Jump to content


  • Content Count

  • Joined

  • Last visited

About redwolfe_98

  • Rank
    Advanced Member

Profile Information

  • Gender
  • Location
    South Carolina, USA
  1. looking back on it, after having read more about "intext.nav-links.com", i don't think that my earlier post was appropriate .. i had assumed that a "scumware" program was generating the ads.. after reading more about "intext.nav-links.com", i would say..you could add "intext.nav-links.com" to your HOSTS file, if you use a HOSTS file to block malicious URL's.. also, if you use "firefox," along with the "adblock plus" addon, you could ad "nav-links.com" to a custom blocklist, in "adblock plus"..
  2. cers0001, first, look in windows "add/remove" to see if any toolbars are listed there and uninstall them, unless they are toolbars that you want installed.. then use "adwcleaner" and "junkware removal tool" to remove the "scumware" on your computer: here is a link for "adwcleaner" : http://general-changelog-team.fr/en/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner here is a link for "junkware removal tool" : http://thisisudax.org/ when you run "junkware removal tool", it will generate some files which apparently are used for undo-ing any changes that are made, if necessary.. you can just delete those.. you also could run a scan with "malwarebytes" : here is a link for downloading "malwarebytes" : http://www.filehippo.com/download_malwarebytes_anti_malware/ another useful program which you could run a scan with is "hitmanpro" : http://www.surfright.nl/en/products/ eset's online-scanner is another program that you could run a scan with: http://www.eset.com/us/online-scanner/ there are other free programs that you could use to run scans with, from kaspersky, emsisoft, microsoft, sophos.. if you want further assistance, you could ask for help in one of the forums where "experts" help people with removing malware-infections.. two of those are "geekstogo" and "bleepingcomputer" : http://www.geekstogo.com/forum/forum/37-virus-spyware-malware-removal/ http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/ there are several other similar forums where "experts" help people with removing malware-infections.. one other one is "techsupportguy" : http://forums.techguy.org/54-virus-other-malware-removal/ one website that has information about removing malware is "malwaretips" : http://malwaretips.com/ "malwaretips.com" also has a forum where people can get help with removing malware.. p.s. you could post the logs from when you run "adwcleaner" and "junkware removal tool" to show us what they find.. i would like to know which "scumware" is generating the "intext.nav-links.com" ads..
  3. happy, i don't think it helps when all you say is that spybot is flagging something that SAS isn't flagging.. you need to post data from the spybot log-file, showing exactly what is being flagged by spybot.. there could be a simple explanation for SAS's not flagging something that spybot flags, like maybe it is a spybot-false-positive, or maybe spybot is flagging something that SAS doesn't think should be flagged.. without knowing exactly what is being flagged, by looking at data from the spybot log-file, there is no telling why SAS is not flagging something that spybot is flagging.. first, i am NOT an "expert" in helping people to remove malware.. i am not one of those folks who helps people with removing malware.. so, i am not saying this as someone who is knowledgable about removing malware-infections.. i had never heard of "snap.do", until now.. i used google-search to pull up some information about it, just now.. maybe you have already gone to some forum to request help with removing "snap.do".. if so, that is fine.. if you haven't and you want to try to remove it yourself, i can offer some suggestions that might help to at least partially remove it.. first, see if there is a "snap.do" entry in windows "add/remove", where you can run an uninstall for "snap.do".. if so, run the uninstall.. second, run a scan with "adwcleaner".. third, run a scan with "malwarebytes".. forth, if you are using "firefox", look in firefox's "addons" and, if there is a "snap.do" in FF's "addons", uninstall it from there.. for more advanced things that might could be done to remove "snap.do", i suppose you should ask for help with that in one of the many forums where people can get assistance with removing malware from their computers.. i will just mention one of them, which is "bleepingcomputer".. p.s. i hope that SAS won't mind my mentioning "malwarebytes"..
