Spy Sweeper with AntiVirus 5.2.3.2120 released

Discussion in 'other anti-malware software' started by Chubb, Oct 24, 2006.

Thread Status:
Not open for further replies.
  1. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    I have asked the same question before in a ticket and the reply from technical support is:

    So "enable direct disk sweeping" means by-passing the BIOS and sweep the HD directly.

    Here is what I can get from the Help file:

    http://img140.imageshack.us/img140/8443/enabledirectdisksweepinpj8.png
     
  2. acr45

    acr45 Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    63
    When I was using version 5.0 I used to get small pop-up alerts in my system tray telling me something wrong like if spy sweeper has quarantined spyware trying to install itself. Now since 5.2 I get a big pop-up window telling me more infomation than I wanna know. http://i79.photobucket.com/albums/j127/acr45/SSPop-Up.jpg

    How do I get it back to the small system tray alerts?
     
  3. SoCalReviews

    SoCalReviews Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    282
    Location:
    Los Angeles, CA
    Escalader, I have most of my AS programs with the features enabled for real time protection including ZASS AS and the only exception is for the minor settings changes I mentioned with SS 5.2. The NOD32 AV updates hourly and has top notch heuristics protection so that is the best one for me to use for real time AV protection. I have never tried BD AV but I have read good things about it and it gets many positive reviews. Adding the extra $10 SS AV for on demand isn't a bad idea in your situation unless you wanted to tack on the ZASS with AV for almost the same cost of about $5-10 more per year instead of using ZAP. I like the ZASS Mail Frontier spam filtering component but many people don't use Outlook or Outlook Express for email so that feature is not as important as the extra AV.

    Thanks for the suggetion for the CNN page loading issue. I already have allowed ZA cookies, scripting, etc. and the problem did not exist with SS 4.5 and when SS 5.2 is shut down then I don't have a problem with the cnn.com site. For now I simply don't have the SS common ad sites feature enabled and it everything seems to work ok. Using FF and ZA gives me enough ad and pop up protection so I should be ok. I will have to try some other settings changes and see if I can find another solution.
     
  4. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Very good! thanks, sounds like you have everthing under control!

    I have considered ZA's AV but it is based on CA's product. SS's AV is based on a better AV engine. So ZA AV is not an option for me at the moment.

    I have a month left on my old SS license so we will let that expire and see what they offer me.
     
  5. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi acr45,

    You may try this:
     

    Attached Files:

  6. sturgisrun

    sturgisrun Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    28
    Hi:
    I just found&joined this forum.

    I have been using SS for a few years & have had no problems with it.

    I have a new PC Club Computer that came with Secure Resolutions Suite pre-installed. This suite uses Panda Anti-Virus.

    When I clicked to install the new SS 5.2 I got a window telling me that I must uninstall the Panda before I install SS 5.2 or I would have stability problems.

    At that point I cancelled the SS install.

    I have a few questions that I hope someone can help me with . . .

    --------------------
    #1-> How do I install the SS 5.2 -> with-out the AV o_O?

    #2-> I am still trying to decide on wheather I am going to keep the Secure Resolutions Suite - can anyone tell me if it is any good? My new compouter did not come with the disk-> so if I un-install it I cannot re-intall it.

    #3-> I am thinking about switching to TrendMicro or Kaspersky AV or their Security Suite -> Any info on these??
    -------------------


    Thanx for any help you can give me . . .

    Terry
    *From the High Desert of New Mexico*
    ____________________________________________________________
     
  7. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I can't answer your questions but did wish to throw in my 2 cents on your security suite.

    If I had to install a new AV today it would be either:

    1. Nod32 (my favorite)
    2. Kaspersky
    3. Antivir PE Premium

    In general, I would not reccomend getting an "all in one" security suite. You can usually do better mixing and matching different pieces of security software to get bettwe protection. Kind of like when you buy a new audio system for your home. You can get an allin one system from one company or you can mix and match the best components. I prefer the latter.

    The suite I use now consists of:

    1. NOD 32...for antivirus/antimalware
    2. Spysweeper...for antisyware
    3. Comodo Firewall...this is free and a phenomenal firewall

    If you really want to go with a suite product I would try the On-line Armor suite. It uses Kaspersky as the AV. It uses On-lin Armor for the antispyware and antimalware. And they are on the verge of releasing a version that also has a firewall.
     
