Jump to content
Glen

SAS (.com file) running in DOS when SAS not scheduled

Recommended Posts


Why is an apparent MSDOS version of SAS running (when no antispy software is scheduled to run)?  Why the weird *.com name?  30M I/o reads reported in Task Manager (see attached jpegs).

post-37011-0-52847100-1398231009_thumb.jpg

post-37011-0-75844700-1398231010_thumb.jpg

Share this post


Link to post
Share on other sites

Just to clarify, the "SAS Alternate Start" is a trick to fool some malware that was blocking anything running with "superantispyware" in the program name.  So we rename it to that random number.  Additionally, there are some infections that hijack anything with and EXE file extension, so we gave it a COM extension instead (you can actually rename any Windows .EXE as .COM and it'll run exactly the same).

 

Unfortunately, while the alternate start does allow SAS to run in many cases where it was being blocked, the program then updates the computer's configuration with the now-bizzaro program name, and will continue to run the "wrong" EXE at startup (which could be an outdated version).  I would suggest closing SAS, going into your \Program Files\SUPERAntiSpyware folder and deleting the alternate-start temporary copy files, then run SUPERAntiSpyware.exe again.  Now, go into program settings and disable, then re-enable the option to start SUPERAntiSpyware when your computer starts.  This will ensure that SAS will save the correct filename in your computer config.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×