Jump to content

ParrotSlave

Members
  • Content Count

    5
  • Joined

  • Last visited

Everything posted by ParrotSlave

  1. I'm able to reach the site and manually download and install the definitions file (https://www.superantispyware.com/definitions.html), but the program has suddenly decided that it cannot connect to the update server. This happens every now and then, but it's usually a short-lived problem. I have exclusions in Malwarebytes and in Norton to exclude SAS, but neither of those programs have caused problems in a long time. I ran netsh winsock reset and a couple of other commands, then rebooted, but the error is still occurring. I haven't uninstalled and reinstalled SAS, although, if this keeps up, I might. What is the IP of the update servers so I can see if I can ping them?
  2. I posted earlier, on the 11th, after first observing the issue on the 9th. There is nothing new in System Investigator. I came up with the hypothesis that SAS was coming up with that message whenever any program is updated, possibly as a gimmick requested by their sales team--something to remind customers that SAS is "doing something"--or possibly as a way to jog lazy customers into scanning their systems manually (for our own good.) Coming back here again, I see a link to an updated version of SAS, with the recommendation to uninstall the old one first. I did that, with Revo. Then, getting ready to install the new version, I noticed something peculiar to me: the file size, 13MB, is substantially smaller than the one I had archived. (I regularly use Macrium Reflect to restore system images, and, to save time, after a restoration, I update all my programs manually whenever possible before re-connecting to the internet. My SAS folder had a SUPERAntiSpywarePro.exe that was 34.7 MB.) Sorry for my inherent paranoia, but the properties/security tab on my old file shows the signer to be support.com, and it was digitally signed on Sept. 18th. The details tab shows v.6.0.0.1264. The one via the link in this forum does not show a time for the digital signature, but it shows the signer to be AdBlocker.com, and the version shown on the details tab is v.5.0.0.1136. Instead of installing that right away, I decided to compare it with the Pro trial version available here right now for download to the general public, so I downloaded that. The version of SAS Pro on the site right now is 8.0.0.1024, and it shows a digital signature by support.com on November 15th. The differences might well be due to the fact that the link here is to a program not yet ready for release, but, lacking any other information, I decided not to install it, instead choosing the pro trial version of SAS 8.0.0.1024. It will be a day or two before I'll be able to tell if that message is coming up regularly again.
  3. I had the identical occurrence, starting day before yesterday. This is a Win8.1 system, protected by SAS, MBAM, Norton IS, and Zemana Antilogger. I've looked at Task Manager and at CCleaner's list of startup items, and I see nothing new. I actually did install a new program the day before all this, PST Viewer Pro, but it is not a startup item, and, even if SAS thought that it was, you'd think that, from the next day on, it would not "notice" it anymore.
  4. VirusTotal gives SUPERantispyware as the only scanner of the 50 that they use that reports the program, MP3DirectCut2.20, as a trojan, Trojan.Agent/Gen-Small. See https://www.virustotal.com/en/file/6afbfd4f27078086b4e9b5591d475928edfce7c4b476183a55638eeebbd397c1/analysis/. The author's site, http://mpesch3.de1.cc/mp3dc.html gives the MD5 checksum, and the downloaded file has the correct checksum and file size. I seem to recall getting a false positive with an earlier version of MP3 DirectCut. SAS did not detect the file while it was downloading, strangely enough, but when I was trying to install it:
  5. Mine automatically quarantined the objects, then, of course, there was no way to submit the files to SAS. However, I think I recall submitting these a long time ago, via the free version, from my old laptop. It finds Cyberlink's Power2Go files as trojans, Gen-Yodos--CLCLEANER2-POWER2GO_6.0-7.0.EXE, CLCLEANER2-POWER2GO_8.0.EXE, and CLCLEANER2-WAVEEDITOR_1.0-2.0.EXE. It also finds mp3DirectCut as a trojan, Gen-Small--MP3DIRECTCUT219.EXE, and it finds INSTALLER_EML_TO_PST_CONVERTER.EXE to be a trojan, Gen-Toggle. Norton does not think they are trojans, and Malwarebytes does not think so either. Cyberlink would probably be surprised. It also found one file in Chrome's cache, APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\CACHE\F_00148D, which was puzzling. Again, neither Malwarebytes nor Norton thought anything was wrong with the file.
×
×
  • Create New...