a-squared Free vs SuperAntiSpyware Free

[Pedro]

What he's questioning is if they were current at all, or from an arquive. A good point i think.

[Firefighter]

Quote:

Originally Posted by Someone

What he's questioning is if they were current at all, or from an arquive. A good point i think.

If I understood right. The tester activated a few nasties in an unprotected PC to wait how many "friends" those "hosts" will lure to the PC. This was the method in a test 1. made over a year ago. The same method was done in here on September 2006.

Best regards,
Firefighter!

[SystemJunkie]

A-Squared has a problem it detects too many things that are legitimate.

E.g. Advanced Anti Keylogger, it is a good protection tool, but A2 has the opinion to consider it a spyware, the same with max antispy and many others.

[Andreas Haak]

Quote:

1486 -- a-squared
1314 -- Ashampoo AntiSpyWare

The test is flawed. Ashampoo and a-squared are using the same engine. There might be MINOR differences caused by update delays but there is no way to get a 150+ anomaly.

[Andreas Haak]

Quote:

Originally Posted by SystemJunkie

A-Squared has a problem it detects too many things that are legitimate.

E.g. Advanced Anti Keylogger, it is a good protection tool, but A2 has the opinion to consider it a spyware, the same with max antispy and many others.

Well ... in case of Advanced Anti Keylogger:

http://www.spydex.com/

They reused files and paths used in their "Anti Keylogger" in their keylogger . So either we are unable to clean/remove the keylogger completely for the price of detecting parts of their anti-keylogger or we are unable to remove their keylogger but don't detect parts of their anti-keylogger. By the way ... producing a keylogger and an anti-keylogger would be called double moral standards here . What might happen next? Anti-Virus vendors offering anti-virus software and a nice hacker cd with the 25000 most dangerous viruses?

Most of the commercial spy and remote control software is only detected as riskware. It isn't even marked for removal by default.

[Firefighter]

Quote:

Originally Posted by Andreas Haak

The test is flawed. Ashampoo and a-squared are using the same engine. There might be MINOR differences caused by update delays but there is no way to get a 150+ anomaly.

Ashampoo seemed not to find heuristics detections at all, maybe an older version or just not activated heuristic scan in Ashampoo setup? Look at the test table in my first post concerning this test.

Best regards,
Firefighter!

[Andreas Haak]

I am not 100% sure but afair their heuristics are active by default.

[duke1959]

I would just like to add that a-squared found 2 trace files of what it considers possible spyware. One is called NGC ActiveSpy XP which is an eselleratecontrol350.dll. And the other is called Instant Access and is an armaccess.dll. Both were found in my Windows System32 folder. I googled them, and the first one has to do with purchasing things off the internet, which my wife sometimes does. While the second one still confuses me slightly as to what it actullay is for, although it could have something to do with an AS program called Truesword which I foolishly downloaded to try a long time ago. I have quarantined them without any adverse effects so far, but neither AVG Anti-Spyware or SuperAntiSpyware alerted me to them in any way. My point is that I rather be alerted to potential spyware, and be able to decide like I did with a-squared what to do with it, than not be alerted at all. I don't say this because I think AVG AS or SAS is not as effective as a-squared is, both are also outstanding programs IMO, but I did want to hear what Andreas Haak, and Nick Skrepetos opinions may be on this.

[Andreas Haak]

Feel free to send me a copy of the quarantined files: ah@emsisoft.com .

[duke1959]

Thanks Andreas. I sent the quarantined items as attachments through OutLook as you requested. I hope you received them.

[Andreas Haak]

Got them. armaccess.dll is part of the Armadillo copy protection software. I guess you have or had one application installed that was protected by Armadillo. The other DLL file is - as you already guessed right - part of an estore system. I will remove both detections with one of the next updates.

[SUPERAntiSpy]

Quote:

Originally Posted by duke1959

I would just like to add that a-squared found 2 trace files of what it considers possible spyware. One is called NGC ActiveSpy XP which is an eselleratecontrol350.dll. And the other is called Instant Access and is an armaccess.dll. Both were found in my Windows System32 folder. I googled them, and the first one has to do with purchasing things off the internet, which my wife sometimes does. While the second one still confuses me slightly as to what it actullay is for, although it could have something to do with an AS program called Truesword which I foolishly downloaded to try a long time ago. I have quarantined them without any adverse effects so far, but neither AVG Anti-Spyware or SuperAntiSpyware alerted me to them in any way. My point is that I rather be alerted to potential spyware, and be able to decide like I did with a-squared what to do with it, than not be alerted at all. I don't say this because I think AVG AS or SAS is not as effective as a-squared is, both are also outstanding programs IMO, but I did want to hear what Andreas Haak, and Nick Skrepetos opinions may be on this.

