Posted on 12/14/2009 12:05:45 PM PST by Lady Jag
SISZYD32.exe has possibly killed my FR computer.
Yesterday it hit suddenly despite the anti-virus and other utilities I run to protect against such stuff.
The victim computer is one I only use for FR and the sites it cites. That is the only clue I have to offer as to where it came from. I run several computers off a network and my FR computer is the only victim.
This is the worst I have ever encountered and a search for it shows that it is very dangerous and it showed up only about a week ago (AFAICT).
From years of experience I knew what to do yet the virus blocked every action, not even allowing startup in safe mode.
MalwarBytes, Spyware Doctor, SpyHunter and another one or two I tried to run were able to find it yet were blocked and defeated by siszyd32.exe.
This is day 2 and the computer boots with a black screen.
WARNING! Update all your protection software including registry cleaner, et al.
HELP! Can anybody help me get my FR black screen computer back?
Like you I try to do most of the little things...when I have time.
But these monstrous invasions of my privacy enrage me...to the point I become a whimpering fool begging the techs to help and let me pay them outrageous fees ;)
It’s a 9 yo Dell that won’t take more than 500 megs.
The C: drive has only software on it except for mail.
All other files are on another, external, drive which I turned off immediately on finding the virus.
As somebody recently noted, this is a rootkit. It's going to be a significant exercise to get it completely cleared out. Failing that, you can use the Knoppix session as a means to access your data and back it up before reloading Windows.
I had a really bad Windows virus in 2003. It embedded itself into the firmware on the motherboard. I had to dedicate the machine to being a Linux host as the virus would go active if a Windows OS was available. I lost the use of a $1500 custom built Windows machine.
Combo Fix looks good.
You didn’t try reflashing the BIOS?
It seems to be for Vista only.
I have XP.
“Virus victims should be allowed to be firing squad for the perp.”
Only after Darksheare tortures them first.
After that, i'd install a Linux distribution on the machine, dual boot. You don't have to USE it if you're not comfortable with it, but i'll let you know a little secret:
AVG antivirus has a Linux version. You can run it out of linux, and scan your WINDOWS partition.
i've been running OpenSuSE 11.1 on this old 2005 HP Pavilion since it came out. i don't need or miss Windows. Be advised though, Linux is NOT Windows . It's not better or worse, but it IS different. There is a learning curve. These days i wouldn't go on line with Windows. The next virus found in the wild that affects Linux will be the first one.
It may be time to junk it and replace it, since your data is on a separate disk.
Tigerdirect.com has many desktop and laptop computers at relatively cheap prices.
If you just do email and FR, you might look at some of their older models or refurbs.
Your problem is precisely why I often won’t click on a link. Just because someone here posts a link doesn’t mean it’s not laden with malware.
What can I say, it was cheap and it smoked.
Disclaimer: I'm a Linux guy. Used to be a MS guy starting with DOS 1.0 back in the day. I've worked with a variety of different systems though.
That said, I gave up on MS back around the time XP was coming on line. I'd already been soured back with Win95 and their IE integration and ActiveX security nightmare. Security wise, MS seems to look at it as an afterthought. Totally disregarding all the lesson learned from a multitude of platforms and environments dating back to to the first multi-user systems.
Ideally, virus removal would be best accomplished via a boot CD with a known clean and up to date virus software and definition file. The problem with working directly from an infected system, would be like trying to develop a human vaccine in a compromised room. You also have to consider that virus authors are getting more sophisticated, and are taking countermeasures into account.
Now that is the ideal scenario. More often than not, you are left using your infected system to clean your infected system. And while the right software can do the job, you'll still be left with that nagging doubt as to whether you got it all or not. Just like excising cancer from your body.
Something you can do with a computer that you can't do with, well, YOU - is wipe the system and start from scratch. Or as I like to say, stealing a line from the movie Aliens: "Let take off and nuke the site from orbit; it's the only way to be sure."
And again, ideally, once you feel you've cleaned your system, and you feel you can take your important data off of it? Do so, then take off and nuke the site from orbit. Or as we in the biz like to say: reformat and re-install.
A pain in the @$$ - YOU Betcha! Trust me I know. But given the registery, .dll Hell, and all that, that's the only real way you can ever really be sure.
My organization is so disorganized that if I tried to fix it I’d probably find the black hole that’s sucking my lost stuff away.
No. The machine served ably as my Fedora host until I retired it last year in favor of a quad core Intel machine. It is now running 64-bit Fedora 11. I configured that machine for the purpose of doing functional programming on a multi-core machine (erlang/scala). Unfortunately, my little fire breather is in Pocatello. I'm in San Diego. I'll have it running next week when I go home for Christmas.
The perp, yes, the perp.
My typos are torment enough for normal people.
Darktypocritis again? I remember a few years ago...but that is for another post ;-)
Thanks for pointing out the AVG for Linux. That's a good find.
Now that is living,...I think Idaho would be great living....a little snow is good.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.