Beauregard T. Shagnasty wrote:
> Buffalo wrote:
>
>> The program I installed from Ascentive had a different name and it
>> was described as a product that would increase the performance of
>> your computer.
>
> I had a look at the finallyfast.com web site several weeks ago, after
> seeing their TV commercial, the one with the guy whose hair is blowing
> straight back. The whole deal reeks of a scam. One of the prime
> reasons is the web site (or the commercial) *do not* mention the
> price anywhere I could find.
>
> In part, it says:
>
> "ActiveSpeed can make your Internet connection run up to 375% faster."
>
> Yeah, right. What is 375% of a 56Kb dialup? I also send their
> download file to Jotti, and some of the tests listed it as a trojan.
> That could be because it is an 'installer' but who knows?
>
>> Since I have the paid version of SAS and NSW and the free version of
>> Avira, and SpywareBlaster and the free version of MBAM ...
>
> It is sad that all of those products are necessary to keep your
> Windows PC relatively free of malignant tumors - and that's only for
> the more aware users. The rest live in a sewer. A couple of years
> ago, I got tired of all the hassles and simply dumped Microsoft
> Windows. Life is much more relaxed now.

True.
I did do some research on Ascentive LLC and it sure sounds like a ripoff
company.
I am glad that I used Total Uninstall to monitor the install. The program I
installed was called SpeedScan_setup.exe.
I guess that if I had MBAM Pro, it would have alerted on that program (not
true, see below unless it would have during the execution on that setup
file). SAS Pro still does not alert on it, at least on sysrestore.dll.
Of course, VirusTotal also did show any hits on that particular file.
I just dl'd that setup file again and MBAM checks it as OK, as does Avira
Free,Norton, and SAS.
No, I will not use it, I just wanted to see if the setup.exe file contained
the problem .dll. The setup file is 10463kb.
VirusTotal had 2 hits on the setup.exe file but still none on the
sysrestore.dll file.
eSafe----suspicious file
Nod32--Win32/Adware.Ascentive

I guess the sysrestore.dll file gets created (or unhidden) during the setup
procedure.
No more trying speedup programs that are not recommended by others I trust.

I will delete that setup file and I will keep the
winnit\system32\sysrestore.dll in MBAM's quarantine in case I wish to
analayze it further.