Author Topic: Need Help removing siszyd32.exe and sr882388.exe et al  (Read 29290 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #45 on: January 07, 2010, 11:06:52 PM »
Are you using wordpad or notepad for this ?

Could you zip it and attach it to see if that helps

gitarslinger

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #46 on: January 07, 2010, 11:10:04 PM »
trying from a different computer. 

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #47 on: January 07, 2010, 11:13:21 PM »
Seems to have formating in it - could you re-run or use a different version

  • Download OTL to your Desktop
  • Double click on the OTL icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and paste them into your reply.

gitarslinger

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #48 on: January 07, 2010, 11:22:06 PM »
Ah, now the forum is acting up.  Told me I'd already posted my note after giving me trouble about the file sizes, but there's no post there.  Here's me trying again.

I've resaved the file as ots 3a.txt.  I created a zip file and saved it as ots 3a.log.  I resaved it again as ANSI instead of unicode as ots 3b.txt.  The latter two should be attached to this email.

gitarslinger

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #49 on: January 07, 2010, 11:24:22 PM »
OK, looks like both came through uncorrupted.  Thank goodness.

I'm off to a belated Christmas gathering for which I'm about to be late.  I'll look at your latest posts when I return this evening.  Thanks again so much for all your help and hard work. 

Jim

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #50 on: January 07, 2010, 11:27:52 PM »
OK the last one worked - it must have been the coding and all looked clear

Run OTS again and hit the cleanup button that will remove all my tools except AVZ, for that just delete the folder

Enjoy the party I am now off to bed  ;D

gitarslinger

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #51 on: January 08, 2010, 06:42:50 AM »
Great news.  Now what can I do for you?  I owe you.

Jim

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #52 on: January 08, 2010, 07:43:25 PM »
Would you happen to know an 18 year old blonde who owns a brewery  ;D

gitarslinger

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #53 on: January 09, 2010, 12:55:35 AM »
Would you happen to know an 18 year old blonde who owns a brewery  ;D

Yeah, but he's ugly.   ;)

Jim

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #54 on: January 09, 2010, 03:08:05 AM »
What was TM doing when you got hacked?

Ostensibly, its job.  It detected the initial trojan and claimed to have quarantined it, but I found it running as a process immediately thereafter along with sr882388.exe.  It asked me if I wanted to allow sr882388.exe to access the internet, and I of course blocked it, but that didn't stop it running.  Nor, apparently, was it able to stop it or something else from accessing the internet, considering my email account was successfully stolen.   

It was also updating daily and scanning twice weekly.  It found nothing on a scan immediately after the incident, of course. I found siszyd32.exe myself in msconfig when I was trying to figure out what all had gone wrong.  I'm assuming it hit a few months ago when TM "quarantined" another trojan.  In that case, I failed to look further.  I'm not sure what siszyd32 accomplished, but it's apparent both left TM scratching its *** in midfield.

Jim

I have come across OEM Vista + TrendMicro in laptops quite often over the last few years. I have yet to see any failing in this combo, so I still recommend TM to people. I have a few quibbles that I wont bring them up here as they're more to do with features rather than failings.

I am always tempted to clean TM off these systems and replace with avast, but for the time being I dont push the point.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline Chris Thomas

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1936
  • Christian Geek - aka 'born again' Geek
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #55 on: January 09, 2010, 08:48:37 AM »
Hey

Why don't u install Prevx and do a scan?

http://www.prevx.com/

It is free for scanning and detection but not removal

Atleast, you will know, what all are there infected

Then you can make a plan B

Avastfan1

  • Guest
Re: Need Help removing siszyd32.exe and sr882388.exe et al
« Reply #56 on: January 26, 2010, 10:28:31 PM »
Hi Gitarslinger,

Glad to see you solved the problem. For health reasons I have not been as active on the forum over the last month. Hence I did not reply to your earlier post.

Best wishes,

Avastfan1