My 3 logs - Finished the 8 steps for sagispul virus

[danccc]

what is mbam and sas, im not familiar at all. ive been infected with this virus too and found a link to a thead here off google search, so signed up. have used hijack this in the past. here is log.

 

[rev_olie]

MBAM is an acronym for Malwarebytes anti malware

SAS is an acronym for Super Anti Spyware.

Both of these should be run and the logs posted ALONG WITH the Hijackthis log as rf6647 said above. Its just make our job easier but again SAGIPSUL is usually dealt with by following the 8 step removal process.

 

[danccc]

thanks, i cant download sas from the 8 step link thread above. says failed to connect, temporary error? on the malw anti-m, ive run it twice and my computer was bombarded with popups and froze and had to restart. im sitting here now waiting for the scan to end, generally how long do these scans take? (since it seems i have to manually close every pop up that appears). its on 30 minutes and still on my c drive

 

[rf6647]

danccc

We try to establish a unique thread for each member. While you struggle with the infection, here is some info.

• Without supporting logs, anything caught by HJT is used to suggest changes.
• However, the MBAM and/or SAS logs will improve diagnosis of this thrreat.
  
  
• Scan with HJT. Tick & Fix. Restart the computer.

O3 - Toolbar: test - {5F1B5857-818C-11DB-AED8-001485F68029} - C:\Program Files\Default Company Name\SBRToolbar\test.dll
O4 - HKLM\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKCU\..\Run: [prunnet] "C:\WINDOWS\system32\prunnet.exe"
O4 - HKLM\..\Run: [78a791a1] rundll32.exe "C:\WINDOWS\system32\uhhhnixb.dll",b
O4 - HKLM\..\Run: [Ryigebevamikum] rundll32.exe "C:\WINDOWS\Efizi.dll",e
O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msiexec.exe] msiconf.exe (User 'Default user')
O4 - S-1-5-18 Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')

If the HJT scan catches things not cleaned by MBAM & SAS, this type of information will lead to adapting to changes.



Other Considerations
Sagipsul malware may be extending the runtimes for MBAB. Please try to disconnect from the Internet while scanning with MBAB.

 

[danccc]

here are my 3 logs from hj, mbam, and sas

says i cant attach the hj long b/c i already attached it in another thread: "sagispul spyware".

 

[rf6647]

Thanks to KImsland for moving things to straighten this out.

• Your logs show found but unanswered items - React to unanswered items appearing in MBAM scan logs
  • 'Delete on Reboot’ - Restart the computer after concluding the scan

• Update MBAM
  
• Re-run scans with MBAM & SAS.
  • Repeat scans until clean or finding something that cannot be cleaned
• Restart the computer.
  
• Scan with HJT,
  
• Post logs & inform of progress and changes.

Note: Naming HJT log with a sequence number satisfies the check for posting redundant files.