  8. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi sturgisrun,

    You take a look of post #11 & 68 first:

    https://www.wilderssecurity.com/showpost.php?p=866696&postcount=11

    https://www.wilderssecurity.com/showpost.php?p=869237&postcount=68

    Spy Sweeper 5.2 comes with an new antivirus component, but the antivirus component is turned OFF by default. It will not be turned ON unless you opt to pay an upgrade fee of USD10 to get the antivirus signatures. If you don't subscribe to the antivirus signature, you will only get the regularly spyware/adware definitions and you can use Spy Sweeper 5.2 as if it has no antivirus functionality.

    You got a window telling you to uninstall Panda AntiVirus because Panda AntiVirus may be running active in the background when you install Spy Sweeper 5.2. When Spy Sweeper detected that another AV is running in the background, it will prompt you the warning to uninstall the existing AV. However, you CAN ignore the warning message and still install Spy Sweeper 5.2 by pressing the "Next" button. If another antivirus is installed but NOT running in the background, it will NOT prompt you the warning and you can install Spy Sweeper right away.

    http://img163.imageshack.us/img163/7862/setupnotifyconflictwithfy5.png

    Spy Sweeper 5.2 will only display the option to subscribe for the antivirus protection AFTER installation is completed, and if you don't subscribe to the antivirus protection, the antivirus shield will NOT be enabled. So even though you have Panda AntiVirus installed, there will be no conflict since the antivirus shield in Spy Sweeper will be DISABLED by default after installation. Please note that the installer of Spy Sweeper 5.2 comes with NO virus signatures, so that when you install Spy Sweeper 5.2, NO virus signatures will be installed. You will only get the virus signature after you have paid the USD10 antivirus upgrade fee.

    So, if you want to install Spy Sweeper 5.2 without the AV, you can simply close the Secure Resolutions Suite before you install Spy Sweeper, or press "Next" when you receive the warning to continue the installation. You don't need to unintall the Secure Resolutions Suite beforehand. After the installation is complete, Spy Sweeper will start WITHOUT the AV. Simply don't subscribe to the AV and you will never get the AV signatures and the AV shield will never be enabled.

    I have already brought this to the beta team's attention that the wording in the warning pop-up is confusing and asked them to revise it, but it seems the developers don't want to change it.


    I haven't used the Secure Resolutions Suite before. However, you can search the Other anti-virus software forum by using the keyword Panda and you will see a lot of discussion on the pros and cons of Panda AntiVirus.


    Again, you can search the Other anti-virus software forum by using the keyword Trend and Kaspersky and you will see a lot of discussion on the pros and cons of Kaspersky and Trend Micro Security Suite.
     
    Last edited: Oct 30, 2006
  9. sturgisrun

    sturgisrun Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    28
    Hi Chubb:

    Thank you for your reply.

    I installed SS & it DID install the AV & it was active when I opened the program !!! It was GREEN not GRAYED-OUT !
    I unchecked the AV boxes & turned the AV off (I hope!).

    Can you tell me why it did this??

    -------------------------
    #`1-> Is it truly off & not working now?? It is now RED not GREEN on the main page of SS.
    -------------------------

    Another question . . .

    -----------------------
    #2-> I had never heard of NOD32 before I found this site- is it the BEST AV out there??
    I realaize this may be like asking what is the best motor oil on a Motorcycle Board I watch- but I am hoping to get some info about the "BEST" AV

    ------------------------

    Thanx again . . .

    Terry
    From the High Desert of New Mexico

    ___________________________________________________
     
  10. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi sturgisrun,

    It is seems to be a bonus gift, since the AV upgrade will ONLY be enabled after you have paid for the upgrade fee. This is documented in the Knowledge Base. Another user is also getting the AV free, see post #69:

    https://www.wilderssecurity.com/showpost.php?p=869325&postcount=69

    I am not sure if there is something wrong with the keycode system of Webroot, or maybe they have mistakenly tagged your keycode to include AV protection. I know of a reason for getting the AV free, but I won't be discussing the reason here, until I have confirmed the reason.

    Since you get the AV free, you can simply turn it OFF. If it is red, it is OFF. However, if you are certain that you don't want the AV component, you may raise a ticket and ask them to remove the AV subscription from your keycode.


    I would say, NOD32, KAV and BitDefender are among the best AV. You won't go wrong by having one of them.

    KAV - Best signature with added proactive defense in 6.X
    NOD32 - Best heuristics
    BitDefender - good heuristics
     
  11. attila4000

    attila4000 Registered Member

    Joined:
    Feb 7, 2005
    Posts:
    51
    Location:
    Rahway, NJ, USA
    ok, thanks chubb. i just got online today and read your reply.
     
  12. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,238
    Location:
    Sydney, Australia
    @Chubb et al
    Unfortunately I want SS 5.2 off my box
    Do you know whether the SSE cleanup utility works with V5.2?

