Jump to content

poutnik

Members
  • Content Count

    24
  • Joined

  • Last visited

Everything posted by poutnik

  1. Hmm, so what is recommended temporary AS solution for Vista x64 ?
  2. Hm, but this is a security leak. What if I am a spy, trying to realize what is on your to do list ? joking
  3. It could be useful to have on the background scanning to avoid disturbing user work or time critical processes.
  4. In fact, there 2 detected files, main exe hwinfo, and one of its several helper utilities. Scanned again with latest update: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 04/15/2008 at 07:09 PM Application Version : 4.0.1154 Core Rules Database Version : 3438 Trace Rules Database Version: 1430 Scan type : Quick Scan Total Scan Time : 00:00:01 Memory items scanned : 0 Memory threats detected : 0 Registry items scanned : 0 Registry threats detected : 0 File items scanned : 16 File threats detected : 2 Trojan.Fake-Drop/Gen S:\ARCHIVY\CDRW\HWINFO\HWINFO.EXE S:\ARCHIVY\CDRW\HWINFO\UTILS\GETSMBUS.EXE I will send both detected files to mentioned address. BTW, here is webpage with current hwinfo version, mine are quite obsolete: http://www.hwinfo.com/
  5. Yes, I did it after clicking a menu after detection. After next update it seems it still detect it. I will check it through UVNC...... still detect it after fresh update.....
  6. In my archive I have HWINFO - in its time very good DOS based HW inventory tool, years old. It is from quite well known author, making this tool for windows later. Recent update marked it as Trojan.Fake-Drop/Gen. I suppose it is false positive. Well, there was in legend that some other AS are marking innocent apps as malware to show "they works". So it could be "true positive" about the other AS tools if they are used and marked it as malware.
  7. Hi, I often use sysinternals autoruns utility to monitor startup items. Recently I have discovered SASENUM driver is not verified to be signed properly. The other 2 driver signs are verified. If none of them is, I would understand it. Many vendors do not do it, even if it is desired for security software. But if some are, and some not, it can be suspicious. So I ask, is it normal or not ?
  8. well, even if it finds nothing but 1 cookies, that I mark than as trusted, SAS makes its favorite cleaning procedure....
  9. Well, my note was aimed toward SAS software, not to you personally
  10. I will try, anyway, the original poster noticed the difference within admin account , having DDA ON/OFF, thats why have asked.
  11. Does it mean, that with DDA it scans less files, or without DDA scans some more times ? Or just count more times ?
  12. Maybe not to claim the need of reboot so alarming. Tracking cookies are not so much harmful, having them do not stand for cumputer is infected. BTW I have cookies at my admin account too, it is probably the reason of my previously reported reboot request.
  13. Who knows why they were in-use, something had them locked. Not all cookies are in-use. The message you saw was us deleting them. if only cookies are to be removed, than prior closing browsers or logging off/on could be enough to perform removal. Reboot can be unwanted if system service continuity is demanded.
  14. Word fighting is far from my primary goal, in spite of my quite significant humour sense. Keeping our admin fighting, he can miss a dangerous malware
  15. It is not a big surprice for me, because SAS looks well designed Reboot was needed just once, no relation to waiting time.
  16. Well, I am in IT since 8080/Z80 and CP/M OS. I suppose 60 or more seconds of busy CPU for removing few cookies, when no threats were found is quite a lot. The whole quarantene dbase contains nothing but 2-3 dozens of cookies. I am just curious what it is doing. It is work for 3.55 MHZ Z80 for some seconds, not for nowadays CPUs. Why there is a need of restart for cookies removal ? Or, if there is anything other to remove, why it is not displaying such an item ? I suggest taking this more like a feedback than as complains about a good product. It is a great product, or at least it seems to me being like that.
  17. When I have started to use SAS 4 free recently, It never finds anything but just few tracking cookies. Interesting is when I order to remove them ( with default quarantine option ), it displays it is stoping and removing harmful resident processes. There is a progressbar and it takes 30-60 seconds, even more. During scan itself it is quick, but removal is surprisingly slow. Last scan SAS has even said the restart is needed to have PC clean. When I did not accept immediate one, it has said a PC is still infected. Quite strange. Edit: Note that CPU is very busy by SAS process, not sure what is really doing.... The same if I just scan cookies only + temp folder in custom scan
  18. As far as I know ( cannot check here at work ) SAS has in options if it should do scanning ADS..
  19. On one side such your approach is easy understandable. On the other side, there are plenty of suggesters in all forums, given the same ideas on the same forum even multiple times. The same idea, published here, can be given in more forums simultaneously, even by the same individuals. The claiming an idea was stolen is problematic.
  20. Yes, I have contacted them. I posted last general accepted truth about software, because you seemed to me denying any idea a bug can be present in SAS, even if it is fresh product. A bug can be on both sides, generally. That took my attention more, that comodo report. I am sorry, if it was false feelings... Link to my thread in comodo forum
  21. every single piece of SW contains bugs unless it is useless one.
  22. Edit - should be : except of maxthon, it was detected also explorer.exe and services.exe and aawservices.exe
  23. Well, but could not it be just unintentional bug ? I just tried Ad-aware 2007 scan, that scans processes too, and no such report from comodo about Ad-aware.
  24. Just recently I have abandoned my loved Kerio Personal firewall 2.1.5 and tried on w2k comodo pro 2.4. When I have launched SAS free to make quick scan as background task, comodo soon realized something strange : SAS is modifying processes in momory. this time maxthon.exe like my favorite browser frontend. Next time explorer.exe and services.exe. This seems to me very suspicious.
×
×
  • Create New...