Jump to content

EliteKiller

Members
  • Content Count

    144
  • Joined

  • Last visited

Everything posted by EliteKiller

  1. MySpace, Facebook, cracks & warez sites, etc.
  2. Check your hosts file. The only relevant entry is 127.0.0.1 localhost and everything else can be removed. If your hosts file is clean then another possibility is a Rootkit such as Seneka. Here's what I did when I encountered it last month. --> You may want to contact SUPERAntiSpy for a custom diagnostic.
  3. Didn't Trend pull out of VB100 testing since they keep failing? IMO Trend is major bloatware w/ mediocre detection capabilities.
  4. To disable it? Please explain the logic behind your suggestion. not disable - to have I do not see rootkit protection when it does a scan or does it automatically now scan for rootkits? robin SAS has been detecting and removing rootkits for quite some time. https://www.superantispyware.com/definit ... ?iDays=365
  5. To disable it? Please explain the logic behind your suggestion.
  6. Yes, the updates are cumulative.
  7. You can acquire SAS Pro w/ Lifetime updates for $19.95 if you have the free version installed and do one of the following: 1) Update it and you should receive a definition popup window with a link to upgrade 2) Uninstall it and a webpage with the coupon will appear
  8. Here's a random office pc with Vista Business 32-bit SP1. WD is turned off w/ the service disabled, and it's not listed in the SC. Notice that SAS is listed.
  9. Yahoo answers are typically filled with half-witted responses, and IMO they should be taken with a grain of salt. Ewido sold out to AVG a few years ago, and while the detection rates were somewhat respectable I never held it in high regards. Nothing is 100% on any given day, and unless someone posts logs so a malware expert can pick out the infections they are fighting an uphill battle.
  10. In regards to Avast! the free version includes adware/spyware detection and integrates into the security center. If you're referring to my post I am using Avira Premium which is the paid version with spyware/adware detection. I choose to disable Windows Defender in the program options, in addition to the service, on all of the Vista pc's I manage since it has poor detection/removal capabilities.
  11. Right-click the SAS bug in the system tray (near the clock) > view blocked spyware applications > click on the item under blocked/detected items > allow/trust item
  12. Are you using Mozy backup? http://www.pcmech.com/forum/showthread.php?t=202019 http://norton.lithium.com/norton/board/ ... d.id=13416
  13. You need more memory, especially with Avast running in the background. 1)Reboot your pc 2) Start a SUPERAntiSpyware scan and stop it 3) Now open up task manager > performance tab > what is your Commit Charge (k) peak reading? page not package In a nutshell XP sets the page file to 1.5x your system memory, and since you only have 192MB then applications look to the hard drive to make virtual memory. I recommend changing it per the directions in my previous post, however click your c: drive, then choose the option that reads "System managed size" > set > ok > apply > restart.
  14. VM low errors can be caused by several things, but typically it's a result from a small page file and/or not enough memory. In some cases a buggy app might cause a memory leak. I'd recommend letting Windows manage the page file, and if you have <1GB of ram then you may want to consider upgrading since memory is inexpensive. Windows XP 1. Click Start, right-click My Computer, and then click Properties. 2. In the System Properties dialog box, click the Advanced tab. 3. In the Performance pane, click Settings. 4. In the Performance Options dialog box, click the Advanced tab. 5. In the Virtual memory pane, click Change. 6. Change the Initial size value and the Maximum size value to a higher value, click Set, and then click OK. 7. Click OK to close the Performance Options dialog box, and then click OK to close the System Properties dialog box.
  15. Nick, are you able to reproduce this particular issue in your lab?
  16. Interestingly enough I have the same problem on my laptop running 32-bit Vista Business SP1. SAS Pro 4.21.1004 w/ real-time enabled - integrate w/ Vista security center is enabled - uninstall & reinstall no change
  17. If you had system restore enabled you can manually revert to a previous restore point. http://support.microsoft.com/kb/307545 You can skip a lot of the steps since you have the drive slaved. Basically you need to do the following: 1) gain access the System Volume Information folder 2) pick a recent restore folder - copy the 5 registry files to a tmp dir, rename them, now copy all 5 to the clipboard 3) navigate to C:\Windows\System32\Config - paste and overwrite or delete then paste 4) turn off pc, make the drive master, see if you can access XP now
  18. This theme is horrible on the eyes. The included subsilver2 theme would be more appropriate IMO. http://demo.phpbb3styles.net/subsilver2
  19. I've emailed samples to samples(.at.)superantispyware.com on a few occasions over the past week or two but never receive a reply. Is this the norm nowadays?
  20. This is a nasty rootkit that has been making its rounds. I think this rootkit part of the Rootkit.TDSServ/Fake family that piggybacks with Antivirus XP 2008 or 2009. I'm sure Nick or fcukdat could supply more accurate information. I was miffed for a while until I disabled/reboot/deleted the hidden Seneka driver in the device manager (view > show hidden devices > non-plug and play). Once you disable the driver you'll find a lot of the senekaxxx files in the system32 and one in the system32\drivers directory, plus a crapload of registry entries. SAS and SDFix were the only tools to detect and remove most of the traces related to Seneka. * Follow the advice at your own risk * 1. Open up Device Manager 2. Click 'View' and select 'Show Hidden Devices' 3. Expand the 'Non-Plug and Play' Drivers category 4. Right-click and 'Disable' clbdriver.sys, tdsserv.sys (or tdssxyz.sys where xyz.sys are random characters), and/or seneka.sys 5. Restart computer to Safe Mode 6. After restart, go back to Device Manager and right-click 'Uninstall' the above drivers 7. Reboot to Normal mode, install SUPERAntiSpyware (SAS), update, and run a quick scan. If SAS fails to install or run look here. 8. Run an ESET (NOD32) and/or F-Secure online malware scan. * If you still have signs of infection you may want to consider running SDFIX and Combofix in Safe Mode. You can also contact SAS for a custom diagnostic.
  21. Registry cleaners & registry defragmenters aren't necessary and IMO snake oil.
  22. Thanks for the heads up and all of your efforts.
  23. I noticed my workstation was acting weird this evening and here's the culprit. PC is idle with zero programs opened in the foreground. Win XP Pro SP3 GeForce 8800GT 169.44 drivers Avira Premium 8.1.0.367 SAS Pro 4.21.1004
  24. I'm in the same boat. Customers can call me when they have a question or problem unless I just happen to be doing a follow up. Robin, do you sell you customers a full maintenance contract? I've come across several of your posts over the past year and IMO you spend copious amounts of time holding your customer's hands. Babying them is counterproductive. Just my $.02 cents since I'm a tech/consultant......
  25. SAS Pro 4.20.1046 Vista Business SP1 onboard nvidia geforce 6100 w/ 100.70 drivers system is idle
×
×
  • Create New...