Jump to content

LxCi

Members
  • Content Count

    41
  • Joined

  • Last visited

Posts posted by LxCi


  1. Gabe,

     

    Have done that and have a report that was blocked by WinPrivacy and now am attaching it to this message.  They gave me a file SUPERSysteminspector to run and took me a bit of time to figure-out how to stop Avast! from blocking it every time the attempt was made to get it to run.

     

    Seems it is TOO large, 500K, will attempt to use 7zip to compress.  Will return later

     

    Looks like it is a compressed file and will not zip any farther.

     

    Now what:?  e-mailed the file and it is on it's way.


  2. Gabe Burch,

     

    Have been trying to logon to post for about the last hour or more.  All that could be seen were blank white pages except for the Index area.

     

    Below is a message attempted to send in reply which came back undeliverable:

    "

    Thank you for this informaton, but; checking the Quarantine under SysTools there is NOTHING listed plus the check box at the bottom is set to your default of thirty (30) days have changed to 130 days.  Those files in my post were discovered on this system on 06/24/2016 and nothing found about them as you mentioned in your message.  The only place showing is under SUPERAntiSpyware Scan Logs cannot find any way of displaying what is within.  Have seven (7) discovered on 07/03/2016 and nineteen (19) on 06/24/2016 which are those of the report posted in the forums.
     
    With nothing showing under System Tools and Program Settings, except what is mentioned above.  I have saved a copy of a quarantine file, 'quarantine.db' from 06/24/2016 159KB in a special folder if you would like for me to send it as an attachment.  Also have WINSXS folder as Excluded in Scanner Options.
     
    Please understand, this is not a normal newbie am a very curious animal and do my own investigatons.  Learning what is possible even going against Micro(µ)soft's wishes to keep my system as protected as possible, even to the point of going against so called Experts, MSVP, Forum, GEEKS, et ceteras . . .  Have even run two (2) fire walls, two (2) antivirus monitors and scanners, with up to four (4) adware, spyware, malware, et ceteras . . . all at the same time without the difficulties predicted.  Have surfed the net since about 1974 using Unix software at DOS CMD Line before WWW and Windows were ever implemented.
     
    I go against the grain . . because it is MY system to maintain
     
    TIA, CU L8R,
    'd' or 'e'
    "Lone Wanderer"

    P.S. I opened the Submit Malware Samples clicking on the "+" sign and selecting the file saved in a special folder as mentioned above and (sent) was displayed on that entry.  Do not know where it was sent, if you wish me to attach it here let me know.

    Thank you for reading this rambling mess

    'd'
    "LONE Wanderer"

  3. Greetings from the Great Country of TEXAS,

     

    Due to my own error and misunderstanding of what was discovered and had it removed.  Did some investigating into what had been removed and discovered the "RUIFLTR.SYS, RUINETF.SYS, NETFILTER2.SYS" files plus about sixteen (16) registry entries that were placed there by Microsoft by an update that was done on 06/10/2009.  Below find some information about that install and my EditPad Lite v7 does not display some characters: [bracketed data is from me]

     

    [below dated 06/10/2009]

    C:\Windows\winsxs\x86_microsoft-windows-t..ied-chinese-quanpin_31bf3856ad364e35_6.1.7600.16385_none_f79af98021986eab

    [below "?" are because cannot be displayed as it is in Simple Chinese]
    RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"
    "RUI"="?"


    C:\Windows\winsxs\x86_microsoft-windows-t..ional-chinese-array_31bf3856ad364e35_6.1.7600.16385_none_64b02463c341f83d

    "YRUI"="?"
     

    The above information is found on two (2) of my computers both x64 systems one system is x32 and does not have the above data entries.

     

    Just one question, how may I reinstall those two (2) DotSYS files plus the Reg entries?

     


  4. Greetings from the GREAT Country of TEXAS,

     

    I too support this feature along with maybe Green of the Icon in the System Tray or/and Status Bar for SAS's scan, small % numbers could be added the need for % sign is superfluous.  As other scanners do using a small revolving circle on the Tray Icon while scan is in operation.

     

    SAS gives a count of total files scanned along with different categories, if scans run daily or often there could be very small changes in this so the % will not change but very small amount.  This could be the reference used if recorded in scan records.  Most people are using WebMail therefore email will have little effect on number of files on their system.  Also if doing a regular cleanup of the system will still make little changes in total count, only a reference is needed as a basic point to start with.


  5. "GuiltySpark,"

     

    MY issue has been resolved by SUPERAntiSpyware Customer Service by informing me it had to be a FIREWALL issue, I use Microsoft FIREWALL and checked.  Listed 'SUPERAntiSpyware.exe' and just below that entry was "UPDATE" which I had 'assumed' was for 'SUPERAntiSpyware,' "WRONG" after checking it was for some software that had been removed.  Made the CHANGE and now it works just fine.  The following is my reply to them plus clicked the RadioButton to close that TICKET!

