Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by redwolfe_98

  1. spencer, by now, your probably have found help with removing the malware and repairing your computer.. when you say that you are not able to download the SAS program, i am thinking that maybe your HOSTS file has been hijacked.. to fix that you need to restore your HOSTS file.. i just wasn't sure what to tell you, to do that.. with win xp, it would be simple, download "hostsxpert", from "funkytoad", then use the option to restore the default HOSTS file.. with windows vista, or windows 7, i am not sure what it would take to restore the HOSTS file.. if you can manage to do it, you could try renaming the HOSTS file to "NOHOSTS".. you can find information about working with the HOSTS file at this website: http://www.mvps.org/winhelp2002/hosts.htm
  2. i don't think they are seeing a "splash screen".. their screenshot does not look like a "splash screen".. what they are seeing is SAS's GUI and that is because they have SAS set to run at startup.. if you don't want SAS to run at startup, so that you then won't see SAS's GUI at startup, untick the box "start superantispyware when windows starts".. on the other hand, if you are using SAS-PRO and you want SAS's "guard" to run in realtime, leave "start superantispyware when windows starts" checked and you also need to "check" the box for "show superantispyware icon in the system tray".. (you also need to have the box for "enable real-time protection" checked, if you want SAS to run in realtime, with realtime-protection).. in other words, if you want to run SAS in realtime, with realtime-protection, you will have to have SAS's icon showing in the "system tray".. as we see, when "show superantispyware icon in the system tray" is enabled, the GUI does not pop up when SAS is started.. when "show superantispyware icon in the system tray" is not enabled, SAS's GUI pops up, when SAS is started..
  3. hey butch.. sorry i didn't reply sooner.. i started to reply, earlier, but cancelled it.. SAS will not block malware from being downloaded, but, if a malicious file tries to run, SAS will block it from running, if it is covered by SAS's malware-definitions.. i don't know what you are seeing when you run a scan with SAS.. you could post a SAS scan-log if you want to.. if the same malware keeps being regenerated on your computer, after SAS removes it, it is possible that you have a rootkit that SAS is not removing and that the rootkit is regenerating malicious files or that it is downloading malicious files..
  4. ziggystardust, listen to what "superantispyware" is saying: if you have an infection that SAS is not properly removing, contact their "support" so that they can run diagnostics and see what the problem is.. then they can add the routine for properly removing the malware once they see what needs to be done.. maybe that seems like a lot of trouble to you and if you don't want to do that, that is fine.. but it would benefit everyone who uses SAS if you would do that..
  5. SASCore.exe is not running on my computer and i am wondering if it is supposed to be running? i am running SAS-pro build 4.40, in realtime, with win xpsp3..
  6. is there a changelog for SAS 4.40.1002? i saw the notes for the pre-release version of SAS 4.40.1002..
  7. i noticed that one of SAS's drivers, "SASENUM.SYS", is not running on my computer and that it is not registered in windows' "registry".. i don't know if this is a problem, or not, but i am thinking that it is a problem.. the SASENUM.SYS" file is in SAS's folder, in c/program files/superantispyware, however it does not appear to be registered in windows' "registry".. i use a program that displays drivers, and whether-or-not they are running, and it doesn't show "SASENUM.SYS" as existing, apparently because it is not registered in windows' "registry".. sysinternals' "autoruns" program also does not show the "SASENUM.SYS" file as existing, apparently because "SASENUM.SYS" is not registered in windows' "registry".. here is a link to sysinternal's "autoruns" program, in case someone is not familiar with it: http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx i don't know what "SASENUM.SYS" is for.. what is "SASENUM.SYS" for, and should it be registered in windows' registry, and "running"? SAS's "SASDIFSV.SYS" and "SASKUTIL.SYS" drivers are registered in the registry and running.. i am running SAS-pro build 4.39.1002..
  8. Cool! Cool! Cool! SAS fixed things to where it properly handles the trojansimulator file, "trojansimulator.exe".. thanks very much, SAS.. i contacted SAS support, before posting about this issue in the forum, and they said that they would take care of it, but i wasn't sure that they would, which is why i posted about it in the forum, but they did.. thanks!
  9. bilvihur, i guess we are just saying how we would go about uninstalling SAS.. like i said, i have never tried using the uninstall utility.. i am glad that you posted about the problems that you had with the uninstall utility, and i was sorry that it caused problems for you..
