greengrocer Posted December 24, 2011 My son has SAS on his desktop. He hasn't used it for a while. When he did a full scan, up popped a 'Critical' which I believe stated 'False SAS'. He immediately allowed SAS to delete it. I also have SAS and even on full scans I haven't seen this Critical item. Is his machine till infected and what is 'False SAS' ? Any responses gratefully received for his and my peace of mind. Share this post Link to post Share on other sites
SAS Customer Service Posted December 24, 2011 Did he update his definitions before he scanned? The newest database version is 8087. Share this post Link to post Share on other sites
greengrocer Posted December 24, 2011 Yes he did indeed update everything before scan. However further to my query, I have just done a full scan (high boost) on my own machine and guess what popped up? tTe same Critical!. It is actually Heur.agent/Gen-FakeSAS. It appears to be a Trojan. I wonder why SAS didn't find it before it hit my machine. Share this post Link to post Share on other sites
SAS Customer Service Posted December 26, 2011 Where did you download SAS from? Are you using version 5.0.1142? Share this post Link to post Share on other sites
greengrocer Posted December 29, 2011 Have had SAS for sometime, believe downloaded from SAS or 'mirror'. Lifetime subscription and auto updates so yep, version 5.0.1142. Share this post Link to post Share on other sites
SUPERAntiSpy Posted December 30, 2011 Can you post the scan log here for review? Share this post Link to post Share on other sites
greengrocer Posted December 30, 2011 Here is a copy of SCAN Log from my machine as requested. (it's quite short and sweet!!). Unfortunately I dont have access to my sons logs. However hardlyy any of his programs tare the same as installed on my machine. He even uses different browsers.. SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 12/24/2011 at 05:16 PM Application Version : 5.0.1142 Core Rules Database Version : 8087 Trace Rules Database Version: 5899 Scan type : Complete Scan Total Scan Time : 01:00:47 Operating System Information Windows XP Home Edition 32-bit, Service Pack 2 (Build 5.01.2600) Administrator Memory items scanned : 547 Memory threats detected : 0 Registry items scanned : 39172 Registry threats detected : 0 File items scanned : 75686 File threats detected : 19 Adware.Tracking Cookie C:\Documents and Settings\Mike\Cookies\mike@ad.yieldmanager[2].txt [ /ad.yieldmanager ] C:\Documents and Settings\Mike\Cookies\mike@adtech[2].txt [ /adtech ] C:\Documents and Settings\Mike\Cookies\mike@apmebf[1].txt [ /apmebf ] C:\Documents and Settings\Mike\Cookies\mike@atdmt[2].txt [ /atdmt ] C:\Documents and Settings\Mike\Cookies\mike@bs.serving-sys[1].txt [ /bs.serving-sys ] C:\Documents and Settings\Mike\Cookies\mike@c.atdmt[2].txt [ /c.atdmt ] C:\Documents and Settings\Mike\Cookies\mike@clickfuse[1].txt [ /clickfuse ] C:\Documents and Settings\Mike\Cookies\mike@doubleclick[1].txt [ /doubleclick ] C:\Documents and Settings\Mike\Cookies\mike@fastclick[2].txt [ /fastclick ] C:\Documents and Settings\Mike\Cookies\mike@h.atdmt[2].txt [ /h.atdmt ] C:\Documents and Settings\Mike\Cookies\mike@invitemedia[2].txt [ /invitemedia ] C:\Documents and Settings\Mike\Cookies\mike@matalan.122.2o7[1].txt [ /matalan.122.2o7 ] C:\Documents and Settings\Mike\Cookies\mike@mediaplex[2].txt [ /mediaplex ] C:\Documents and Settings\Mike\Cookies\mike@serving-sys[1].txt [ /serving-sys ] C:\Documents and Settings\Mike\Cookies\mike@specificclick[1].txt [ /specificclick ] C:\Documents and Settings\Mike\Cookies\mike@tracking.onefeed.co[1].txt [ /tracking.onefeed.co ] C:\Documents and Settings\Mike\Cookies\mike@zedo[1].txt [ /zedo ] Heur.Agent/Gen-WhiteBox C:\DOWNLOADS\4_ELEMENTS-SETUP.EXE Heur.Agent/Gen-FakeSAS C:\WINDOWS\INSTALLER\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\ICONCDDCBBF1.EXE Share this post Link to post Share on other sites
