Jump to content

redwolfe_98

Members
  • Content Count

    114
  • Joined

  • Last visited

Posts posted by redwolfe_98


  1. looking back on it, after having read more about "intext.nav-links.com", i don't think that my earlier post was appropriate .. i had assumed that a "scumware" program was generating the ads..

     

    after reading more about "intext.nav-links.com", i would say..you could add "intext.nav-links.com" to your HOSTS file, if you use a HOSTS file to block malicious URL's..

     

    also, if you use "firefox," along with the "adblock plus" addon, you could ad "nav-links.com" to a custom blocklist, in "adblock plus"..


  2. cers0001, first, look in windows "add/remove" to see if any toolbars are listed there and uninstall them, unless they are toolbars that you want installed..

     

    then use "adwcleaner" and "junkware removal tool" to remove the "scumware" on your computer:

     

    here is a link for "adwcleaner" :

     

    http://general-changelog-team.fr/en/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner

     

    here is a link for "junkware removal tool" :

     

    http://thisisudax.org/

     

    when you run "junkware removal tool", it will generate some files which apparently are used for undo-ing any changes that are made, if necessary.. you can just delete those..

     

    you also could run a scan with "malwarebytes" :

     

    here is a link for downloading "malwarebytes" :

     

    http://www.filehippo.com/download_malwarebytes_anti_malware/

     

    another useful program which you could run a scan with is "hitmanpro" :

     

    http://www.surfright.nl/en/products/

     

    eset's online-scanner is another program that you could run a scan with:

     

    http://www.eset.com/us/online-scanner/

     

    there are other free programs that you could use to run scans with, from kaspersky, emsisoft, microsoft, sophos..

     

    if you want further assistance, you could ask for help in one of the forums where "experts" help people with removing malware-infections.. two of those are "geekstogo" and "bleepingcomputer" :

     

    http://www.geekstogo.com/forum/forum/37-virus-spyware-malware-removal/

     

    http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

     

    there are several other similar forums where "experts" help people with removing malware-infections.. one other one is "techsupportguy" :

     

    http://forums.techguy.org/54-virus-other-malware-removal/

     

    one website that has information about removing malware is "malwaretips" :

     

    http://malwaretips.com/

     

    "malwaretips.com" also has a forum where people can get help with removing malware..

     

    p.s. you could post the logs from when you run "adwcleaner" and "junkware removal tool" to show us what they find.. i would like to know which "scumware" is generating the "intext.nav-links.com" ads..


  3. happy, i don't think it helps when all you say is that spybot is flagging something that SAS isn't flagging.. you need to post data from the spybot log-file, showing exactly what is being flagged by spybot..

     

    there could be a simple explanation for SAS's not flagging something that spybot flags, like maybe it is a spybot-false-positive, or maybe spybot is flagging something that SAS doesn't think should be flagged.. without knowing exactly what is being flagged, by looking at data from the spybot log-file, there is no telling why SAS is not flagging something that spybot is flagging..

     

    first, i am NOT an "expert" in helping people to remove malware.. i am not one of those folks who helps people with removing malware.. so, i am not saying this as someone who is knowledgable about removing malware-infections..

     

    i had never heard of "snap.do", until now.. i used google-search to pull up some information about it, just now.. maybe you have already gone to some forum to request help with removing "snap.do".. if so, that is fine.. if you haven't and you want to try to remove it yourself, i can offer some suggestions that might help to at least partially remove it..

     

    first, see if there is a "snap.do" entry in windows "add/remove", where you can run an uninstall for "snap.do".. if so, run the uninstall..

     

    second, run a scan with "adwcleaner"..

     

    third, run a scan with "malwarebytes"..

     

    forth, if you are using "firefox", look in firefox's "addons" and, if there is a "snap.do" in FF's "addons", uninstall it from there..

     

    for more advanced things that might could be done to remove "snap.do", i suppose you should ask for help with that in one of the many forums where people can get assistance with removing malware from their computers.. i will just mention one of them, which is "bleepingcomputer"..