    Thx
     
  13. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi Longboard,

    Do you mean this one?

    https://premium.parature.com/ics/su...e02943859128347dc015&accountID=693&deptID=776

    It appears that the tool is for 5.0.X and there maybe new registry keys for version 5.2. At least, there is a new folder "AntiVirus" in the Webroot folder for 5.2, although there are only 3 dll files in the AntiVirus folder. I haven't tried it and I am not sure if it is working for 5.2, but you might give it a try. I would suggest that you raise a ticket and ask for a new cleanup utility for 5.2. ;)

    For the time being, you may prevent SS from loading by disabling the "Webroot Spy Sweeper Engine" in Services.
     
  14. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Hi Chubb.
    Can I ask you if SS 5.2, like 5.0, uses two processes, and when SS is closed (shut-down) a process still remain active?
    And, also, if it isn't possible to kill it?
    Is memory usage like 5.0 or more light?

    Thank You
    My best regards.
    Mike
     
  15. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi tec505,

    There are three processes in Spy Sweeper 5.0.X and 5.2:

    http://img47.imageshack.us/img47/6126/memoryusagewithavshieldoffez5.png

    When you close Spy Sweeper, spysweeperUI.exe and ssu.exe will close, but spysweeper.exe will remain resident in the memory. Spysweeper.exe is the Spy Sweeper Engine service and is self-protected and cannot be terminated from the Task Manager.

    If you want to terminate spysweeper.exe, you need to perform the following steps.

    Step 1: Reveal the hidden buttons from the Spy Sweeper main menu:

    http://img518.imageshack.us/img518/205/mainscreenhowtorevealhicl7.png


    Step 2: Press the Turn SPS Off button. SPS stands for Self Protection Shield.

    http://img256.imageshack.us/img256/6995/mainscreenwithhiddenbuthr2.png

    After you have turned off the SPS, you can now close Spy Spy Sweeper, then terminate spysweeper.exe from Task Manager to completely shut down Spy Sweeper.

    If you don't want to use Spy Sweeper anymore, you can go to Control Panel, Administrative Tools, Services, locate the service Webroot Spy Sweeper Engine, right-click on it and change the startup type from Automatic to Manual.

    http://img518.imageshack.us/img518/1771/webrootspysweeperenginevh4.png

    Then on next reboot, the Spy Sweeper Engine (spysweeper.exe) will not load anymore.



    For memory usage, you can take a look of the following posts:

    https://www.wilderssecurity.com/showpost.php?p=866714&postcount=13

    https://www.wilderssecurity.com/showpost.php?p=866976&postcount=25

    5.2 is lighter in memory usage than 5.0.X
     
  16. sturgisrun

    sturgisrun Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    28
    Chubb:

    Do you have any idea what is going on with SS 5.2.

    I have SSAV turned OFF - it is showing OFF & RED on my computer.

    HOWEVER -> when I got up this AM SS had done a AV scan overnight.

    Any ideas on what I can do further to disable the AV function of SS 5.2 o_O

    Does anyone have a phone number for Webroot??

    Thank you so much for your help with this.


    Terry
    From the High Desert of New Mexico
    __________________________________
     
  17. tec505

    tec505 Registered Member

    Joined:
    Sep 11, 2006
    Posts:
    284
    Location:
    Romulus, class M planet
    Thank you Chubb.
    Never met so great support.

    My best regards.
    Mike
     
  18. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi sturgisrun,

    Do you see any scheduled sweep tasks in Options, Schedule? If I remember correctly, the schedule list should be empty by default, unless you have created a scheduled task.

    And there are two options: Sweep for Viruses and Virus Shields. Are both turned OFF and RED?

    When you noticed that SS has performed an AV scan over the night, did you check with the session log and see if a scheduled scan has been initiated without your knowledge?

    Hm...I don't have a clue at the moment, but if you have not created any scheduled task, and if both Sweep for Viruses and Virus Shields are OFF and RED, that overnight AV scan might be a bug.

    If you want to call Webroot directly, you may use the phone number 866-612-4227 and speak to a technical support staff.

    http://www.webroot.com/company/contactus.html

    However, on the Webroot Support Centre, there is a notice:

    http://support.webroot.com/ics/support/default.asp?deptID=776

    http://img519.imageshack.us/img519/5920/webrootnoticeni2.png

    So, the technical support staff may be busy answering questions on the phone and they encourage that you submit a double ticket.
     
