KarenR Report post Posted January 18, 2011 Bleeping computer has been helping me for other scare ware issues I was clean yesterday today at their advice to use SAS I did a full scan rogue.pallidium was found I have no log Bleeping computer wants me to re-scan thinks is false pos do I restore the infection (purported)?? and then re scan?? please advise FREE Edition many thanks Share this post Link to post Share on other sites
siliconman01 Report post Posted January 18, 2011 Restore the file. Then run SAS Update to obtain the latest core/trace definitions. Rescan with SAS and then post a scan log so that we can see what file is being detected. The scan log is found in SAS under Preferences>Statistics/Log tab. Just copy/paste the scan back here. Share this post Link to post Share on other sites
KarenR Report post Posted January 18, 2011 thank you will do Share this post Link to post Share on other sites
KarenR Report post Posted January 18, 2011 Thank you !!! RESTORED threat UPDATED NEW SCAN SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 01/18/2011 at 07:00 AM Application Version : 4.48.1000 Core Rules Database Version : 6223 Trace Rules Database Version: 4035 Scan type : Complete Scan Total Scan Time : 00:37:48 Memory items scanned : 675 Memory threats detected : 0 Registry items scanned : 10229 Registry threats detected : 0 File items scanned : 28896 File threats detected : 0 **for your interest HERE IS THE DAY BEFORE THE RESCAN AND UPDATE SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 01/17/2011 at 08:03 AM Application Version : 4.48.1000 Core Rules Database Version : 6139 Trace Rules Database Version: 3951 Scan type : Complete Scan Total Scan Time : 00:38:35 Memory items scanned : 679 Memory threats detected : 0 Registry items scanned : 10227 Registry threats detected : 1 File items scanned : 28832 File threats detected : 0 Rogue.Pallidium HKU\S-1-5-21-3886293462-2656852358-2641576973-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS#WARNONPOSTREDIRECT Share this post Link to post Share on other sites
Seth Report post Posted January 18, 2011 Go into IE's Tools-->Advanced and make sure "Warn if post submittal is redirected..." is checked. If not, check it off and click apply. Close IE, release the reg key from SAS's quarantine, then restart the computer. Now update SAS and run the scan again. If the reg key re-appears, highlight it and click on "Trust Allow Item". Share this post Link to post Share on other sites
KarenR Report post Posted January 18, 2011 thank you for help not sure if you noticed I sent you 2 scans I had a clean scan after I RESTORED the threat item and after I updated SAS the scan you may be refering your instructions is from the day before - log that found a threat I included it for your interest to compare. Share this post Link to post Share on other sites
Seth Report post Posted January 19, 2011 Ahh yes. Thanks. Share this post Link to post Share on other sites
