A new Beta version is out. I just downloaded it. So far no problems.

I'll try it

Is it 64bit yet?

where can i get the beta download from?

-{ Quote: "where can i get the beta download from?" }-
Here (http://forums.superantispyware.com/viewtopic.php?t=1767) :thumb:

-{ Quote: "Here (http://forums.superantispyware.com/viewtopic.php?t=1767) :thumb:" }-
manny thanks:thumb:
is this the free version or paid version?thanks in advance

-{ Quote: "manny thanks:thumb:
is this the free version or paid version?thanks in advance" }-

I downloaded it from Major Geeks and it was the free version. I am a paid user so all I needed to do was enter my registration code to convert it to the paid. The free version is a scanner. The paid version also provides up-front protection

-{ Quote: "I downloaded it from Major Geeks and it was the free version. I am a paid user so all I needed to do was enter my registration code to convert it to the paid. The free version is a scanner. The paid version also provides up-front protection" }-
thanks for the info:thumb:

-{ Quote: "Is it 64bit yet?" }-
The program will run on 64 bit but in 32 bit, I think its on the agenda.

-{ Quote: "The program will run on 64 bit but in 32 bit, I think its on the agenda." }-
is is getting better and better:thumb:

Is the realtime protection enabled in vista 64?

Whats new?

What's new in this pre-release version?
The following are the most significant changes in this version.
Interface and Functionality Changes

* Enhanced diagnostic interface and submissions
* Resolved rare issue where update would not be allowed if interface was open
* Resolved/Improved various interface issues/text

Technology Changes

* Over 50 technology additions to the scanning engine - new definitions being created to take advantage of this new format - this will GREATLY increase detection for new threats
* Enhanced DDA (Direct Disk Access) and improved compatibility with various NTFS formats
* Enhanced detection of rootkits
* Enhanced Process Interrogation Technology
* Enhanced Multi-Dimensional Scanning to handle various packed formats
* Enhanced detection of hidden registry keys
* Improved performance of the First Chance Prevention (Coming Soon for Vista)
* Scanning speed increase under certain conditions

-{ Quote: "Is the realtime protection enabled in vista 64?" }-

IIRC Realtime is fully operation in 64 but it is First Chance Prevention that is not working under 64bit yet.

This 'beta' will not be available through the auto updater in the program (I'm using the Free version) until it's approved and 'final' I gather?

@stijnson, correct. In fact running the built-in version check with beta will re-download the older stable release.

Some very interesting changes. SAS has saved me more than twice in the past.

-{ Quote: "IIRC Realtime is fully operation in 64 but it is First Chance Prevention that is not working under 64bit yet." }-

Thanks Champ!

-{ Quote: "@stijnson, correct. In fact running the built-in version check with beta will re-download the older stable release." }-
When you say "built-in version check," do you mean the auto-updater? If that's the case, then I would have to disagree with you. I've been running the beta version for a couple of days now, and it has not reverted back to the old, stable version.

I don't mean the definitions check. I mean the version check you do via settings. As I don't have SAS installed ATM because of debugging other issue I can't be more accurate about where you find the option to check for latest program version. However it is independent of the definitions check.

-{ Quote: "What's new in this pre-release version?
The following are the most significant changes in this version.
Interface and Functionality Changes

* Enhanced diagnostic interface and submissions
* Resolved rare issue where update would not be allowed if interface was open
* Resolved/Improved various interface issues/text

Technology Changes

* Over 50 technology additions to the scanning engine - new definitions being created to take advantage of this new format - this will GREATLY increase detection for new threats
* Enhanced DDA (Direct Disk Access) and improved compatibility with various NTFS formats
* Enhanced detection of rootkits
* Enhanced Process Interrogation Technology
* Enhanced Multi-Dimensional Scanning to handle various packed formats
* Enhanced detection of hidden registry keys
* Improved performance of the First Chance Prevention (Coming Soon for Vista)
* Scanning speed increase under certain conditions" }-

Is the detection of malware through file name one of the new interesting features of this advanced scanner?

http://img367.imageshack.us/my.php?image=sascq6.jpg

It is so interesting that SuperAntiSpyware detects some malwares using file names. For example (just one example, some others are shown in the above img), every file called AVSERVE2.EXE is Sasser Worm to SuperAntiSpyware engine.

