Random pop-ups (sagipsul)

Status
Not open for further replies.

xydas7

Posts: 6   +0
Hi,

I'm getting random pop-ups when I open Firefox, mainly from a website called "sagipsul.com".

I've tried getting rid of it with Malwarebytes but it's still there. Usually 4 or 5 windows will pop-up but I can't see them (I only see the current Firefox window resizing). However when I alt-tab I can see the 4-5 pop-ups, but can't close them.

I've attached the HJT log.

Thanks in advance to anyone who can help me.
 

Attachments

  • log.log
    13.2 KB · Views: 6
You have run an outdated version of HijackThis. Please use this version to run. Attach log. This is the version that is in Step 7:

https://www.techspot.com/downloads/317-hijackthis.html

We will remove entries from that scan.

You have too many processes running and a large number of Services running. We will try to get those both down to a more reasonable number.. I would be interested to know if you are using Vaio Entertainment package that cam with the system
 
new log attached and btw I have never used the Vaio Entertainment package. thanks once again for the amazing work you do!
 
Okay, lets take care of the bad stuff first:
Please re-open HiJackThis and scan.Check the boxes next to all the entries listed below.
O4 - HKLM\..\Run: [CPM5796bdc3] Rundll32.exe "C:\WINDOWS\system32\vodarowo.dll",a>> (Trojan.Vundo.H)
O4 - HKLM\..\Run: [sodokimipu] Rundll32.exe "C:\WINDOWS\system32\dumatoma.dll",s
O20 - AppInit_DLLs: kcevpi.dll C:\WINDOWS\system32\sorusodi.dll c:\windows\system32\vodarowo.dll
The above are Vundo entries.
Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis and reboot into Safe Mode:

Right click on Start> Explore>Windows> System32> right click> delete on each of the following if found:
vodarowo.dll
dumatoma.dll
kcevpi.dll
Reboot into Normal Mode

Run the Vundo Fix:
1. Please print these instructions as they will be needed later when Internet access is not available.
2. Save these instructions in word or notepad to the desktop where they can be easily found.
3. Please download VundoFix.exe (http://www.atribune.org/ccount/click.php?id=4) and Save to your desktop.
4. When it has completed downloading, double-click VundoFix.exe to run it.
5. Click the Scan for Vundo button.
6. Once it's done scanning, click the Remove Vundo button.
7. You will now receive a prompt asking if you want to remove the files, click the YES button. Once you click yes, your desktop will go blank as it starts removing Vundo.
8. When completed, it will prompt that it will shutdown your computer, click the OK button.
9. When the computer has shutdown, turn your computer back on.
The WinFixer and Vundo infection should now be removed from your computer.
[/quote]
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot[/quote]

Please attach the C:\vundofix.txt and a new HiJackThis log.

We'll review, remove or disable some of the Vaio Entertainment entries when Vundo is out.
 
here are the two final txt files...just a pointer that vyndo fix did not find any infections and therefore didnt delete anything...is that ok?

thanks in advance and happy new year to everyone!
 
Okay, the log is clean. I suspect you may be running bit slow though due to all the processes you have loading on boot.

If the original problem has been resolved and there are no additional problems, we can remove the cleaning tools:
* Download OTCleanIt
http://download.bleepingcomputer.com/oldtimer/OTCleanIt.exe

* Click the CleanUp! button.
* It will go thorough the list and remove all of the tools it finds and then delete itself (requiring a reboot).
Clear your existing System Restore points and establish a new clean restore point:
Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
* Next, go to Start > Run and type in cleanmgr
"Ensure the selection is on C:\ and click on OK"-
* Select the *More options* tab
* Choose the option to clean up System Restore and OK it.
* This will remove all restore points except the new one you just created.
Please let us know if you need more help.
 
Status
Not open for further replies.
Back