Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by TechGeek2

  1. Thank you for your reply. I will do so now.
  2. Greetings SAS team. First, let me thank you for the great work you do in providing SAS to remove malware and, for offering it for free. I am not a programer but, can only imagine the cost involved. I have a two part question. I have applied several times for a re-seller license with SAS each without any reply whatsoever. It's very disheartening to not receive a reply. I run a legitimate computer support website and frequently provide free assistance on MS Answers and recently received 2011 contributor award from the same. So, just to be plain, coz I am not a man with a lot to say or how to say it, what's the deal? Seems to me you would be happy to have someone who does as much computer support as I and who believes in and recommends your software, or someone like me, to be a re-seller. I regularly advocate you product. In fact, litterally thousands of times over the last two or more years. I am baffled by this. Secondly, I would like to be put in touch with a developer of SAS. I am curious about a DOS version if such is available and, if not, perhaps it could be. Please do not underestimate the potential here. Thanks, Tech-Geek2
  3. Are we to understand that it is ok to run both MBAM with real-time protection and SAS with real-time protection simultaneously without conflict?
  4. Update: I had the client run ExeFileFix.com then perform another scan with SAS. I am happy to report the detection was not present at the conclusion. Although the main concern is the clients computer and that issue has been resolved thanks to Seth's advice, I am a little perplexed by this. The client had already run ExeFix.reg by DougKnox in the beginning of my assistance which seemed to have resolved the issue with executable files. Any help in understanding the later issue with the broken file association detected by SAS would be much appreciated.
  5. If I may offer a little advice here, Xp Anti-virus and several other malware of late unregister windows update dll file. The solution is really simple. Click start > Run (If you have Vista or Windows 7 you must use Task mgr > New task) > paste the command below into the run box then press enter. Wait for the success message. Your ability to update should be restored. %SYSTEMROOT%\SYSTEM32\REGSVR32.EXE %SYSTEMROOT%\SYSTEM32\WUAUENG.DLL
  6. I have conveyed the instructions and am awaiting the results. I will post back with the same. Thanks.
  7. Therein lies the problem. IMHO, adding an exception which could potentially cause SAS to miss a detection in the future isn't "Spot on".
  8. Hi Seth and thanks for the reply. I don't intend to question your instructions to run FixExeFile but, should let you know there are not any problems with the file association executable or otherwise. Additionally, I would rather have a fix to the alleged false positive aside from adding an exception. Having to add the exception would call into question my malware removal skills when dealing with clients.
  9. Please add me to the list of those receiving this detection at the conclusion of every scan. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 05/27/2011 at 07:02 PM Application Version : 4.53.1000 Core Rules Database Version : 7152 Trace Rules Database Version: 4964 Scan type : Complete Scan Total Scan Time : 00:30:00 Memory items scanned : 419 Memory threats detected : 0 Registry items scanned : 6154 Registry threats detected : 1 File items scanned : 22417 File threats detected : 0 System.BrokenFileAssociation HKCR\.exe
  10. FWIW.. First, while you may already know this, Windows Security Center will never tell you your computer is infected. Second, when receiving a pop-up, such as that you refer to, beware that many times clicking on the red x to close the window actually activates the malware. This design is of course in response to the habit of windows users to exit by clicking the x. If, in the future, you encounter such a thing, click on a free space within the pop-up then press alt + F4. This will close the window without executing the malware.
  11. FWIW.. Using SAS Portable will certainly get rid of the infection but, will not, automatically, re-set your internet connection. For this, click start > run (this is the search box for Vista and Win 7) > type inetcpl.cpl > Ok. In the internet properties window click on the advanced tab > Restore advanced settings button. This should completely restore your internet. If you find that the malware has completely removed the advanced tab from internet properties run this command in the "Run" box for Xp and Search for Vista and WIn 7 >> regsvr32 /n /i inetcpl.cpl > Ok. That will restore it. Good luck!!
