Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by SirJon

  1. SirJon


    Thanks Nick for posting. The O/S is Windows XP Pro. Actually, I am trying to run the latest version of SAS from RAM and load the remote registry hives. v4.0.1154 works well from a BartPE CD, but I can't get v4.21.0.1004 to start because SASKUTIL.SYS seems like its trying to hook the kernel on the dead hard drive and suddenly crashes. The older driver works fine, but the new version is giving me trouble. I was just wondering if you had any insight on what the driver is trying to do but eventually fails.
  2. SirJon


    SASKUTIL.SYS BSOD STOP ERROR 0X0000008E (0XC0000005 0XBAB63B75) SAS v4.21.0.1004 - Crashes when trying to open program. No security programs installed, no AV, no firewalls, no HIPS, etc.
  3. Hello, Is there a way to turn off the update check for the scanner when starting up the program from BartPE? I have "Check for updates before scanning on startup" unchecked, but it connects with the Internet anyway. There must be a registry setting that I'm missing. Thanks.
  4. From the files, ok. In the user profile directory, both malware database files are there including the .bin file with the latest dates. I'll delete them and try again EDIT: That did it. I've never had that problem before.
  5. Where is Definition Database Version controlled in version 4.0? I have the latest updates, but the program interface doesn't match the registry infomation in HKEY_CURRENT_USER, VersionProcessList and VersionProcessListRelated. The registry values (3416) and (1408) are correct, but the program user interface is stuck at Core: 3304 Trace: 1310
  6. You might have a look here: http://www.911cd.net/forums//index.php? ... owforum=21 They're not that hard to build.
  7. SirJon

    Hullo! :)

    Hello Tony. I haven't talked to you in a while. I've found that the detection and removal capabilities of SAS are superior to the other name-brand commercial anti-spyware utilities out there. (However, I still would like to see a 30 to 60 day registry, files/folders, created/modified, log generated after the scan.) Maybe they will include it in version 4.0. I hope Nick reads this post.
  8. Mine has been working for quite a while now. I had to build it from scratch. Just remember that scanning from the ramdrive to a dead hard drive, you are only using the SAS database. I use a batch file to see if there is anything leftover in the directories afterwards. Depending on the number and type of infections, there is usually quite a bit of bad dll files that go undetected I'm sorry to say. I just manually delete them from RAM. I also scan locations in the remote registry as well to look for anything left behind. In my opinion the biggest drawback scanning from a CD is.....speed.
  9. SirJon


    fatdcuk, have you tested virut on an XP testbox with a Limited Account?
  10. SirJon


    The malware corrupts the Windows files to unrecoverable condition. Antivirus utilities recognize and then try to clean, but fail to bring the files back to their default state.
  11. Yes, awesome heuristics radar. Currently, I would give Avira the edge over Kaspersky 7.0. (And I love Kaspersky)
  12. http://www.pcworld.com/article/id,136205/article.html Too bad SAS was left out.
  13. There's no intrusion on my system. No. It clearly does not. The best way to get rid of your "forceful intrusivenes" is to spend $29.95. Since you already like the program, that's cheap insurance in a world of bloated security programs out there with much higher price tags that don't work nearly as well as SAS.
  14. Great. I've been using ComboFix, RkU and IceSword.
  15. Hopefully a scan that produces a log file of: files/folders modified files/folders created reg keys/values created reg keys/values loading
  16. Like other utilities out there, sometimes SAS just doesn't get it all. I would like to see a simple, manual files/folders/registry deletion option implemented in a future version. After a full scan, any leftover infected files/folders/registry entries not recognized by the software could be deleted early in the reboot process before Windows starts. They (leftover infected files/folders/registry entries) would be entered into the program from either a created log file, text file, or entered directly into the software. This would really save time.
  17. What should be considered is a command line option in the installed program, or a command line version of the program.
  18. Another strategy is to completely discontinue the usage of Internet Explorer except for downloading Windows Updates. Switch to Mozilla, K-Meleon or Opera when accessing the Internet for general browsing. When using a Mozilla browser, install the plugins NoScript and Adblock Plus for added security.
  19. Hello Seth, From one computer tech to another, what AV program did you replace Norton with? Just curious.
  20. No one on this thread has ever said that. How could they fit that derogatory label, their marketing department is brilliant.
  21. It's fictitious statements like this that clearly expose just how Symantec has been able to dominate the commercial av market the last couple of decades. It's no wonder that small and large businesses that use their products continue to suffer as a result of their marketeering vs engineering strategies.
  22. Since I visited EliteKiller's website.
  23. Install Norton Anti-Virus 2007 on one PC, Kaspersky Anti-Virus 6.0 on another PC, Avira Antivir 7 on a third PC. Update products, and with real-time protection enabled, throw stuff (really bad stuff) at all three. See what happens. See how good Norton's (or McAfee for that matter) real-time protection really is, it's a joke. Whether the stuff comes directly off a webpage in the Internet, or raw files from a flash drive, Norton's or McAfee's "protection" is a disgrace. I'm around both all day long 5 days a week. I see how good they really are in real life situations. It's like a new house in Alaska that has been insulated and weatherproofed with only newspaper and then on top of it all, they leave the front door wide open.
  24. Norton's retail software is nothing more than a clever carrot on a stick. It represents one of the most successful marketing strategies in security software ever. Image over substance.
  • Create New...