  4. hayc59, what your hijackthis log is showing looks right, for SAS.. i installed SAS build 5.x and, after installing it, "sascore.exe" was running, on my computer.. i am running win xpsp3, the 32-bit version..
  5. there is a "sticky" post, at the top of the forum, for "submitting samples to superantispyware", but the link for downloading the utility, used for submitting samples, is not working (so i can't download the utility).. i need a link (that works) for downloading the utility for submitting samples to SAS.. here is the link for the "sticky", which has the link for downloading the utility for submitting samples, but, again, the link is not working: https://forums.superantispyware.com/index.php?/topic/2814-submitting-samples-to-superantispyware/
  6. i appreciate the frequent updates to the malware-definitions..
  7. what program is flagging a "Trojan:Win32/Hiloti.gen!A"? what file is being flagged as "Trojan:Win32/Hiloti.gen!A"? have you tried checking to see if it is a false-positive? to do that you could upload whatever file is being flagged to "virustotal", to see if any other programs flag the file.. here is a link for "virustotal": http://www.virustotal.com/
  8. nedra, you need to get the specifics about what the supposed 36 "spywares" were that, supposedly, were missed by SAS.. the 36 "spywares" could have been nothing more than 36 third-party cookies, which you pick up every day when surfing the internet.. or, the tech guy could have been using some bogus program that falsely reported finding 36 "spywares" that didn't really exist.. or, you could have had a nasty rootkit infection, among other things.. we don't know.. since the computer has gone to the shop there is no way, now, to check out what the situation was.. all we know is that the guy at the shop said that there were 36 "spywares" on your computer.. i can unnderstand your wanting to get your computer fixed, sending it to the shop.. i, myself, am in a spastic mode when i have computer problems.. however, you could have tried contacting SAS's "support" and letting them run diagnostics on your computer, to see what the problem was.. in my opinion, it is not necessary to send a computer to the shop for software problems.. "reformatting" is pretty simple, and your computer manufacturer's "support" could have helped you with doing it if you felt like you needed help with it.. "reformatting" is time comsuming, but, still, it is time consuming whether you do it yourself or the guy at the shop does it..
  9. check to see if you have the latest version of SAS installed.. if you are running an old version of SAS, that could be the problem.. if you already have the current version of SAS installed and you are experiencing the problem where it is not removing the malware that it flags, i think you should contact SAS's "support" so that they can run diagnostics on your computer, to see what the problem is..
  10. samie, let us know how things go.. i am interested in knowing if running the SAS-uninstall, with your circumstances, causes a problem..
  11. hey after taking a second look at your post, i am editing my reply.. no.. the explanation is that avast's "guard" will flag files "on access".. SAS's guard only flags files "on execution".. so avast's "guard" will flag the eicar.com test file just by "mousing over the file", without executing it.. SAS's "guard" will not flag the file unless it is executed..
  12. hey diazruanova.. you probably have "NTVDM" disabled, on your computer.. the eicar.com test file will not run when "NTVDM" is disabled and that is why SAS did not flag it when you tried to run it.. here is a link to a related MS technet article, where it mentions disabling "NTVDM" as a workaround: http://www.microsoft.com/technet/security/Bulletin/MS10-015.mspx i also have "NTVDM" disabled, on my computer.. on my computer, running win xpsp3-home, i use this regkey to disable "NTVDM": [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "VDMDisallowed"=dword:00000001
  13. hunter, you can test to see if SAS is functioning properly, if you want to.. i would use the "trojansimulator" to test SAS, but you could use the "eicar.com" test file, as well.. to test SAS download either the "trojansimulator" or the "eicar.com" test file and doubleclick on them to try to run them.. SAS, with its realtime-protection, should flag the file and block it from running, and you will see an "alert" pop up saying that SAS has blocked the file from running.. here are links for the "trojansimulator" and the "eicar.com" test file: http://www.misec.net/trojansimulator/ http://www.eicar.org/anti_virus_test_file.htm
  • Create New...