32.exe help
« Reply #10 on: January 16, 2010, 05:19:13 PM »
Its just the ones with *.tmp extension. They look like malware. Anyway,if Pondus has PM'd Essexboy, he will get to you.Please be patient, he is in high demand  :)

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #11 on: January 16, 2010, 05:26:14 PM »
Sure! Thanks for all your help guys. You are great!

Thanks a lot really

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Siszyd32.exe help
« Reply #12 on: January 16, 2010, 07:50:05 PM »
Not to bad by the looks of it, again MBAM killed the majority

Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

Code: [Select]
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2052111302-220523388-1801674531-1003\] > -> HKEY_USERS\S-1-5-21-2052111302-220523388-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
YY -> "C:\WINDOWS\Temp\~TM3A.tmp" -> C:\WINDOWS\Temp\~TM3A.tmp [C:\WINDOWS\Temp\~TM3A.tmp:*:Enabled:services]
YY -> "C:\WINDOWS\Temp\~TMD.tmp" -> C:\WINDOWS\Temp\~TMD.tmp [C:\WINDOWS\Temp\~TMD.tmp:*:Disabled:~TMD]
YY -> "C:\WINDOWS\Temp\~TME.tmp" -> C:\WINDOWS\Temp\~TME.tmp [C:\WINDOWS\Temp\~TME.tmp:*:Enabled:services]
YY -> "C:\WINDOWS\Temp\~TMF.tmp" -> C:\WINDOWS\Temp\~TMF.tmp [C:\WINDOWS\Temp\~TMF.tmp:*:Disabled:~TMF]
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{268e8196-337a-11de-bb9d-001fd0574ed6}\Shell\AutoRun\command ->
YN -> \{268e8196-337a-11de-bb9d-001fd0574ed6}\Shell\AutoRun\command\\"" -> [RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\plzrunmezz.exe]
YN -> \{268e8196-337a-11de-bb9d-001fd0574ed6} ->
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{268e8196-337a-11de-bb9d-001fd0574ed6}\Shell\open\command ->
YN -> \{268e8196-337a-11de-bb9d-001fd0574ed6}\Shell\open\command\\"" -> [RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\plzrunmezz.exe]
YN -> \{2faed740-8c76-11dd-ba79-001fd0574ed6} ->
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2faed740-8c76-11dd-ba79-001fd0574ed6}\Shell\AutoRun\command ->
YN -> \{2faed740-8c76-11dd-ba79-001fd0574ed6}\Shell\AutoRun\command\\"" -> [RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe]
YN -> \{2faed740-8c76-11dd-ba79-001fd0574ed6} ->
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2faed740-8c76-11dd-ba79-001fd0574ed6}\Shell\open\command ->
YN -> \{2faed740-8c76-11dd-ba79-001fd0574ed6}\Shell\open\command\\"" -> [RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe]
[Files/Folders - Created Within 30 Days]
NY ->  7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
[Files/Folders - Modified Within 30 Days]
NY ->  prvlcl.dat -> C:\Documents and Settings\xp pro\Local Settings\Application Data\prvlcl.dat
NY ->  wincmd.ini -> C:\WINDOWS\wincmd.ini
NY ->  97 C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp
NY ->  97 C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp
NY ->  97 C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\xp pro\Local Settings\Temp\*.tmp
NY ->  7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp
NY ->  3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp
NY ->  17 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp
[Files - No Company Name]
NY ->  wincmd.ini -> C:\WINDOWS\wincmd.ini
[Custom Scans]
NY ->  3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp
[Empty Temp Folders]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

deki79ns

  • Guest
Re: Siszyd32.exe help
« Reply #13 on: January 16, 2010, 08:04:14 PM »
OK,

I just ran the OTS and pasted the code you gave me. After it finished fixing, it asked me to reboot to complete cleaning. After that was done I got the notepad log which I'm posting now.

Please after you review it let me know if everything went the way it should.

One more time, thanks a lot. You good people probably saved me a lot of trouble.

That will not be forgotten  :)


Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Siszyd32.exe help
« Reply #14 on: January 16, 2010, 08:36:06 PM »
Looks good and cleared a bit of rubbish from your system
Quote
Total Files Cleaned = 4,422.00 mb
Run OTS and hit the cleanup button and it will disappear - enjoy