Author Topic: Why some hesitate about using SAS?  (Read 14275 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Why some hesitate about using SAS?
« on: February 25, 2008, 11:19:39 PM »
Hi malware fighters,

As we see from preliminary anti-malware routines some anti-malware schools/camps have their victims use Super Anti Spyware :
http://www.geekstogo.com/forum/Must-Read-Before-Posting-Hijackthis-Log-t2852.html

http://forums.majorgeeks.com/showthread.php?t=139313

I know of others that have not taken it up in their list of advised anti-malware scanning programs, because they do not like the way the program is being presented (mild way of wording this).
Sometimes programs that had a bad record once, have to sit in the waiting room quite some time, because people do not trust them or something about them anymore.

I saw a similar change of mind on an anti-spyware forum considering Hitman Pro. They made a 180% turn on it. First everybody used it, special forum section, then it was dropped and people were warned against using it. It was just like in a certain religion, the subject went anathema overnight....

I am one of those who think it is of the utmost importance to establish what kind of malware(s) has to be tackled in the anti-malware routine, to find a description of a proven anti-malware routine for a similar case, better even a description of a manual cleansing routine or a special tool designed against this particular malware, else a combination of tools and measures.

After this has been established we can take other measures like scanning, running in safe mode, going back to full admin rights to run certain tools, blocking certain real time protection that interferes with the cleansing etc. Always to be followed at the end with an advise how the victim can prevent re-infection with a "How was I infected in the first place"-kind of story,

What are your views,

polonus
anti-malware fighter
« Last Edit: February 25, 2008, 11:25:29 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Why some hesitate about using SAS?
« Reply #1 on: February 25, 2008, 11:46:17 PM »
I believe SAS was on the rogue list a few years back - but they have now got their act together and have produced a good tool.  How long for who knows, but while it works I will use it. 

Personally I like to see what the system has on it and so would use an analysis tool like DSS or if I know the infection then Combofix which as you know has an analysis section as well.  If there are obvious malware files evident from the HJT I would hit them first before anything else to try and cripple the malware  and keep the re-inforcements at bay. 

But every analyst has their own way of attacking infections and this is just my prefered method.  Plus I generally tend to go for manual cleaning after I have used the tools as they will sometimes miss something
 

sanctuary24

  • Guest
Re: Why some hesitate about using SAS?
« Reply #2 on: February 26, 2008, 12:16:57 AM »
so SAS used to be a rouge program :o, what made them change and become a widley used Antispyware tool?

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Why some hesitate about using SAS?
« Reply #3 on: February 26, 2008, 12:34:45 AM »
Hi sanctuary24,

Here we present the programs with a license to kill spyware (with test results):
http://www.webgrid.co.uk/?m=Articles&id=9#sas
And yes, SAS is now one of them. I guessed the program was considered rogue once because of the aggressive way it was presented, and some still think it is not completely without,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

CharleyO

  • Guest
Re: Why some hesitate about using SAS?
« Reply #4 on: February 26, 2008, 07:16:04 AM »
***

I also notice Spyware Terminatior is on the list. But, this part is incorrect ...

Quote
nstallation

Upon installation (through Total Uninstall) the Crawler Toolbar is installed (nothing you can do about that), which immediately demands an outgoing connection to the Internet. Also the installation immediately wanted to install the Crawler Toolbar as a Browser Helper Object, both Spyware Guard and BHO-Demon popped up to warn me (and of course I denied that installation as BHO)

The Crawler Toolbar does not have to be installed. I have ST installed and there is no toolbar present and there is no BHO present. During installation, you are asked if you want the toolbar installed and you can opt to not install it.