  10. i need for SAS to flag test files so that i can verify that the program is functioning properly on my computer.. i recommend that SAS use the eicar.com test file and the "trojansimulator" files for test files.. however, i cannot use the eicar.com test file because i have "NTVDM" disabled on my computer, so the eicar.com test file will not run at all on my computer, so i can't use it for testing.. so, i need for SAS to properly handle the "trojansimulator" files, for testing.. right now, SAS flags one of the trojansimulator files, "trojansimulator.exe", but it does NOT prevent the file from running, even though SAS's guard flags the file.. i assume that this is not because SAS does not function properly, on my computer, but is because SAS does not currently have the proper malware-definitions for handling the "trojansimulator.exe" file.. if SAS ever arranges for SAS to flag test files, i need to know so that i can test SAS to see if it functions properly on my computer.. first i need to know that SAS will properly handle a test file, like the "trojansimulator" files.. then, if i see that SAS does not properly handle the files, i will know that SAS is not functioning properly on my computer.. regardless of what SAS thinks, i need for SAS to flag test files so that i can verify that SAS functions properly on my computer.. if SAS does not function properly, on my computer, i want to know about it.. there is no point in my running SAS on my computer if i can't verify that it is functioning properly and i need for SAS to flag test-files in order for me to be able to do that.. in the past, through using test files, i have found, at times, that "trojanhunter" was not functining properly, that "BOClean" was not functioning properly, and, most recently, that "prevx" was not functioning properly.. with "trojanhunter" and "BOClean", i was able to track down the problem, with help from kevin mcaleavey, of BOClean.. with prevx, i just know that it doesn't function properly (on my computer) when run together with the "antivir" antivirus program.. i want to know if the "antivir" antivirus program causes all antimalware programs, like SAS, for example, to not function properly.. that is why i want to be able to test SAS, to see if it will function properly when run together with the "antivir" antivirus program.. there is more to it than just seeing that the antimalware program is running.. in all these cases, the programs appeared to be running normally, they just didn't flag malware the way that they were suppose to..
  11. i kind of agree with siliconman.. if i was uninstalling SAS, i would run the uninstall, from "add/remove", reboot, then delete any SAS files that were leftover.. i also would try to remove any SAS regkeys that were leftover, if there were any.. i have never used the SAS uninstall utility.. if i was going to use it, i still would run the uninstall from "add/remove" first and then run the uninstall utility.. i think that, if you are going to use the uninstall utility, you should use the latest version of it..
  12. kittie, maybe you can use windows' "system restore" to restore your computer to where you were able to copy-n-paste files..
  13. my 2 cents.. y'all can say it is a "hardware problem", but i have had programs cause problems with my computer to where my hardware would not function properly, because the program screwed something up, where reformatting and, sometimes, having to clear the NVRAM, as well, straitened out the problem.. so it wasn't that the hardware failed except that the program screwed something up to where the hardware would not function properly.. i just want to say again that sometimes it takes more than simply reformatting to restore a computer.. sometimes you have to clear the NVRAM, as well.. i wanted to mention that for those who are having problems.. rusty, i don't know what you would have to do to clear the NVRAM.. it depends on the computer.. however, even without being able to use the keyboard, you should be able to access the bios settings and adjust the settings, there, if you know how to boot to the bios screen.. you don't use your keyboard when adjusting bios settings.. so, once you get to the bios settings, you should be able to adjust the boot-sequence, so that your computer can boot from the cd-rom drive, if you move it up in the sequence.. i set my computer to boot from the floppy drive first, the cd-rom drive second, and the harddrive 3rd..
  14. bilvihur, i didn't realize that the problem that you had was caused by SAS's uninstaller, their uninstall "utility".. i thought the problem occured when the SAS program was updating itself, like from build 4.38 to build 4.39.. bilvidur, i can understand your not wanting to use the uninstall-utility again, however you should be able to uninstall SAS manually, without using the uninstall-utility.. just delete the SAS files and regkeys.. i uninstalled SAS today, just to see if it would uninstall properly, and it did..
  15. another program that you could try scanning with is "malwarebytes".. here is a link for downloading it: http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html if you want "expert" assistance with removing the malware from your computer, there are forums where "experts" help people with removing malware from their computers.. here are links to a few of them: http://www.dslreports.com/forum/cleanup http://www.bleepingcomputer.com/forums/forum22.html http://forums.malwarebytes.org/index.php?showforum=7
  16. francois, you could try uninstalling SAS and then reinstalling it and see if that makes a difference..
