Sagipsul attack
- Thread starter Skee
- Start date
- Status
Skee you Word document (attachment) has been removed
As Docs can actually hold Virus and\or Malware too.
These attachments must be in txt (notepad) format
But don't worry, because you must follow this guide before uploading anything:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
As Docs can actually hold Virus and\or Malware too.
These attachments must be in txt (notepad) format
But don't worry, because you must follow this guide before uploading anything:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
After 8 steps
Hi Kimsland,
After my 8 steps program, I am no longer getting the sagipsul popup every minute or so.
I'm sending the log of HJT, and Malware as attachments. I could not find the quarantine log from SuperSpy, so I'll write the info from it below.
Thanks,
Skee
Adware.180Solutions/ZangoSearch
Adware.MyWebSearch
Adware.MyWebSearch/FunWebProducts
Adware.MyWebSearch-Installer
Trojan.Downloaded-Gen
Unclassified.Unknown Origin
Hi Kimsland,
After my 8 steps program, I am no longer getting the sagipsul popup every minute or so.
I'm sending the log of HJT, and Malware as attachments. I could not find the quarantine log from SuperSpy, so I'll write the info from it below.
Thanks,
Skee
Adware.180Solutions/ZangoSearch
Adware.MyWebSearch
Adware.MyWebSearch/FunWebProducts
Adware.MyWebSearch-Installer
Trojan.Downloaded-Gen
Unclassified.Unknown Origin
Thanks
You still (I believe) have a few infections to remove
But I'd like you to go one step further before another scan
Using Add\Remove Programs
Remove AVG8
Remove Symantec (some files still starting with Windows)
Then Restart, and run the following:
AVG Removal Tool http://www.grisoft.cz/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Norton Removal Tool http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039 or directly from h e r e
Then download and update => Avira
--------------
Then at last re-open MalwareBytes and select the Update Tab, and update the programs definitions ie "check for updates"
Then select the Scanner Tab, and run a full scan "Perform full scan"
During the scan, Avira may popup with found Viruses, select quarantine and make this the same action always, (actually I can't remember the exact words) so as to reduce any further popups from Avira for found Viruses
Restart
Ideally, submit a new Malwarebytes log
Then run a new HJT scan and log, and attach this log as well
Pretty sure your computer will be running quite well at this point, what ever else happens.
You still (I believe) have a few infections to remove
But I'd like you to go one step further before another scan
Using Add\Remove Programs
Remove AVG8
Remove Symantec (some files still starting with Windows)
Then Restart, and run the following:
AVG Removal Tool http://www.grisoft.cz/filedir/util/avg_arm_sup_____.dir/avgremover.exe
Norton Removal Tool http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039 or directly from h e r e
Then download and update => Avira
--------------
Then at last re-open MalwareBytes and select the Update Tab, and update the programs definitions ie "check for updates"
Then select the Scanner Tab, and run a full scan "Perform full scan"
During the scan, Avira may popup with found Viruses, select quarantine and make this the same action always, (actually I can't remember the exact words) so as to reduce any further popups from Avira for found Viruses
Restart
Ideally, submit a new Malwarebytes log
Then run a new HJT scan and log, and attach this log as well
Pretty sure your computer will be running quite well at this point, what ever else happens.
Hi Kimsland,
I'll do all of that after I finish some "TO DO" items.
Another person posted a question I just took off my e-mail, but I'm still trying to figure out the forum system, so I can not find where to answer directly. He wanted to know where I thought the attack came from. This is my daughters computer, she uses FireFox and spends a good deal of time on Gaia. She left the browser up while she went out of the room for awhile. The computer was infected when she came back.
Thanks,
Skee
I'll do all of that after I finish some "TO DO" items.
Another person posted a question I just took off my e-mail, but I'm still trying to figure out the forum system, so I can not find where to answer directly. He wanted to know where I thought the attack came from. This is my daughters computer, she uses FireFox and spends a good deal of time on Gaia. She left the browser up while she went out of the room for awhile. The computer was infected when she came back.
Thanks,
Skee
Latest scan
Hi Kimsland,
The Malware scan came out clean, no problems what so ever. Thanks.
I've attached the latest HJT log.
This is my daughters computer, and I use IE6, so I'm not sure if this is normal, or a symptom of something else, but it is painfully slow loading pages. I'm using an "N" wireless
router for her connection, and it is reporting a 243mps speed with "Good" connection, so it seems like it should be at least as fast as my wired 100mps computer.
Thanks for all of your help in ridding this computer of the sagipsul, I really appreciate it.
Skee
Hi Kimsland,
The Malware scan came out clean, no problems what so ever. Thanks.
I've attached the latest HJT log.
This is my daughters computer, and I use IE6, so I'm not sure if this is normal, or a symptom of something else, but it is painfully slow loading pages. I'm using an "N" wireless
router for her connection, and it is reporting a 243mps speed with "Good" connection, so it seems like it should be at least as fast as my wired 100mps computer.
Thanks for all of your help in ridding this computer of the sagipsul, I really appreciate it.
Skee
This post was removed by me, as not required
We are not interested "Where the infection came from" specifically. Unless we quote some known, stay away from, known sites. These sites include p0rn; cr@cking and similar other sites. And generally most users know to stay away, from these (or suffer the consequences) Note, I am generalizing at the possible areas of places where these infections come from, but it should also be noted, places such as:
File Sharing (a whole range of areas, for this one)
Email (very easy to pick up any Malware)
Foreign media (such as burnt discs; or any external media, plugged into a computer)
Surfing the Web (sadly just browsing "anywhere" may not always be safe; ie If I browsed for Dolls; I might get any amount of strange returns!)
So, we can speculate all day.
But when it comes to your "Daughter" it's just a matter of asking where she logs on to, and what she normally views or even downloads (basically being aware of what's actually happening whilst she is online)
In saying that. Sometimes (well mostly) it's out of our hands (ie hacking; or even just surfing or reading "friends" emails) and a whole range of other endless possibilities
Anyway, therefore the post Question, was removed
Oh I haven't read the log yet! And I need to sign off soon, so unless someone else answers, please hold
- Status
Similar threads