I would be happy to look at the files, send the to samples AT superantispyware.com and I will take a look!

[duke1959]

I surely will send them if you like Nick, but as Andreas explained he will be removing them from a-squared. I have in the past used Comodo Firewall, and AOL AVS which both had some sort of self protection, so I wonder if either of those would have installed the armaccess dll? I guess from what you are saying I can remove them from Quarantine now, but I may eventually delete the armaccess dll. as the only current software I use is AV 7.5 Internet Security Suite. I don't think this offers any self protection, although I wonder if the Spyware Component which used to be Ewido does? I'll figure it out, but thanks for your help and input here Andreas. I will end by saying that I am of course aware of the input Nick from SAS has always added in these Forums as well, so a thanks to you for that Sir.

[Firefighter]

Quote:

Originally Posted by Andreas Haak

I am not 100% sure but afair their heuristics are active by default.

This is from their site. Actually you can choose it to use or not.

Best regards,
Firefighter!

Btw, the tester said too that he used the MEDIUM heuristics in AntiVir (Classic), so I think that it will be about the same as by using NOD without an AH at all.

[SUPERAntiSpy]

Quote:

Originally Posted by duke1959

I surely will send them if you like Nick, but as Andreas explained he will be removing them from a-squared. I have in the past used Comodo Firewall, and AOL AVS which both had some sort of self protection, so I wonder if either of those would have installed the armaccess dll? I guess from what you are saying I can remove them from Quarantine now, but I may eventually delete the armaccess dll. as the only current software I use is AV 7.5 Internet Security Suite. I don't think this offers any self protection, although I wonder if the Spyware Component which used to be Ewido does? I'll figure it out, but thanks for your help and input here Andreas. I will end by saying that I am of course aware of the input Nick from SAS has always added in these Forums as well, so a thanks to you for that Sir.

I didn't see the previous post, no problem, no need to send.

[duke1959]

Ok Nick I won't, but I do want to say to you that I believe SAS will keep improving, and is definitely already on par with some of the leading AS programs. I am however, a sucker for a nice looking GUI, which although is subjective, is why I like a-squared. It also loads faster and updates quicker than SAS does, which is also important to me. I've decided to keep using SAS as it probably does find things a-squared doesn't, and I appreciate your devotion to the product, but I honestly feel if it does eventually become a little more snazzier, it certainly wouldn't hurt your sales, that's all. I know snazzier isn't a word, but if your my age, which is 46, you know it's meaning. LOL. Take care.

[Pedro]

Andreas: I got this Trace.Registry.MDSA Sentinel found by A-Squared in the Registry . Deleted. Is this a new addition to A-Squared or in you databases for some time? This info would help to check whether this is new in my computer or was here already.
Also is it supposed to be only in the registry?

[Q Section]

Quote:

Originally Posted by duke1959

...I know snazzier isn't a word...

Better check here. The Yanks think so.

[Long View]

Quote:

Originally Posted by Andreas Haak

Got them. armaccess.dll is part of the Armadillo copy protection software. I guess you have or had one application installed that was protected by Armadillo. The other DLL file is - as you already guessed right - part of an estore system. I will remove both detections with one of the next updates.

Just tried A-squared free and found armaccess.dll ( 2007 04 05) so is this real or has it not been removed from A2 ?

[cheater87]

Both are great programs but I got kinda tired with the FPs in A Squared.

[besafe]

Quote:

Originally Posted by duke1959

Ok Nick I won't, but I do want to say to you that I believe SAS will keep improving, and is definitely already on par with some of the leading AS programs. I am however, a sucker for a nice looking GUI, which although is subjective, is why I like a-squared. It also loads faster and updates quicker than SAS does, which is also important to me. I've decided to keep using SAS as it probably does find things a-squared doesn't, and I appreciate your devotion to the product, but I honestly feel if it does eventually become a little more snazzier, it certainly wouldn't hurt your sales, that's all. I know snazzier isn't a word, but if your my age, which is 46, you know it's meaning. LOL. Take care.

Does GUI really make a difference to you? I guess it probably does for a lot of people. I am more of a function over form kind of guy. I don't care what something looks like so long as it does its job well.