Jump to content
Sign in to follow this  
Lan Moore

Malware preventing update?

Recommended Posts

Is this possible? A few days ago some kind of malware or something started to attack my computer trying to act like some kind of security scan, I was able to stop it before I finished but after it I was unable to update SuperAS and my yahoo can't connect to the internet either. It seems like both thing it's the firewall but the firewall does have them on the allow list, any advice or help or could it not be the malware?

Share this post


Link to post
Share on other sites

Yes, it is very possible.

What version of SAS are you running? The latest version is 4.31.1000.

1. Close down SAS

2. Go to START>All Programs>SuperAntiSpyware and select "SuperAntiSpyware Alternate Start". This will start SAS under a different name to try to fool the malware.

3. Once SAS has started, try to run an update.

4. Run a full scan of your system and let it quarantine what it finds.

5. Then boot your computer into SAFE MODE and run another Complete Scan of your system with SAS. Let it quarantine what it finds.

6. Reboot back into Normal Mode

7. Run another update. Does it work now? If not, proceed to 8 below.

8. Go to the link below and download the special uninstaller for SAS. Save it on your desktop.

viewtopic.php?f=2&t=1453

9. Close down SAS

10. Run the special uninstaller SASUNINSTAL.EXE. It will reboot your computer.

11. Then re-install SAS. Be sure to re-install the latest version of SAS V4.31.1000.

Does the update now work?

Share this post


Link to post
Share on other sites

No the alternate start doesn't work, it's not just targeting SAS like I said, some reason Yahoo can't access either and maybe other programs but I'm not sure.

Share this post


Link to post
Share on other sites

I'm running windows XP Professional version 2002 Service pack 3. I can only save the file because I'm running Firefox, I tried using internet explorer but IE isn't working, it says that it is probably the firewall but again, I had just told the firewall that it was safe after it prompted me but it still can't connect, chrome seems to work but won't let me just run it and Opera can't connect either.

Share this post


Link to post
Share on other sites

Below is a link to a special removal tool named Combofix.exe. Follow the instructions on this website, download and run this tool.

http://www.bleepingcomputer.com/combofi ... e-combofix

IF you feel uncomfortable running Combofix.exe, it is best that you contact SAS customer support per the link below and let the SAS gurus work with you on this problem.

https://www.superantispyware.com/precreateticket.html

If you run Combofix.exe, post the Combofix log back here for review. Also try your browsers and see if they now work and let us know.

Share this post


Link to post
Share on other sites

Combofix.exe is finding two firewalls active

FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

It is not good to have 2 firewalls active. Disable one or the other and see if you can connect to Yahoo. In the one that you keep active, be sure that it is not blocking Yahoo.

And you have 2 antivirus programs running active

You need to either remove COMODO Security Suite or remove ZoneAlarm & Avast.

AV: avast! antivirus 4.8.1351 [VPS 091130-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

Again it is not good to have 2 Antivirus programs active.

Also you should now delete Combofix from your computer.

1. Go to START>Run and type in Combofix /u (note the space before /u)

2. Click on OK and let Combofix remove itself.

Share this post


Link to post
Share on other sites

yes I added COMODO after every thing was being blocked just to make sure that it wasn't Zone Alarm, I deleted it last night every thing seems 100% again, some of my stuff was changed but nothing major, yahoo is working though and I think combofix is uninstalled now.

Share this post


Link to post
Share on other sites

Very good.

You may want to check the built in Windows Firewall and make sure that it is not turned on. Most of the time when you uninstall third party firewalls, they will re-activate the Windows Firewall.

If the Combofix.exe icon is gone from your desktop, then Combofix uninstalled itself.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...