     

    p.s. i hope that SAS won't mind my mentioning "malwarebytes"..


  4. Ok after seeing and reading so many threads here and at BBR forum

    http://www.dslreports.com/forum/r26185781-SuperAntiSpyware-SASCORE.EXE-

    about this SAS core thing.. I decided to run

    a Hijackthis exe.

    I have Windows XP home running with all the updates

    and the latest version of SUPERAntispyware 5.0

    I two have it running and was wondering also

    See image**

    B3xrX.jpg

    hayc59, what your hijackthis log is showing looks right, for SAS..

    i installed SAS build 5.x and, after installing it, "sascore.exe" was running, on my computer..

    i am running win xpsp3, the 32-bit version..


  5. there is a "sticky" post, at the top of the forum, for "submitting samples to superantispyware", but the link for downloading the utility, used for submitting samples, is not working (so i can't download the utility)..

    i need a link (that works) for downloading the utility for submitting samples to SAS..

    here is the link for the "sticky", which has the link for downloading the utility for submitting samples, but, again, the link is not working:

    https://forums.superantispyware.com/index.php?/topic/2814-submitting-samples-to-superantispyware/


  6. I have just found this stupid Trojan:Win32/Hiloti.gen!A on my desktop. I have tried scanning with latest updates and it finds nothing. I have even tried scanning in safe mode. this stupid file has like 8 rundll.exe running and if I try to kill them they come back in threes. I have found the dll file but I have tried everything to delete it even went into dos mode still shows file access denied. can some one please help I really don't want to reload windows 7.

    thanks

    what program is flagging a "Trojan:Win32/Hiloti.gen!A"? what file is being flagged as "Trojan:Win32/Hiloti.gen!A"? have you tried checking to see if it is a false-positive? to do that you could upload whatever file is being flagged to "virustotal", to see if any other programs flag the file.. here is a link for "virustotal":

    http://www.virustotal.com/


  7. nedra, you need to get the specifics about what the supposed 36 "spywares" were that, supposedly, were missed by SAS..

    the 36 "spywares" could have been nothing more than 36 third-party cookies, which you pick up every day when surfing the internet.. or, the tech guy could have been using some bogus program that falsely reported finding 36 "spywares" that didn't really exist.. or, you could have had a nasty rootkit infection, among other things.. we don't know..

    since the computer has gone to the shop there is no way, now, to check out what the situation was.. all we know is that the guy at the shop said that there were 36 "spywares" on your computer..

    i can unnderstand your wanting to get your computer fixed, sending it to the shop.. i, myself, am in a spastic mode when i have computer problems.. however, you could have tried contacting SAS's "support" and letting them run diagnostics on your computer, to see what the problem was..

    in my opinion, it is not necessary to send a computer to the shop for software problems.. "reformatting" is pretty simple, and your computer manufacturer's "support" could have helped you with doing it if you felt like you needed help with it.. "reformatting" is time comsuming, but, still, it is time consuming whether you do it yourself or the guy at the shop does it..


  8. check to see if you have the latest version of SAS installed..

    if you are running an old version of SAS, that could be the problem..

    if you already have the current version of SAS installed and you are experiencing the problem where it is not removing the malware that it flags, i think you should contact SAS's "support" so that they can run diagnostics on your computer, to see what the problem is..


  9. Hi redwolfe.. Shouldn´t in this case, avast do not detect Eicar either?

    hey :) after taking a second look at your post, i am editing my reply.. no.. the explanation is that avast's "guard" will flag files "on access".. SAS's guard only flags files "on execution".. so avast's "guard" will flag the eicar.com test file just by "mousing over the file", without executing it.. SAS's "guard" will not flag the file unless it is executed..


