Sagispul Infection (Among Others?)

By IHateSagispul
Jan 5, 2009
  1. Hello. I had been running Firefox v.3 trouble-free for a while when I suddenly began receiving the tell-tale symptoms of a sagispul infection: Firefox would pop-up blank windows, refused any connection to most anti-virus or other security sites, etc.

    I ran the eight steps and have attached the logs below. Everything seemed to go fine with the steps - once I had removed Norton 360 (I know, I know) and replaced with Avast, I was able to reach the update sites for each of the anti-virus/malware tools used in the steps.

    Please let me know how to proceed on this so that I can begin using this PC with a clear conscience again. Thanks very much. I'll check back frequently in case there are any follow-up questions as well.
  2. rf6647

    rf6647 TS Maniac Posts: 829

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Delete on reboot.
    MBAB did not handle all that it found until the computer restart.

    It appears that the infection is mostly handled.

    Rescan with MBAB followed by SAS. Repeat until clean or something that cannot be cleaned.

    HJT scan informs what has not been handled (computer restart before HJT scan)

    Caught by HJT - very minor - Simple tick & fix. Restart Computer.
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    If symptoms remain, post new logs and describe conditions.

    Following clean scans establish a clean restore point.

    Establish a new clean restore point and Clear your existing System Restore points:
    • New
      • Go to Start > All Programs > Accessories > System Tools > System Restore>
      • Select Create a restore point> OK.
    • Clear Old
      • go to Start > Run > cleanmgr > Select the More options tab >
      • Choose the option to clean up System Restore > OK

        • This will remove all restore points except the new one you just created.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...