  12. TechGeek2


    With all due respect, I don't see what the problem is. If Windows Defender is detecting the malware simply remove the malware. According to Microsoft this malware is listed in their data base as a trojan (see link below). The fact that SAS does not detect it doesn't matter. No scanner has a 100% detection rate. I would, however, caution you against the use of two malware scanners which both have real time protection. Malwarebytes and SuperAntiSpyware are the top two malware scanners in my opinion with SAS beating Malwarebytes by a mile lately. The attached text documents is a demonstration of SAS's capabilities. SAS was run after Malwarebytes. Trojan:Win32/Oficla.T MBAM SAS comparisson.txt
  13. Good advice you have received. The only thing I would change about your protection set-up is MSE. I would opt for Avast 5.0. MSE does not have the real-time shields that Avast does. Yes it has some but, not as many and MSE's detection rate is not as good. The best feature about Avast is the boot-time scan. This will scan files prior to the loading of windows. Once windows loads there are certain files which are locked and cannot be scanned. Avast 5.0
  14. It very well could be SAS causing the issue. I too receive the end now prompt. I simply wait it out however. I receive it as a result of both SAS and my MagicJack. Sorry for the large screenshot. I attempted to use the thumbnail but, for whatever reason it wouldn't work for me. As to the delay in shutdown, it is worth to me to wait a few extra seconds to shut down in order to have the real-time protection of SAS. Happy surfing.
  15. You mention you have AVG but, do not state which scanner you are using when the issue occurs. The next time this occurs open task mgr and see if you can locate the process that might be causing the issue. You may also want to check event viewer (applications) to see if there may be a hint there.
  16. Thanks to everyone for the answers given. Redwolfe I too scan all files regardless of size. Also, I noticed your location is SC. I too am in SC.. upstate area. Hello neighbor..
  17. Your HJT log is clean. I done a little research on your issue and it seems this is a very difficult spyware to locate. It eludes HJT and most other scanners. Most suggest scanning with DDS to get a deeper look. I even read one forum where they claim it hides within your router...
  18. I checked a number of file data base resources I use, including Threat Expert, and not one had any information on the referenced file. I also, performed a search using Google which returned no results. Anytime you do not receive results on a file from Google, it is a very good indication the file is malware related. This is compounded by the fact that 6 of the scanners on Virus Total indicated the same when you uploaded the file. If you do not have first hand knowledge the file belongs to a legitimate software which you intentionally installed I would tend to believe the results of SAS. In any event, if you allow SAS to quarantine the file and later find that it was a false positive you can always restore it.
  19. Are you asking if you can have both scanners on one machine or if you can scan with each at the same time? I personally would not recommend you initiate a scan with both at the same time. There are two issues I can think of which would cause adverse effects. The first, of course, is resources. Scanners use alot of resources when initiated to perform a scan. That, however, would be the least problem. The biggest problem I can think of would be if the two scanners detected the same threat at the same time there would be a possible conflict. Just my opinion and a thought.
  20. Thanks for the reply. Your settings pretty much mirror mine with the exception of terminating memory. Other than that one, they are exact. Thanks again. I am hoping someone can inform me of the purpose behind the recommendation. Although I am sure there is one, I can think of no practical reason other than the speed of the scan.
  21. If you have HJT it should show you that java is running from the wrong location if, in fact, it is actually java causing the issue. It very well could be another application. I'm not sure of the outlook on this forum for uploading hjt logs and I certainly have no intention of starting a habit of doing so but, if you want to upload your log I will take a look at it for you since you have received a number of replies and still have the issue.
  22. I am curious as to why SAS recommends the setting to skip the scanning of files larger than 4mb when scanning. I acknowledge most executable files are smaller than 4mb but, many users, even after being warned not to, use P2P software to download music, videos and other files most of which are larger in size than 4mb. Many infections are contracted through these type files. Thanks in advance!
  23. Your comparison of AVG to SAS is equivalent to comparing apples and oranges. AVG, although in my opinion, based on years of experience, is not worthy of installing, is an anti-virus software while SAS is a malware scanner which, if using the pro version, provides real-time protection. Nevertheless, as repeatedly pointed out here by other members, no anti-virus nor malware scanner has a 100% detection rate. For this reason you need added protection. This, in my opinion, not only means having a solid anti-virus software, as well as SAS with routine scans, but also means a secure browser like FireFox complete with the appropriate ad-ons like AdBlockPlus and MyWOT site advisor. If you want to continue with your opinion about AVG that is certainly up to you. I can tell you, however, from years of personal experience, you are dead wrong. A more solid anti-virus software, which also offers a free version, is Avast 5.0. As for SAS, well I will be happy to provide you with several pages of testimony from users of my forum who have raved about having their computers salvaged from malware. And, yes, the primary tool allowing me to appear so great has been SAS time and time again.
  24. I only re-install java after I am certain the pop-ups and redirects have ceased. The faux java application runs from the wrong location. HJT will inform you of this. Alot of forums have stopped using HJT in the recent months. I still find it very helpful in the initial analyzation of a computer's issues.
  25. You can also try uninstalling java then re-installing. I have seen this alot lately where scans with sas, mbam and hjt are returning clean results but the pop-ups and redirects remain. So far, uninstalling java has solved the issue.
  • Create New...