Since 1995, haven't we evolved past using filenames for detection?

-{ Quote: "Is the detection of malware through file name one of the new interesting features of this advanced scanner?

http://img367.imageshack.us/my.php?image=sascq6.jpg

It is so interesting that SuperAntiSpyware detects some malwares using file names. For example (just one example, some others are shown in the above img), every file called AVSERVE2.EXE is Sasser Worm to SuperAntiSpyware engine.

Since 1995, haven't we evolved past using filenames for detection?" }-

Confirmed. Just created a txt file & renamed to AVSERVE2.exe...
SAS Pro 4.15 says Sasser...???

-{ Quote: "Is the detection of malware through file name one of the new interesting features of this advanced scanner?

http://img367.imageshack.us/my.php?image=sascq6.jpg

It is so interesting that SuperAntiSpyware detects some malwares using file names. For example (just one example, some others are shown in the above img), every file called AVSERVE2.EXE is Sasser Worm to SuperAntiSpyware engine.

Since 1995, haven't we evolved past using filenames for detection?" }-

Yep i can also confirm "find file" very much in use for that particular file name too but thankfully "multi dimension scanning" means more than one way of scanning for known malwares;)

Here's s good example by renaming a Trojan-Conhook downloader file...thankfully no find file detection here;D
202359


Anyhow's a warm welcome to Wilders:thumb:

Thank you for your welcome ;)

Oh no, no attempts at FUD. If you better read my post, you'll see I've written "detects SOME malwares". I've never said they use file name as the only-way to detect malware, there are other cool ways ;)

The question is: it's unthinkable to use file name as unique detection parameter for a malware. Don't you think so? A security company that makes use of file name as detection parameter? Something must be going wrong in the world ;D

If you want to play a bit, just try some other ones:



LIVESEXCAMS.EXE
WEBSAVINGSFROMEBATES.EXE
BARGAINS.EXE
MSBB.EXE
MMOD.EXE
PURITYSCAN.EXE
PURITYSCAN2.EXE
WINSERVN.EXE
SEAR1.EXE
WAPICC.EXE
WAPIIT.EXE
WAPISU.EXE
RH.EXE
CS4P028.EXE

There are obvious reasons to not use file names, every security company know this ;) Or, at least, they should know this ;)

-{ Quote: "Is the detection of malware through file name one of the new interesting features of this advanced scanner?

http://img367.imageshack.us/my.php?image=sascq6.jpg

It is so interesting that SuperAntiSpyware detects some malwares using file names. For example (just one example, some others are shown in the above img), every file called AVSERVE2.EXE is Sasser Worm to SuperAntiSpyware engine.

Since 1995, haven't we evolved past using filenames for detection?" }-

Wow, a definition that's been in the database for 3+ years. Interesting that we have had ZERO reports of false positives on that filename in over 10 million users and 100's of millions of scans! Guess the technology works like it's supposed to! :)

-{ Quote: "Thank you for your welcome ;)

Oh no, no attempts at FUD. If you better read my post, you'll see I've written "detects SOME malwares". I've never said they use file name as the only-way to detect malware, there are other cool ways ;)

The question is: it's unthinkable to use file name as unique detection parameter for a malware. Don't you think so? A security company that makes use of file name as detection parameter? Something must be going wrong in the world ;D

If you want to play a bit, just try some other ones:



LIVESEXCAMS.EXE
WEBSAVINGSFROMEBATES.EXE
BARGAINS.EXE
MSBB.EXE
MMOD.EXE
PURITYSCAN.EXE
PURITYSCAN2.EXE
WINSERVN.EXE
SEAR1.EXE
WAPICC.EXE
WAPIIT.EXE
WAPISU.EXE
RH.EXE
CS4P028.EXE

There are obvious reasons to not use file names, every security company know this ;) Or, at least, they should know this ;)" }-

You can do the same exact thing (create a filename only) with many products and place it in different locatations and it will be detected. The data that you don't have is the millions of computer diagnostics we have and we know that statistically certain names don't appear as legit products.

