TechSpot

Posting Step 8 logs for Sagipsul infection

By jnz
Dec 30, 2008
  1. Hi, it seems I have been infected with the dreaded Sagipsul virus.

    Following the steps you have provided, I have been able to stop the pop-ups but I am still worried my cpu is still at threat.

    Any help/assistance for "HijackThis" would be greatly appreciated.

    Thanks in advance.
     

    Attached Files:

  2. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    checking your logs

    WOLF
     
  3. Drowsiness

    Drowsiness TS Rookie Posts: 41

    Ewww... you touched Vundo! ;)

    Wolf will explain to you, I am sure, that you will need to take various steps to get rid of it.

    Good luck!
     
  4. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    Right Click on MyComputer icon and go to properties
    Turn Off system restore
    open IE and go to TOOLS OPTIONS delete temporary internet files and cookies
    do a disk cleanup in your Start/accessories/system tools/ Menu

    Download VUNDO
    and save it to your desktop

    Double-click VundoFix.exe to run it.
    Click the Scan for Vundo button.
    Once it's done scanning, click the Remove Vundo button.
    You will receive a prompt asking if you want to remove the files,
    click YES
    Once you click yes, your desktop will go blank as it starts removing
    Vundo.
    When completed, it will prompt that it will reboot your computer,
    Click ok

    After the reboot
    download malwarebytes www.malwarebytes.org and install
    run hijackthis and malwarebytes at the same time
    select any files and or keys in the attachment I posted but on both maiwarebytes and hijackthis click fix at the same time.
    then reboot immediatly.
    if you forget to turn off system restore it will return no matter

    reboot once complete, run hijack this and post your log here again
     

    Attached Files:

  5. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    Thanks for the VOTE of confidence Drowsiness
     
  6. Drowsiness

    Drowsiness TS Rookie Posts: 41

    Hey, hehe... I had Vundo in my system once. Man, it was a pain to get rid of at the time (not much detected/removed it) so I just formatted my drive and started fresh.

    However, it's easy to remove now with the steps you have posted (which is essentially the same thing I tell people) and things should be proper after. :)
     
  7. jnz

    jnz TS Rookie Topic Starter

    Thanks for your prompt replies.

    Vundofix could not find any infected files, I assume this is because they were deleted by malwarebytes after the reboot, as it suggests in the log file.

    Should I still continue with your instruction to run hijackthis and malwarebytes and fix at the same time?

    Please advise.
     
  8. jnz

    jnz TS Rookie Topic Starter

    I would also add: I do not use IE as my primary browser, I use firefox.
     
  9. Drowsiness

    Drowsiness TS Rookie Posts: 41

    I know this isn't my thread, sorry if I am intruding.

    I would follow ALL of his steps, to the letter, to be absolutely positive that you are clean. Also, it is good that you use Firefox as your primary browser. But, do you use the NoScript add-on? It will save you many headaches.
     
  10. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    system uses IE settings
    yes please continue with Malwarebytes and Hyjackthis, then post the log file
     
  11. jnz

    jnz TS Rookie Topic Starter

    I'm not quite sure what you mean?

    I've already run Malwarebytes and removed the infected items as part of the original 8 step program, I have attached the log file from it in the first post. When I run it again, nothing is found so I can't possibly click fix at the same time as HijackThis, as there is nothing there to fix.

    Should I still go ahead and fix the checked items in HijackThis?
     
  12. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    Sorry but the 8 step did not clean it
    I read the log and posted the clean procedure according to your Hijackthis file.

    As i read your file you are still infected and will need to follow the steps carefully.

    Wolf
     
  13. jnz

    jnz TS Rookie Topic Starter

    Ok sorry, so how should I go about this step...

    When malwarebytes cannot find any malicious files to "fix"?
     
  14. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    post your hijackthis file
     
  15. jnz

    jnz TS Rookie Topic Starter

    log file attached...
     
  16. BlkHeartWolf

    BlkHeartWolf TS Rookie Posts: 151

    Clean, i think the post just got off track
     
  17. jnz

    jnz TS Rookie Topic Starter

    Ok, thanks for your help
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...