     

    "Excuse me, PLEASE?
    SUPERAntiSpyware Customer Service,

    Within my Windows FireWall there was a listing for SUPERAntiSpyware.exe AND just below that was UPDATE without an indication as to what was to be updated, I assumed it was SUPERAntiSpyware.  Checked and it was for a program that had been removed.  Situation has been updated to the correct settings.

    Sorry to have bothered you with an issue of my own, as that word spells "ass u me", do not need any HELP to do said to myself, THANK YOU VERY MUCHLY for correcting my problem for me . .
    TIA CU L8R,
    'd' (LxCi)"
     


  6. GuiltySpark,

     

    With this being Sunday have not had an update today, may need to wait until tomorrow, Monday to collect this information.

     

    NO, have not heard any thing, er, read any message from them except the acknowledgement of the receipt of my request yesterday.

     

    All security software on my system has been here for a number of years working just fine together with SAS Free, this actually started back before Thanks Giving last year.  Not very often by Christmas time was getting to be a hassle,  I do some troubleshooting of computers for friends and have been rather busy on the run.  Will get to this ASAP!

     

    Thank you for your information and a thank you to the Support Team for at least looking into my issue . .

    Later . . .


  7. GuiltySpark,

     

    Do NOT know because it is not giving any errors.  Just failures many times . . at it stands at this time telling me there is NOT an update available.  Did use the link you had so graciously provided and did my update that way.  AND where it always ran three (3) times with failures before STOPPING it is now doing only two (2).  IF you like will take a screen-shot the next update.  Let me know, please or will not do this . .


  8. "GuiltySparks,"

     

    Just managed to get this placed in the support section, assigned CSR00137296  and it is now only doing two (2) failures instead of the three (3).  Do not recall if posing  the mirror site, (Mirror 1) now we will see what happens.

     

    Thank you so very much for your attempt to provide some assistance . .

     

    This Morning alone there have been twelve (12) failures before completion, this evening there were eight (8) failures before completing.  Neglected to put this in earlier.


  9. " GuiltySpark,"

     

    This is still going on with this issue, after nine (9) attempts on number ten (10) it finally completed.  Six (6) were done through the SAS program without any error report just FAILURE shown.  All nine (9) were at the 99% point when falures occurred.  Did three (3) failures with the link you provided that FAILED with error code "ID 021" if that can be of any assistance.  WIth file sizes of 15204kb twice (2) one at 15202kb then completed one file size of 15205kb.  That is all that I can provide except it has happened many times over the last several days as I keep attempting to complete the download for updates.

     

    Thank you for reading my message . .


  10. The above post, Edited by me to include the only file within the SuperAntiSpyware ProgramData folder using the "Full Editor" and got a message that FLashPlayer was busy, I had not started that file then the full editor came up and attached that file with the long title ending in .SDB and do not see an attachment in my message.  There are some very strange things occurring here this morning.


  11. Greetings from the GREAT country of TEXAS,

     

    Have the latest update of SAS done just yesterday and have six (6) Failures of updating the database.   One download the other day errored out from link given me by "Guilty Sparks" later worked just fine.  Will attempt the link from "GS" after this post.

     

    Just completed the download from the link given by "GS" that errored out, see below:

     

    " The application has failed to start because its side-by-side configuration is incorrect.  Please see the application even log or use the command-line sxstrace.exe tool for more detail."

     

    I do not have that tool "sxstrace.exe" on my system, where might I fine a copy?

     

    The only log found in C:\ProgramData\SuperAntiSpyware\AppLogs for this date is 'SUPERANTISPYWARE-1-28-2015( 7-3-20 ).SDB' and cannot read what is within there. It is only a 15KB file, should I attach here?


  12. Not sure about this as I was under the impression it auto chose the nearest server(mirror) to your IP.

     

    If it happens again try downloading the updates and installing manually http://cdn.superantispyware.com/SASDEFINITIONS.EXE whether or not this uses the same mirror I don't know.

    "GS,"

     

    This is getting to be a pain and very strange.  The last 3-4 days have had this error of the Mirror-1 several times AND the link you provided worked the first time just fine the next 2 or 3 presented Corrupted files when clicking the executable and required another download.  This morn the regular update to Mirror-1 crashed, used the link by Ctrl+C/Ctrl+V to my browser and the download was a very strange file title woithout an extension and ZERO size.  Returned here and clicked on the link and the file was downloaded agin and when clicking on the executable, agin, corrupted file as reported by Windows.  Am about to attempt that one more time when finished with this.  NOT complaining, just reporting what is happening from this side.  Also still have the last corrupted file here it anyone there would like me to send it, it is available yet.

     

    Thank you for reading my post . . .


  13. Was in a hurry that day and did not read over what was posted, as you can tell my fingers are not very automatic, they have a mind of their own.