We have run similar tests on many other products and you can "trick" them into detecting items that are named as infections or placed in locations infections are known to infect.

The bottom line is that with 100's of millions of scans done over that past couple years, we see little to no False Positives on those types of names, so with facts like that we focus on removing infections and not passing silly tests. :)

He he he :)

I was expecting this kind of answer ;)

You can trick almost every software, that's right. A signature has to be strong and has to guarantee detection of a malware with a small (the best would be without) % of FPs. Since when using file name as detection pattern is a strong signature? Does its job? Oh yeah, forsure. If someone renamed (hey, I'm not saying rebuild, pack, crypt and other silly tricks, I said renamed) Sasser worm, for example, your detection would have been totally bypassed.

You're using far smarter detection ways on your software, then why using file name on MORE than "a definition" (as you said on your first reply)?

It's faster and easier? Sure.
It's almost totally useless? Sure.

You're in the security field since a lot of time, you know why file name has not been used since ages as detection parameter. You know why every security company would not use it. It's simply useless. It means giving the users a false sense of security.

-{ Quote: "He he he :)

I was expecting this kind of answer ;)

You can trick almost every software, that's right. A signature has to be strong and has to guarantee detection of a malware with a small (the best would be without) % of FPs. Since when using file name as detection pattern is a strong signature? Does its job? Oh yeah, forsure. If someone renamed (hey, I'm not saying rebuild, pack, crypt and other silly tricks, I said renamed) Sasser worm, for example, your detection would have been totally bypassed.

You're using far smarter detection ways on your software, then why using file name on MORE than "a definition" (as you said on your first reply)?

It's faster and easier? Sure.
It's almost totally useless? Sure.

You're in the security field since a lot of time, you know why file name has not been used since ages as detection parameter. You know why every security company would not use it. It's simply useless. It means giving the users a false sense of security." }-

I think you would be surprised at how many companies actually use the filename and file location ONLY as their form of detection.

Most of the Vundo detections in popular products are by wildcard filename only.

You are welcome to your opinion, but the reality is that we clean millions of systems each year - and I'll stick with those results in developing our product.

-{ Quote: "I think you would be surprised at how many companies actually use the filename and file location ONLY as their form of detection.

Most of the Vundo detections in popular products are by wildcard filename only.

You are welcome to your opinion, but the reality is that we clean millions of systems each year - and I'll stick with those results in developing our product." }-

At least filename AND file location ;)

Anyway, if I write such technical things, do you think I don't know who and how use these kind of detections? ;)

Your opinions are more than welcome :) My main goal is to let users know about facts and then leave users decide :)

-{ Quote: "At least filename AND file location ;)

Anyway, if I write such technical things, do you think I don't know who and how use these kind of detections? ;)

Your opinions are more than welcome :) My main goal is to let users know about facts and then leave users decide :)" }-

SUPERAntiSpyware has over 10 million users and is recommended by Dell, AT&T, HP, Microsoft among others, so I agree, the expects can decide!

-{ Quote: "Anyway, if I write such technical things, do you think I don't know who and how use these kind of detections? ;)" }-

Technical? Did I miss a post?

-{ Quote: "SUPERAntiSpyware has over 10 million users and is recommended by Dell, AT&T, HP, Microsoft among others, so I agree, the expects can decide!" }-

Wow :D Congratz ;D

-{ Quote: "Technical? Did I miss a post?" }-

Oh, no no :) Don't worry, it's okay :) You haven't missed anything, these informations are coming from the other world ;D

-{ Quote: "Wow :D Congratz ;D" }-

Thank you! We work hard just like every other company to try and keep up with the threats :)

So, let me rephrase:

What is the reason to use a filename over another type of detection? Do you use filenames just because of limitations in the engine? Shouldn't an antivirus/antispyware engine be able to find programs based on signatures, not filenames?

And it shouldn't be a limitation of the engine, because it's using some other nice techniques (bytes check, MD5, MD5 over specific zones, etc...)