  17. just for the record, i am not seeing the same problem.. "superantispyware.exe" is only using 359 "handles", on my computer.. i am running SAS-pro build 4.39.1002, fully up-to-date, with realtime-protection enabled, and win xpsp3..
  18. i would try contacting SAS's support, again..
  19. were you running "internet explorer"? "activex" is not compatible with "firefox", if you were running firefox.. maybe you should contact SAS's "support" for some personal assistance from them? another option would be to go to a forum where people help others with removing malware from their computers.. i don't see a sub-forum like that here, as part of this forum.. there are various forums like that.. one is at "dslreports.com", "security cleanup".. another one is at "bleepingcomputer.com".. here are links for those: http://www.dslreports.com/forum/cleanup http://www.bleepingcomputer.com/forums/forum22.html have you tried doing a scan with the "malwarebytes" program? it might find something that SAS missed, that might help to solve the problem that you are having.. the malwarebytes forum is another place where you could ask for assistance with removing malware.. here is a link for it: http://forums.malwarebytes.org/index.php?showforum=7
  20. you could try booting into "safe mode" and then restoring the items that were quarantined and see if you are then able to login to windows.. of course, then you will need to start over with removing the malware, except do it in a way that doesn't cripple your computer.. to boot into safe mode, reboot the computer but press the "F8" key, on your keyboard, as the computer is booting up.. that should give you a DOS-looking screen where you will have the option of booting into "safe mode".. after windows starts, in safe mode, try opening SAS and restoring the quarantined items..
  21. i think you should disable SAS's realtime-protection when you are installing the gdata program.. disabling SAS's realtime-protection probably will resolve the problem..
  22. jf33, i don't think that either of the two things that you asked about, flash cookies and the security center setting, are anything to worry about.. you can adjust the windows "security center" settings by going to windows "control panel" and opening "security center".. you will see an option there for adjusting the settings for "change the way security center alerts me".. you can enable or disable the various alerts.. SAS is telling you that one of the alerts is disabled.. so, that is not malware.. it is just telling you that one of the alerts, in windows "security center", is disabled.. i don't know much about "flash tracking cookies" but they are nothing to worry about.. i assume that you use an antivirus program.. if you are not using one, you should.. if you are concerned that you might have some malware on your computer, you should scan your computer with an antivirus program.. there are many different ways that you can do that, using programs from many different vendors.. most antivirus program vendors have online-scanners that you could use, if you wanted to, to scan your computer.. there are other ways that you could scan your computer, too, using "rescue cd's", from various vendors, if you wanted to..
  23. it is not a good idea to run so many security-programs together, in realtime.. the reason is because windows can only handle having a limited number of security-programs running in realtime.. the programs might all seem to be running fine, but, if you were to test them, you could find that they, in fact, are not functioning as they are supposed to.. unfortunately, SAS does not provide for testing the SAS program, by using something like the eicar test file, so you can't test it, to see if it is functioning properly, or not.. however, maybe you can test the other programs that you have running, to see if they are functoning properly..
  24. wwman, i did a google-search for "www.3929.cn" and it pulled up many articles related to the problem.. maybe you can get some helpful information by looking at some of them: http://www.google.com/search?hl=en&q=www.3929.cn&btnG=Google+Search i know SAS tries hard to cover all the malware, but it is impossible to get it all, when there is new stuff coming out virtually every day.. so, besides doing a scan with SAS, with the latest updates, you could try doing a scan with "malwarebytes", and see if it flags anything.. even if the programs manage to remove some malware, you still could be left with some problems.. i have heard of cases where malware was removed, but there were still problems that had to be resolved, like where people's antimalware-programs still would not run, due to modifications that the malware had made.. other programs that you could do scans with are dr.web's "cureit", from "dr.web", and microsoft has an online-scanner that you could use, "onecare".. note that MS's online scanner will not run on your computer unless you use all of the default settings for IE's "security".. here is a link to MS's online-scanner: http://onecare.live.com/site/en-us/default.htm if you want expert assistance with removing malware from your computer, one place where you can get help is at DSLReports' "security cleanup" forum.. here is a link for it: http://www.dslreports.com/forum/cleanup
  • Create New...