also @ TechSpot: Microsoft Office 2010 public beta available for download
Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Login to participate.
Go Back   TechSpot OpenBoards > Operating Systems & Software > Virus & Malware removal
Reload this Page Sagipsul, et cetera.

Sagipsul, et cetera.

Closed Thread
Bookmark Thread Tools
  #1  
Old 01-03-2009
Newcomer, in training
  
Member since: Jan 2009, 1 posts
Sagipsul, et cetera.
My computer's been infected since Jan. 1 (happy new year, right?), and searching around for fixes led me to techspot.

Random popups when not online, or on webpages that shouldn't have popups started occurring, mostly from sagipsul. Before the attacks happened, I had AVG and AdAware free versions on my computer (albeit outdated). Installing the most recent versions and multiple scans with both failed to fix the problems, so I discovered + followed the 8-step virus removal thread. Logs are attached.

Things are looking MUCH better since following the instructions, and I haven't gotten popups every few minutes since completing them. Still, I want to be sure I've got everything cleared up, so please let me know if there is anything else I need to do or be aware of.

Thanks a bunch!

[edit] Oh, by the way, of the list of recommended anti-virus and firewall programs in the 8-steps, I installed Avast! and Comodo.
Attached Files
File Type: txt mbam-log-2009-01-03 (18-34-24).txt (3.3 KB, 1 views)
File Type: txt mbam-log-2009-01-03 (18-36-27).txt (3.8 KB, 1 views)
File Type: log SUPERAntiSpyware Scan Log - 01-03-2009 - 20-14-42.log (861 Bytes, 1 views)
File Type: log hijackthis.log (9.9 KB, 1 views)
Last edited by ilymandias; 01-03-2009 at 11:06 PM..
  #2  
Old 01-06-2009
TechSpot Booster
  
Location: Illinois, USA
Member since: Feb 2007, 908 posts
System specs
Uninstall AVG using Removal Tool

Frequently I need to point this out. Computer restart was a required user action.
Code:
Memory Modules Infected:
C:\WINDOWS\system32\cndqiolt.dll (Trojan.Vundo.H) -> Delete on reboot.
Since you report popups are gone, we will conclude with routine steps.

MBAB did not handle all that it found until the computer restart.

It appears that the infection is mostly handled.

Rescan with MBAB & SAS (run as pairs) until clean or something that cannot be cleaned.

HJT scan informs what has not been handled (computer restart before HJT scan)

HJT scan. Tick & fix. Restart computer.
Code:
O2 - BHO: (no name) - {8FFE8FDE-9A5D-4908-BE37-A76AAD7D088E} - C:\WINDOWS\system32\khfCvWOI.dll (file missing)  >> broken (not listed)
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
 - c:\Program Files\BAE\BAE.dll  >> objectionable ((see here)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)  >> broken (Realcom)
If symptoms remain, post new logs and describe conditions.


Following clean scans, Establish a new clean restore point and Clear your existing System Restore points:
  • New
    • Go to Start > All Programs > Accessories > System Tools > System Restore>
    • Select Create a restore point> OK.
  • Clear Old
    • go to Start > Run > cleanmgr > Select the More options tab >
    • Choose the option to clean up System Restore > OK
      • This will remove all restore points except the new one you just created.
To remove this ad, sign in. To register for a new account, click here.
  
Closed Thread

Tip: Download Advanced SystemCare 3 Freeware - 1 Click A Day to Clean, Repair, Protect & Optimize your PC.

Thread Tools


Similar Topics
Topic Category Replies Last Post
Need Help with Sagipsul Pop up Virus & Malware removal 0 01-03-2009 12:22 AM
Thanks for help - Sagipsul.com Virus & Malware removal 1 01-01-2009 03:46 PM
Help with Sagipsul please Virus & Malware removal 1 12-31-2008 07:19 AM
Sagipsul, etc Virus & Malware removal 1 12-29-2008 08:55 PM
Arachnophilia 5.3 Help Et cetera Introduce yourself 0 09-15-2008 12:13 PM


All times are GMT -4. The time now is 06:25 AM.