-{ Quote: "So, let me rephrase:

What is the reason to use a filename over another type of detection? Do you use filenames just because of limitations in the engine? Shouldn't an antivirus/antispyware engine be able to find programs based on signatures, not filenames?

And it shouldn't be a limitation of the engine, because it's using some other nice techniques (bytes check, MD5, MD5 over specific zones, etc...)" }-

We do what is necessary and most effectively detects and removes the infection - we have hundreds of techniques at our disposal in the engine and our 4.20 version adds some additional technology pieces to handle the new waves of threats that other products won't even know are there.

-{ Quote: "We do what is necessary and most effectively detects and removes the infection - we have hundreds of techniques at our disposal in the engine and our 4.20 version adds some additional technology pieces to handle the new waves of threats that other products won't even know are there." }-

Ok, so now users know that SuperAntiSpyware make uses of filenames as detection pattern :) That's all

And, quoting a post from some time ago:

-{ Quote: "
They are kidding forsure As well as they must be kidding when they added the option "Prevent ANY application to terminate SUPERAntiSpyware" thinking to prevent it by simply hooking ZwTerminateProcess
" }-

http://www.wilderssecurity.com/showpost.php?p=1238271&postcount=31

I totally agree :)

Thank you for your explanations ;)

Bye

-{ Quote: "Ok, so now users know that SuperAntiSpyware make uses of filenames as detection pattern :) That's all

And, quoting a post from some time ago:



http://www.wilderssecurity.com/showpost.php?p=1238271&postcount=31

I totally agree :)

Thank you for your explanations ;)

Bye" }-

SUPERAntiSpyware uses a very advanced engine to detect and remove threats - part of that MAY include filename detection if necessary, and may include other techniques as well.

Name detection is used by many products on the market. It's interesting that all the threats you referenced by filename were from 3 years ago. In many cases, that's all that was necessary to detect those at that time.

A non-technical user still won't understand what you are referring to - and if it matters or not. What they understand is what cleans their system.....and that's what we do!

I still have version 4.15.0.1000. I have checked for updates but keep getting a message that none are available. Do I have to manually download an update for Vista?

4.15.0.1000 is the current release version and 4.20.1038 is still in beta. You can get the beta from the SAS tech. forum.

-{ Quote: "I still have version 4.15.0.1000. I have checked for updates but keep getting a message that none are available. Do I have to manually download an update for Vista?" }-

-{ Quote: "I still have version 4.15.0.1000. I have checked for updates but keep getting a message that none are available. Do I have to manually download an update for Vista?" }-

We have that current version 4.15 on all our computers, Vista Home Premium and XP. No problem with daily updates on any of them.

This is a piece of software we won't be without.

Chuck75, he is talking about version updates, not about signature file (definitions) updates.

-{ Quote: "Chuck75, he is talking about version updates, not about signature file (definitions) updates." }-

Yeah, duhhhh, it's called 'old age disease.'

I recently purchased Superantispyware and personally so far I think it is great. I am considering installing Vista x64 but wanted to know if it supports x64? I poked around on the site and didn't find anything on this and with the advanced scanning engine in it, I am hoping it runs on x64.

-{ Quote: "I recently purchased Superantispyware and personally so far I think it is great. I am considering installing Vista x64 but wanted to know if it supports x64? I poked around on the site and didn't find anything on this and with the advanced scanning engine in it, I am hoping it runs on x64." }-

http://forums.superantispyware.com/viewtopic.php?t=1789&highlight=64bit

-{ Quote: "I recently purchased Superantispyware and personally so far I think it is great. I am considering installing Vista x64 but wanted to know if it supports x64? I poked around on the site and didn't find anything on this and with the advanced scanning engine in it, I am hoping it runs on x64." }-

I have SAS on my HP m9350f with Vista 64 as on-demand only. I have the stable version not the beta. I tried it with realtime enabled and my computer would not boot, I had to do a factory restore, because it would not uninstall in safe mode.
I would be wary to use it realtime till its fully compatable with x64.

-{ Quote: "http://forums.superantispyware.com/viewtopic.php?t=1789&highlight=64bit" }-


Thank you...