Anybody heard of siszyd32.exe?

@forptc (287)
Philippines
December 11, 2009 6:34pm CST
Okay, so the computer I'm using here at home has been running quite smoothly for long now but suddenly, just last Saturday, it suddenly turned turtle and totally slowed down. I checked what was making it respond so slowly. The hard disk was not busy so I turned on the task manager and voila, there was one process shooting up the CPU usage between 95-100% making it difficult for other applications to load and run. It was a svchost.exe. I tried checking which applications are attached to it and there was DComLaunch and Termservices. I tried to kill the operation but a shutdown screen showed up and restarted the computer after 60 seconds. I was up all night last night just trying to figure out what made these operations hog so much CPU activity but I was strongly suspecting a malware doing the work. I've downloaded and installed Spyware Doctor, Malwarebytes and various anti-spyware software then scanned the PC but to no avail. I also ran a scan using my installed antivirus (with updated add-ons and definitions) but still did not show anything substantial. So the PC was running very slow for the rest of the week. The only temporary solution I could come up with is running applications then setting CPU priority to higher than normal so they could run well. Note: the CPU priority for a svchost running DComLaunch and TermServices could not be set; access is denied. Now I searched online for a better solution but there wasn't an answer I could find that could really fix the problem. The nearest I found was a thread about using HiJackThis (HJT) which is a software that doesn't really clean your PC of spyware and malware but detects suspicious files and registry entries. I meant "suspicious" because it still shows valid entries so there's not much to work on. But then I saw one suspicious file that displayed and it was siszyd32.exe so I searched it and I got a glaring "SISZYD32.EXE IS MALWARE AND IS DANGEROUS! DELETE IT IMMEDIATELY WHEN FOUND!". Quite a surprise, so I tried to fix it using HJT (I took a snapshot of the registry before that, by the way, just to make sure) and guess what: IT WORKED! I was thinking of disabling DComLaunch and TermServices from the startup even if it meant risking my PC's security for faster and smoother operation but it definitely worked! Thank goodness I solved the problem, I was even thinking of formatting the disk and reinstalling the operating system.At least by now, the PC's clean and I know what to look for the next time. So if ever you experience something like this (CPU running at 100% due to a svchost.exe operation running DComLaunch and TermServices), a good solution is sniffing out SISZYD32.EXE and taking it out of your system IMMEDIATELY. There may still be other causes out there and I'm sure to sniff it out soon if ever something like that happens to me again. And, of course, I'll be sharing it to everyone who needs it (the solution, I mean, and not the malware. )
4 responses
• India
12 Dec 09
My computer was infected by siszy32.exe.HijackThis was n't able to remove siszyd32.exe from my system. But thanks for sharing your investigation. This helped a lot. I killed the malicious svchost.exe from Task Manager and while it waited 1 minute to shutdown, I removed siszyd32.exe from msconfig startup menu. This seem to have worked at least for now.
@aerous (13434)
• Philippines
12 Dec 09
I never heard and encounter that kind of malware, my friend...
@kaylachan (69676)
• Daytona Beach, Florida
12 Dec 09
Thanks for the tip. I've been lucky enough not to run into any problem like that. My computer runs very fast and loads quite well. though I'm glad to hear you've resolved the problem on your own. maleware is good, but its not perfect. Maybe if your virous program allows it report this as a threat so an update can be made for it.
• India
12 Dec 09
My computer was infected by siszy32.exe. HijackThis was n't able to remove siszyd32.exe from my system. I had svchost.exe hogging my CPU 25% even after removing the infection using hiJackThis But thanks for sharing your information. I killed the malicious svchost.exe and while it waited 1 minute to shutdown, I removed siszyd32.exe from msconfig startup menu. This seemed to have worked.