  10. I downloaded the Eicar.com and S.A.S. real time protection never warned about it when I tried to run it

    hey diazruanova.. you probably have "NTVDM" disabled, on your computer.. the eicar.com test file will not run when "NTVDM" is disabled and that is why SAS did not flag it when you tried to run it..

    here is a link to a related MS technet article, where it mentions disabling "NTVDM" as a workaround:

    http://www.microsoft.com/technet/security/Bulletin/MS10-015.mspx

    i also have "NTVDM" disabled, on my computer.. on my computer, running win xpsp3-home, i use this regkey to disable "NTVDM":

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat]

    "VDMDisallowed"=dword:00000001


  11. hunter, you can test to see if SAS is functioning properly, if you want to..

    i would use the "trojansimulator" to test SAS, but you could use the "eicar.com" test file, as well..

    to test SAS download either the "trojansimulator" or the "eicar.com" test file and doubleclick on them to try to run them.. SAS, with its realtime-protection, should flag the file and block it from running, and you will see an "alert" pop up saying that SAS has blocked the file from running..

    here are links for the "trojansimulator" and the "eicar.com" test file:

    http://www.misec.net/trojansimulator/

    http://www.eicar.org/anti_virus_test_file.htm


  12. i don't think there was a problem with the SAS uninstall that you ran.. you said all the SAS files, in "c/program files", were removed, when you ran the uninstall.. just because the uninstall seemed instantaneous, that doesn't mean that there was a problem with it.. some programs are like that, when you run the uninstall.. it is not what you normally see, but, none the less, that is the way that some uninstallers work..

    as for some SAS regkeys being leftover, in some places, after the uninstall, that also is not uncommon..

    i have had problems with uninstalling SAS, before, in the past, where some SAS files were leftover, in "c/program files", after having run the uninstall, but i would just delete those files and that was that..


  13. i suppose that mcafee disabled the "windows security center" settings because it has its own "security center" instead..

    i wouldn't worry about the windows security center's settings being disabled.. i would add the detections to SAS's "always allow" so that the detections will be ignored when running scans in the future..

    if you are using mcafee's firewall, i would disable the "windows firewall".. it is not good to run two firewalls, together, at the same time..

    you could check with mcafee's "support", or in the mcafee support forums, to verify that the mcafee program disables the "windows security center" settings..


  14. i mentioned this in another thread but i too sometimes see a message about SAS's process's not closing when i am logging out of an account or when i am shutting down my computer.. it doesn't happen all the time, but sometimes..

    like joel said, i just don't worry about it.. eventually the process gets closed..


  15. ohmega, are you running SAS-PRO, with realtime-protection? if you are not running SAS-PRO, with realtime-protection, there is no need to have SAS running in real-time, with its icon running in the systray..

    i am running SAS-PRO, with realtime-protection, and, sometimes, when i am logging out of a user-account, or when i am shutting down my computer, SAS hangs, where i get a message saying the SAS process is not closing.. it doesn't really cause a problem for me so i don't worry about it.... eventually the SAS process gets closed..

    best settings? if you are running SAS-PRO and you want to take advantage of SAS's realtime-protection, you should have SAS enabled to run at startup and to show the icon in the "system tray"..

    if you don't want SAS to run in real-time, with realtime-protection, you should disable "run at startup", and disable "show icon in system tray", as well..


  16. check to see if you are using the latest verion of SAS.. the latest build is 4.41.. if not, try uninstalling the version that you have and installing the latest version and see if that makes a difference.. otherwise, i don't know what the problem might be.. you could try contacting SAS's "support" and see if they can help by running some diagnostics on your computer..


  17. siliconman is right.. SAS is not a replacement for a antivirus program.. running SAS together with an AV program compliments the AV program, "another layer of defense", as they say.. SAS might catch things that your AV program doesn't catch.. SAS is intended to be run along with your AV program..

    however, it there is a problem with running SAS along with your AV program, where you can't run SAS along with your AV program (it is possible that that could happen, with some AV programs), then i would opt to run the AV program and to not run SAS, if i had to choose between one or the other, since an AV program is intended to cover a wider range of malware..

×
×
  • Create New...