What the heck is this thing!? My BF and I have been working on removing it for a few hours now!! Avast didn’t find 91 instances of various Trojans that MBAM found. How is that possible? I use Avast all the time and have not had a single problem.
This site pops-up whenever he tries to search on Google or Yahoo. You think it’s gone and then BAM, it’s back! It’s extremely annoying.
I MBAM doesn’t clean it all out, is the only solution to reformat? We have an external Hard drive that we can backup to, but could that be an issue? I mean, if the files are infected, then we would just drag it over to the external hard drive and start over again, right?
BTW, we have cleaned out Cookies, Temp files and Firefox, so what am I forgetting. I am a bit more technical than my BF, so that is why I am posting and not him.
I hope all of you folks have some ideas. I have read other posts and everyone seems so kind and eager to help.
Thanks in advance for any suggestions you may have.
Program & Tutorial - Also useful as a diagnostic tool - FileHippo Download - HiJackThis and post the contents of the HJT log file here. - HJT Information HiJackThis Tutorial.
Download and run HJT (after the above programs) and post the contents of the log file (cut and paste or attach the log file) into this topic, you may need to split it over two or more posts depending on how large it is.
To answer one question, it was something called Trojan/Vundo or something to that nature. We ran MBAM it seems to be gone. My BF ended up removing all of the selected files before I had a chance to see where and what they were. I only caught a glimpse when the scan was running.
I hope this thing is gone. If it’s not, I will catch all information I can and repost.
I’m having the same issue, only I’m running firefox and when I search in the google box, it opens up explorer and searches tons of ads I’ve never searched for.
I swear by Malwarebytes Anti-Malware software! It got rid of everything and we use Firefox, too. It might work for you, but I am not too sure as I am not a techie, just someone who is slightly technically inclined.
“sagipsul.com” is being treated on various advanced Malware Removal Forums
by certified, Volunteer “Malware Removal Specialists” . The “best” treatment
I saw was on the Geeks To Go ( www.geekstogo.com ) Forums, where
“essexboy”, who sometimes helps out on the Avast Forums, is a “Moderator”
there . It will take MORE than using just Malwarebytes’ Anti-Malware or
SUPERAntiSpyware to successfully remove sagipul and any possible
“companions” from a computer .
Interestingly no mention of sagipsui.com in the MBAM log, unless you had already got rid of that before running MBAM.
Or is it still there (where was it found) ?
Your BF should exercise care in what they install e.g. spywarebot and RapidAntivirus, etc. It is better to do the analysis first before installing (rogue) security software as nowadays it is a very risky business.
At a guess I would say they don’t have a firewall that provides outbound protection - Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.
I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.
Sorry, It was sagipsul.com that was popping up. Maybe it was under some other name, either way…it’s not popping up anymore. I am not sure what my BF did, but it seemed to work running MBAM. ;D
Thanks for the insight and information. I will talk with him about secunia.com and let him know that he should look into it.
Spiritsongs, I sure hope that site/software doesn’t show up anymore on my BF’s computer because it is horrible! Thanks for that information because I had been searching for answers and didn’t find any until coming here!
You are all awesome and I thank you so much for all the help!!
The geekstogo is a general help/support site specialising in malware removal being one area of expertise.
Just do a search for sagipsul.com in the geekstogo.com forums and see what is revealed. I think the main thing you should be looking for are people not being able to find the file, which is revealed by using a more powerful analysis/cleansing tool.
I originally investigated forums.mozillazine.org. Someone reported better luck with Avast! 4HE than Malwarebytes. So I started there, err, here. Installed 4HE, which ultimately prevent my Windows XP from booting. Solved that problem by uninstalling 4HE under safe mode.
Not that it reflects the quality of your product; but it made me think twice about installing more applications to clean this malware. Can anyone confirm that this malware application is a variation of Vundo, as described by HatingMalware earlier?
This can happen and the most frequent cause is a) not having uninstalled your previous AV or b) remnants of a previous AV still on your system.
Resident AVs load low level drivers and it is these that can conflict and if that happens around boot it could lock you out. Even when uninstalled some AVs leave a lot of debris behind and it is usually these drivers.
Have (or did) you another AV installed in this system, if so what was it and how did you get rid of it ?
Hi all :