Sagipsul help

By crazyzap
Jan 2, 2009
  1. Hi, I started getting this sagipsul popups yesterday, and I have AVG free antivirus and Malwarebytes' antimalware. So, I scanned my computer with those and it found some trojans like vundo and virtumonde and stuff like that. I also installed the latest version of spyware doctor and when I scanned with it, it caught similar infections and removed. But everytime I scan, the infections are still there. So, after that I followed the 8 steps. However, I missed step 3 because I didn't know how to temporarily disable AVG free antivirus as well as malwarebytes' antimalware. After scanning my computer with superantispyware (step 5), I have not gotten any sagipsul popups since 5 minutes or so while I am writing this message. Anyways, here I have attached the 3 logs requested. Any help will be greatly appreciated.
  2. brucethetech

    brucethetech TS Enthusiast Posts: 229

    delete these and give it a whirl

    O4 - HKLM\..\Run: [a783nfo9ewofmdejgywf] C:\WINDOWS\TEMP\winlogun.exe
    O4 - HKLM\..\Run: [xsjfn83jkemfofght] C:\WINDOWS\TEMP\winlogin.exe
    O4 - HKUS\S-1-5-18\..\Run: [a783nfo9ewofmdejgywf] C:\WINDOWS\TEMP\winlogun.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [xsjfn83jkemfofght] C:\WINDOWS\TEMP\winlogin.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [msiexec.exe] msiconf.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [a783nfo9ewofmdejgywf] C:\WINDOWS\TEMP\winlogun.exe (User 'Default user')

    Afterwward make sure these are gone
  3. crazyzap

    crazyzap TS Rookie Topic Starter

    how do I delete these? Do you mean I will have to again run the scans today, and if any of these are found, I delete them?
  4. rf6647

    rf6647 TS Maniac Posts: 829

    Memory Modules Infected:
    C:\WINDOWS\system32\boswuy.dll (Trojan.Vundo) -> No action taken.
    When logs show this, I am left to conclude MBAM fixed nothing because you declined the choice to remove.

    Therefore, brucethetech gave you HJT items for tick & fix. The files noted for deletion can be handled from Windows Explorer (enabled to view system and hidden files).

    And yes, then invest 2 hours for a full scan with MBAM & SAS.

    HJT informs of items not handled by the scans.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...