     

    I meant to say, " the failures are automatically restarted at least three (3) times before the failure is stopped."  That day it happened about four (4) or five (5) times of the three automatic reattempts.  Will save that link for future issues.  It may do just that about the selecting the nearest Mirror, just that when it gets SUPER busy, many updates underway for that one server it should be able to transfer to the next nearest.

     

    Thank YOU so very much for at least giving me that link for manual downloads . .


  14. If I may?  Add some to this issue, I am on High Speed and have had this issue off and one for the last week or two.  Now today it has come up again, and gets all the way to 99% and fails, not just once but three (3) times and needs to be restarted with Mirror 1.  Is there a method to access a different Mirror when this starts?  If so, please explain how to do this . .


  15. I also would like to apologize for not providing more detail when first posting, was so releaved that the net was somewhat back in operation here just neglected.  Still not completely sure it is all gone, only time will tell the tail/tale.

     

    AND thank you for removing that SPAM post that was here.


  16. "GS"

     

    I feel it is a bit more, as nothing from Windows could access the NET.  Even Windows Update, IE v11.x, Microsoft Media PLayer, et ecteras . .  The only thing that could was my e-mail Client and Avast! Free Antivrus scaning software.  It was not that easy to clear either, took me about a week to finally get back to the net.  Mozilla FireFox v34.x could but kept getting the websites attempted visits were interrupted with their certificate had expired.  It did not all hit at the same time over about five (5) days before the full effect hit.  There were not any clues as to what had gone wrong, called my ISP where I learned of the infection.  Then started to investigate and was told by one site to run adwcleaner and that started the come back.  That did not clean it all, spent about four (4) days searching the Registry files with Regedit and when finding one clue would lead me to another then another et ceteras . .  It went from a simple tracking to a full blown night-mare . .

     

    Excuse me, forgot to THANK YOU for the information and suggestion, but; it took much more than that


  17. Greetings from the GREAT Country of TEXAS, U.S.ofA.

     

    I have been informed by my ISP that my systems are infected with a bady virus, malware, or just some sort of a 'tagging' software.  The only information found, " .bkrtx.com " that is all my Antivirus software shows, something about the websites certificate has expired.  I spoke with a Supervisor of my ISP's Technicians and was told by him the above is this issue.  Have run several scans with  (latest updates) and nothing has been detected.

     

    Any advice?  Where may I find this infection and how may it be removed.  Some info found on the web said it can be removed by individuals if you know where to look for this software.  I am wondering why SAS has not found this malware, stealing software . .

     

     

     


  18. GuiltySpark & SAS Malware Research,
    Thank you so very much for these responses, am having issues with the system the problem occurred.  Did get the LOG file, attached.

     

    IGNORE the below information within the Parathesis:  MY error in reporting it as SAS find and was NOT.

    (Have another issue with the same computer after running another scan this morn discovered another PUP and now cannot get into that computer as there is not an ICON that will give me access to any program even Windows Explorer.  Have found ways to get around some issues.  Cannot find the Quarrantine folder for SAS to see what was removed.)

     

    TIA, CU L8R,

    LxCi


  19. Greetings from the GREAT State of TEXAS,

     

    Recently ran a Full scan with 14 entries discovered and this is an example:

     

    Sendori_RASAPI32 (x86)

     

    of which I found thirty (30) like entries in my registry file from many another including Microsoft.  They were entered in "HKLM" not sure if any were elsewhere.  I have a copy of the scan log where the entries were removed.

     

    If you would like to see this let me know.

     

    Thank you for reading my post . .

    TIA, CU L8R,

    LxCi


  20. When you mess with something that is working rather well, just to make it look different, will cause problems for some and may even cause it to CRASH.  You do not fix something that works . .


  21. Free2Times,

    In another area on here there was a response that some items are difficult to remove and you should use the F8 key when booting and go into the "Safe Mode" where you then may run Superantispyware and it will remove those more difficult items.

    My experience with items that are difficult to remove just check in the Start/Program Files/ then look for your problem software and often there is an Uninstall feature placed there when it was installed. May or may not be one but worth a try.


  22. This is true, about the notifications, what I was referencing is something to the effect, "This message is replacing a post by someone that is not allowed. If you received a notice of the post be assured it was not to your benefit. It has been removed by Management."

    This is just a suggestion, word it to fit yourself


  23. Hi Moderator STAFF,

    Thank you for this as I had checked the profile of that individual and it was labeled as "SPAMMER" and thought it had been removed. There is another that is listed in my messages and presume it is also the same. Maybe a suggestion for future references, "Post a message to that effect in place of the removed post."

    I am one that likes to communicate, yet not very good at explaining myself, but; with experience and many replies, maybe that will improve. Also sharring is getting to be a lost feature on some of these forums, information is good to have but worthless unless sharred with those that can use what could be called system saving.

×
×
  • Create New...