***
« Last Edit: February 26, 2008, 06:57:03 PM by CharleyO »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Why some hesitate about using SAS?
« Reply #5 on: February 26, 2008, 06:53:57 PM »
Hi CharleyO,

That is why we come up with all this information, so that people can make decisions themselves. Thanks for the additional info. The anti-malware landscape is changing all the time, that is why I like this forum,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

micky77

  • Guest
Re: Why some hesitate about using SAS?
« Reply #6 on: February 26, 2008, 08:41:16 PM »
so SAS used to be a rouge program :o, what made them change and become a widley used Antispyware tool?
Was it really a rogue program ? Or was this a rumour, because it was new.Was it ever on Spyware Warriors list,I believe once upon a time Site advisor marked it as red,but that means little,if it was remotely associated with another site.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Why some hesitate about using SAS?
« Reply #7 on: February 26, 2008, 09:23:26 PM »
Hi Micky77,

There was a thing with spam and dubious marketing practices once, I guess,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Vladimyr

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1639
  • Super(massive black hole) Poster
Re: Why some hesitate about using SAS?
« Reply #8 on: February 27, 2008, 01:42:04 AM »
...I know of others that have not taken it up in their list of advised anti-malware scanning programs, because they do not like the way the program is being presented (mild way of wording this).
Hi Polonus
I don't understand. Please explain exactly what you mean by "the way the program is being presented".

Sometimes programs that had a bad record once, have to sit in the waiting room quite some time, because people do not trust them or something about them anymore.
Please clarify, you're still talking here about SAS?
I've been using and recommending it since 2006 so I'm keen to read, detailed, first-hand, accountable records of bad experiences with SAS or "something" about it. 
There is a way that seems right to a man,
       but in the end it leads to death
.” - Proverbs 16:25

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Why some hesitate about using SAS?
« Reply #9 on: March 01, 2008, 12:32:58 AM »
Hi Vladimyr,

These are not my words, and it is all in the past where SAS came from. There are some malware training web forums that use the program now, and there is one I know of because of aggressive selling methods in the past still think the program is not yet to be brought into their advised software list. What exactly was there I cannot say, I just report what I have read there, and even the owner of this forum says the program is OK now,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Rafel

  • Guest
Re: Why some hesitate about using SAS?
« Reply #10 on: March 01, 2008, 01:41:45 AM »
Both programs(SAS and ST) were rogue AS programs. And i use both because i think now they do a great job(ST on real time and SAS on demand).
I think they are clean now.

PD
I have installed ST without WSG, then no toolbar.

Sesame

  • Guest
Re: Why some hesitate about using SAS?
« Reply #11 on: March 01, 2008, 05:56:51 AM »
If web communities can make a rogue app to into clean one, I think it can be called an achievement.  This is like rehabilitating a criminal.

Teenage.Zombiee

  • Guest
Re: Why some hesitate about using SAS?
« Reply #12 on: March 01, 2008, 08:36:37 AM »
I never would have thought SAS would have been considered rogue.
The name has always sounded a little dodgy but alot of anti spyware program names often do.

Lusher

  • Guest
Re: Why some hesitate about using SAS?
« Reply #13 on: March 01, 2008, 10:11:19 AM »
so SAS used to be a rouge program :o, what made them change and become a widley used Antispyware tool?
Was it really a rogue program ? Or was this a rumour, because it was new.Was it ever on Spyware Warriors list

It was never a rogue program (listed on Spyware warriors list). I don't know why so many people here are spreading rumors by saying "i guess", "I think"...

The fact is almost every new antispyware that comes up these days (and even back then) are/was treated with suspicion. Except maybe those from the the big boys, where you just say it sucks but dare not accuse them of being rogue. 

Add the fact that many AS have similar names, you "malware fighters" always get confused... Probably one guy accused it of being rogue a long time back and some of you remember that. I notice how some software have tons of false positives but nobody calls it rogue but a newer comer with a few get hammered.

Personally I think most of the AS recommended are crap (granted the ones not recommended are even more crappy). I'm amazed people are still recommending stuff like spybot and ad-aware and even spywareblaster. Out-dated tools for an older and more innocent era if you ask me (I know you didn't).




Sesame

  • Guest
Re: Why some hesitate about using SAS?
« Reply #14 on: March 01, 2008, 12:00:37 PM »
Add the fact that many AS have similar names, you "malware fighters" always get confused...
*After checking through the list first time after a long period using page search function* Seems like that.  I must have taken it for another app on the list.  The list is huge and nowadays, I spend lesser time on checking security apps and visiting security boards since I have experienced no malware issue (Touch wood).