Jump to content
Troels

problem in bartpe

Recommended Posts

The new kernel driver saskutil.sys is causing BSOD when you lanuch SAS 4.1. :shock:

For now we have removed the driver file from the plugin, but I assume that it means lower detection of malware etc.

the old saskutil.sys didn't cause any probs.. can you fix this issue?

Regards

Troels

Share this post


Link to post
Share on other sites
The new kernel driver saskutil.sys is causing BSOD when you lanuch SAS 4.1. :shock:

For now we have removed the driver file from the plugin, but I assume that it means lower detection of malware etc.

the old saskutil.sys didn't cause any probs.. can you fix this issue?

Regards

Troels

What is the exact issue - meaning send me the MINIDUMPS.

Share this post


Link to post
Share on other sites

I have posted on a bartpe forum to get info on MINIDUMP files... I will return with more info soon... I hope :wink:

- Troels

Share this post


Link to post
Share on other sites

A member in our forum is reporting the same. 4 dump files over the past 2 days confirm that SASKUTIL.sys is causing the crash. I would attach files, but I see no way of doing this.

Share this post


Link to post
Share on other sites
A member in our forum is reporting the same. 4 dump files over the past 2 days confirm that SASKUTIL.sys is causing the crash. I would attach files, but I see no way of doing this.

Are the mini-dump files being generated? If so, e-mail them to nicks AT superantispyware.com and we'll check them out right away.

Is there a procedure we can use to reproduce this problem?

Share this post


Link to post
Share on other sites

did you manage to reproduce this error??

is SASKUTIL.SYS really needed anyway??

Regards

Troels

Share this post


Link to post
Share on other sites

don't bother... we have switched to the A-Squared command line based scanner v3.5, it is built for such a purpose as BartPE...

Regards

Troels

Share this post


Link to post
Share on other sites
don't bother... we have switched to the A-Squared command line based scanner v3.5, it is built for such a purpose as BartPE...

Regards

Troels

Don't be rude - we are in the process of determining what the problem is with BartPE and SASKUTIL. I believe SUPERAntiSpyware will provide better removal and detection than the other option you are selecting.

Share this post


Link to post
Share on other sites

Sorry.. didn't mean to be rude. I am looking forward to your test results.

Regards

Troels

Share this post


Link to post
Share on other sites

Posted: Fri May 30, 2008 9:19 pm Post subject:

--------------------------------------------------------------------------------

I can't get MINIDUMP files because drwatson32 does not dump anything in bartpe, but I can give you the STOP error message, I hope that helps... thanks for helping us out.

http://imageupload.com/~imageupl/show.p ... h.JPG.html

After i click on that jpg i got this from nod32.

8/06/2008 14:58:03 HTTP-filter bestand http://www.dir4you.org/6/testasd/OP.class Java/TrojanDownloader.OpenStream.NAB trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:03 HTTP-filter bestand http://www.dir4you.org/6/testasd/OP.jar Java/TrojanDownloader.OpenStream.NAB trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:03 HTTP-filter bestand http://www.dir4you.org/6/testasd/OP.jar Java/TrojanDownloader.OpenStream.NAB trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:03 HTTP-filter bestand http://www.dir4you.org/6/testasd/animan/class.class Java/TrojanDownloader.OpenStream.NAC trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:03 HTTP-filter bestand http://www.dir4you.org/6/testasd/animan/class.class Java/TrojanDownloader.OpenStream.NAC trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:02 HTTP-filter bestand http://www.dir4you.org/6/testasd/animan.class Java/TrojanDownloader.OpenStream.NAC trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:58:02 HTTP-filter bestand http://www.dir4you.org/6/testasd/animan.class Java/TrojanDownloader.OpenStream.NAC trojaans paard verbinding verbroken - in quarantaine geplaatst FRGT4156-B0D6E8\Hoofdaccount Bedreiging gedetecteerd bij verkrijgen van webtoegang door programma: C:\Program Files\Internet Explorer\iexplore.exe.

8/06/2008 14:57:58 Real-timebeveiliging van bestandssysteem bestand C:\Documents and Settings\Hoofdaccount\Local Settings\Temporary Internet Files\Content.IE5\S00F1EAO\testasd[1].htm JS/TrojanDownloader.Psyme.NCX trojaans paard opgeschoond door te verwijderen (na de volgende herstart) - in quarantaine geplaatst NT AUTHORITY\SYSTEM Gebeurtenis opgetreden bij nieuw bestand dat is gemaakt door programma: C:\Program Files\Internet Explorer\iexplore.exe.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...