  19. sturgisrun

    sturgisrun Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    28
    Chubb:

    I hope you can make sense of my answers below:

    -----------------------
    #1-> Do you see any scheduled sweep tasks in Options, Schedule? If I remember correctly, the schedule list should be empty by default, unless you have created a scheduled task.
    -----------------------

    ---> #1-> I show a Full Sweep scheduled for 8am- I did not set this up- BUT- I think it imported it when I downloaded the up-grade- I had it scheduled before the up-grade.
    --------------------

    #2-> And there are two options: Sweep for Viruses and Virus Shields. Are both turned OFF and RED?
    --------------------

    ---> #2-> On the HOME Page- both are RED with X.
    -Also- On SWEEP page (in upper Right corner) shows-> VIRUS SWEEP: OFF
    -Also->On OPTIONS page-> SWEEP tab -> CUSTOM SWEEP SETTINGS- I have all with green check mark -> EXCEPT"VIRUS SWEEP"(that has no check mark-blank).
    -------------------

    The world is crazy- My Dad downloaded the up-grade & wanted the AV- & did NOT get it- I downloaded the same - did not want the AV & I get it & cannot turn it off.

    Go Figure. . .

    Thank you for your time & expertise

    Terry-
    From the High Desert of New Mexico
    _________________________________________________________
     
  20. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi sturgisrun,

    If you have a schedule task before you do the upgrade to 5.2, the task would be imported from 5.0.X to 5.2. So the task is running correctly but the scanning of virus is obviously a bug.

    This is a bug. If sweep for virus has not been chosen in the custom scan, the scan should not scan for viruses. It appears that when the schedule task is imported from previous version, the virus for sweep option is automatically and mistakenly added to the schedule task. So the bug is, scheduled task failed to import from 5.0.X to 5.2 intact and sweep for virus option was mistakenly added to the task although the option is shown as not checked. I would suggest that you submit a ticket and let them know the bug, so that they can fix it. It seems the developers are unware of this bug.


    There might be something wrong with the Webroot server and it appears that the keycode system is mixing up subscriptions with antivirus protection and without antivirus protection. :(
     
  21. sturgisrun

    sturgisrun Registered Member

    Joined:
    Oct 30, 2006
    Posts:
    28
    Hi Chubb:

    I think I may have figured it out . . .(maybe) ? ? ? ?

    #1-> I had the old program set to do FULL SWEEP & that is what was imported.

    #2-> When FULL SWEEP is selected it automatically checks the AV SWEEP box.

    #3-> When I select for it to run CUSTOM SWEEPthen I can uncheck the AV SWEEP box.

    #4-> I tried a sweep today doing the CUSTOM SWEEP with the AV SWEEP unchecked & it did not (as far as I can tell) sweep for viruses.


    I am not sure if I am correct on this- does this sound right to you.

    Thank you for all you help ! ! !

    Terry
    From the High Desert of New Mexico
    ____________________________________________________
     
  22. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967
    Hi sturgisrun,

    Yes, that may be the reason. In 5.2 Full and Quick Sweep included the sweep for virus if you have subscribed for the antivirus protection and therefore, when the Full Sweep scheduled task is imported, it automatically added the sweep for viruses, since it is not a custom scan. So, even though Virus Shield and Sweep for Viruses in the main screen is off and red, the scheduled Full Sweep still scan for viruses.

    If that is the case, it may not be a bug, but by design. When scheduled task are imported from 5.0.X to 5.2, virus will not scanned for if you do not have subscribed to antivirus protection, but it will be scanned by default if you have subscribed to antivirus protection.

    Since you already have antivirus protection, you may need to create a custom schedule scan to remove the option to scan for viruses if you don't want the task to scan for viruses.

    Glad to know that you have found the reason for the problem.
     

    Attached Files:

  23. candoo

    candoo Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    15
    Hi People!

    I am new to this forum and I've been following this thread with interest. I would like to offer my observations on Spysweeper 5.2.3. When I first installed it I activated the keylogger shield. Memory usage was very low.

    mem usage Vm size
    ssu.exe 3208k 23256k
    spysweeper.exe 3820k 30972k
    spysweeper.ui.exe 6196k 19932k

    Then I ran a full sweep with my task manager open. As the sweep began to check the "Memory", my memory usage went up five fold on ALL my processes. At the end of the sweep the mem usage stayed at that high level. Then I rebooted and the mem usage came back down to normal levels, with one exception. After about 30 minutes of idle time the mem usage shot up again to those hi levels on it's own. So I turned OFF the keylogger shield, rebooted and let it idle for 60+ minutes and everything was back to normal. Then I did a custom sweep and turned OFF "Memory" sweep. With my task manager open, I saw all process memory STABLE with the exception of SS files. After the sweep everything was back to normal.

    Any comments or solutions would be welcome.

    Best regards,
    Candoo
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.