Posted on 12/14/2009 12:05:45 PM PST by Lady Jag
First thing is I’ll thank everyone who was kind enough to help try to figure it out.
Is it #1 because other people are searching for it?
All kinds of good reasons to be in the BIOS....like allowing USB boots.
Will you lose anything valuable by reformatting and reloading the operating system?
SISZYD32.exe is a rootkit... much more harmful than your standard Trojan. It’s the reason why your antivirus didn’t catch it in the first place. If in fact you have this rootkit, then a lot of your Windows system files have been overwritten, which is how it remains in your system despite attempting to clean it up. It’s going to be a tough process, but try the resolution given in the Avast forums. Rootkits can’t be quickly removed like virii or trojans.
http://forum.avast.com/index.php?PHPSESSID=d56f2b6f315d12b523b4ba3de4a8e0f1&topic=52134.15
How did you get it if you only browsed FR? Did you read any articles posted on external sites? Some of these can easily be hidden in java/adobe pdf addons for IE and even Firefox. It only takes one.
I was just on Knoppix site looking to see if they had a boot CD.
There are ways for the Badguys to slip bad stuff onto good Sites....to cause infections...Michelle should be alerted.
Pull the drive and slave it. The more you turn the infected machine on the worse it will get.
However, that being said, I seriously doubt it is a virus stopping you from booting up. The virus has to live in an environment. The OS is the environment. Not being able to get through BIOS to the OS is not a functionality of any virus that I have dealt with. I don’t even know how I would start to get that to work (unless the virus had a built in BIOS flash functionality that would trigger if a base dll in it’s structure was scanned... hmmm....)
Chernobyl perhaps, but have you considered the possibility that you're having some sort of hardware failure along with your virus problem?
IIRC, Chernobyl would re-write the firmware of a computer, but it relied on a certain chipset existing in the targeted machine.
How old is the computer?
The Rise of Rootkit-Based Malware: Why anti-spyware and anti-virus software is no longer enough
It took care of the dll right off and led me disable siszyd32.
Somehow siszyd32 kept re-enabling itself and I knew that because Win Patrol Plus (Scottie) kept asking me if I would allow siszyd32 access my computer, repeatedly I said no.
That's when I began running other utilities, anti-virus, anti-malware, registry cleaner, everything got blocked in progress, usually when its process was coming to an end. Some had also detected the virus but the virus terminated them before action could be taken.
bump
As soon as the machine boots up, go to “Start/Run” and type “msconfig”.
On the “General” tab, select “Selective Startup” then unselect “Load Startup Items”, or just to be thorough, go to the “Startup” tab and deselect everything. But do note any startup items that have random letters in their names, that is usually a clue that is a rogue program.
Rootkits are nasty buggers than can actually get into your firmware and/or boot loader. They don’t need to thrive in the OS itself. In fact, there are some rootkits out there that can embed themselves in the hardware and survive even if you swap out a new hard drive and start from scratch.
Trlokom's flagship product, SpyWall, addresses the rootkit and keylogger problem by providing IT with the ability to detect, prevent and remove them. In fact, Trlokom is the only vendor that has a dedicated rootkit and keylogger scanner included in its anti-malware product.
Even if you had one, you might need Ubuntu or some other Unix variant, because DOS does not read NTFS, only FAT32.
Sophos and AVG have [free] rootkit removers.
I’ve never had to use them, but I do have them on my computer.
I'm of the opinion that that is the only course of action once you've confirmed your system has been compromised. Once you confirm that you have malware working on your system, you can never truly be sure of what its done. Sure you might have cleaned the noisy virus or trojan that got your attention, but you can never really know what else it brought in and installed before you neutralized it. Root kits can be hell to detect once installed. Heck, you can't even be sure you got the virus you found since the determination of whether its on your system is limited to what the scanner or cleaners coders know the virus looks like on the day they wrote the definition. Some malware even goes after your Windows restore point.
No, format and reinstall is the only way to go once an infestation is confirmed. No doubt its a hassle, but its easier than having an undetected root kit.
Was just wondering if a virus could contribute to a hardware failure.
Otherwise, wouldn’t it be a tremendous coincidence to have occurred at the same time? Unless I mucked up a reboot?
This is when I wish I knew more. Times like this are reminders that I’m not as good as I think.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.