Jump to content
sandybeach

Newest Vers. Doesn't Find EICAR & Troj.Siml.

By sandybeach, in General Questions

Recommended Posts

sandybeach   

sandybeach
Posted

Running Win XP Home SP2 on HP Laptop. Have had SAS Personal installed from new w/ various newer versions installed.

Al versions in the past have always been able to find my multiple copies of EICAR V1 & V2 plus 2 copies (1 zipped)

of Misec's Trojan Simulator. Nicely indicated EICAR "not a threat" & listed Troj. Simulator (TSServ) as unknown.

This is how I check that my protectors are not corrupt & working properly. Of course I leave check boxes unchecked so they'll be found again on next full scan.

Yesterday, I chose to update the SAS program to latest version via updater online rather than to download full version, uninstall older & run SAS un-installer & then start from scratch as I have in the past. ALL active protection was disabled during this process and seemed to install without problem.

Next full scan SAS found a pair of notify -disabled but completely MISSED EICAR & TSServ.exe .

Can anyone tell me why??

ALSO: Will older versions of SAS (say 4.3x 4.5x) still be able to update using older built in updater after v.5 arrives?? I suspect older OS's won't get on w/ v.5? Thanks for your replies! Sandy

Share this post

Link to post
Share on other sites

nighthawkext   

nighthawkext
Posted

We changed the rules that detect EICAR and TROJAN SIMULAR from notify to remove. Is it possible that you removed those from your machine on a previous scan?

Version 5 will be compatible with all of the same OS and service packs as Version 4.

Share this post

Link to post
Share on other sites

sandybeach   

sandybeach
Posted

We changed the rules that detect EICAR and TROJAN SIMULAR from notify to remove. Is it possible that you removed those from your machine on a previous scan?

Version 5 will be compatible with all of the same OS and service packs as Version 4.

Thanks for your reply, nighthawkext! I have SAS set to "Report Only" in all scan modes as far as I know.

That's my standard for scanners in case of False Positives. NOTE: SAS has been VERY GOOD about NOT finding FPs! (Take THAT AVG!!! LOL!)

Would that rule change over ride those settings & remove in the background anyway??

Mind you my VIPRE A/V did report (under errors) that some of the EICARS & TS's were

"corrupt" in latest scans which had me wondering.... Perhaps I should delete current & download fresh copies.

Thanks for re-assurance re new updating & older OS's !!

Thanks for your time & wisdom! Sandy

Share this post

Link to post
Share on other sites

nighthawkext   

nighthawkext
Posted

The only way SAS would detect and remove those files without your input would be if you had real time running in the pro version and ran eicar or trojansim. My guess is that, if they are still on your machine, that they are corrupted somehow.

Thanks

Don

Share this post

Link to post
Share on other sites

sandybeach   

sandybeach
Posted

Thanks For That, Don! Good to Know! Guess I'll check it out further (likely download fresh)!! Keep the Faith!! Sandy

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing
×
×
  • Create New...