PC Magazine review: SUPERAntiSpyware Professional 4.0

Here's the thread from last year discussing PC Mag's review of SAS 3.7. I just came across their review of SAS 4.0 from last month.

Spy Sweeper and Spyware Doctor are top tier? Maybe in the bloatware dept.... As much money as those two companies are making they can't even give you a 30-day fully functional trial.

 

I'm not sure but these reviews don't seem too far off the beaten path. They gave Avast and Comodo Firewall Pro great reviews which are free apps. I am actually already using Malwarebytes Anti-Malware instead of SuperAntiSpyware so for me it doesn't really matter. However, I hope some of the die hard SAS users chime in to explain why it got such a bad review yet again. Personally I blame the beetle they use for the System Tray Icon. LOL.

 

Ever seen reps for Spy Sweeper or Spyware Doctor around here addressing user concerns?

If they have then I've missed any of their input.

Did you read the only comment at the review.

 

I don't pay much heed to PCMag reviews. I've used SAS to clean a few PCs for friends and family and it has performed just fine. I use the free version on my PC to scan on-demand every now and then and my wife uses SASPro on her laptop realtime. I recommend it every chance I get to those who are stuck with SS or SD.

SAS is top-notch

 

I have yet to find a malware that SAS can't remove.
I'm sure there are many, but so far I've been lucky and SAS has always saved the day.

 

I will say it thoroughly cleaned my sons PC a few months ago and it is indeed good to have someone like Nick to help out in the forum. I would always pick SAS over any of the big boys. You guys should know by now that I like to ruffle a few feathers now and then. LOL. I do think MBAM is a good program though and hopefully we will see a review of it soon. But anyway, I trust what you folks have to say in here much more than I do most of the PC magazines I see in book stores and am grateful there's a free program like SAS. If they would just change that icon though. LOL.

 

Two articles about SAS and two times the same author.
That's an o(h)ne man show : one opinion, one test bed, one way of thinking, ... not really something you can build on.

 

Blame the beetle as will, but you may be thankful for the beetle when it detects a rootkit using our Direct Disk Access that Malwarebytes and other products will never see because they use the Windows API to access the disk

 

Neil at PCMag does his best to perform these tests. Since he is a one man show, he doesn't have the resources to perform the tests ideally. It's a tough task.

The problem is, if he tests product "A" today, then tests product "B" two weeks later, product "B" has had two additional weeks to add definitions, so it will logically detect more of the current infections. You can see how many definitions we do in a day, so multiply that by two weeks and you can see what I mean (this goes for any vendor):
http://www.superantispyware.com/definitionupdatehistory.html

SUPERAntiSpyware was tested at the front of the test pack as we were one of the only apps "ready" with our new release.

The bottom line is no application can catch everything on a given day - SUPERAntiSpyware has many technologies such as our DDA (Direct Disk Access) to detect items other products will never see on the disk - which could be stealing personal information and the user would never know - these new "breed" of threats don't show any indication that they are there, and >90% of the current scanners won't see them because they use the Windows API and these rootkit style threats "hide" below those layers and filter all access to keep themselves from being detected.

The best defense is, of course - safe surfing, but to get your system clean if you are infected, multiple layers of protection/detection are always needed.

 

Hi Nick, what about Rustock C?

 

If you have something we don't remove, simply pass the samples to us at samples AT superantispyware.com and they will be analyzed and processed immediately.

 

That's right, a scanner that doesn't remove Rustock.C, doesn't belong to the elite anymore and won't be mentioned in any magazine either. One malware can really make a difference.

 

This is one of the most interesting malware indeed.

 

It,s not so simple!

U did not reply my Q indeed.

 

If you have samples, send them to us - we detect many variants of Rustock, if you have ones we don't detect - send the files, or source of the files and we will process them - it really is that simple If you can't get the files, we have tools that use our DDA that can get ANYfile no matter what

 

So was CoolWebSearch in the past. To me Rustock.C is just another bad change, that needs to be removed.

 

Be careful what you suppose .

We do already have a a driver that has DDA , how else could we be breaking file headers of in memory/locked/cloaked files ?

We have another driver in the works that will be doing early load backup delete .

As of now we use the API for what it is best for and DDA for the nasty stuff .

 

As for testing I agree with what Nic is saying in a lot of ways .

I want to see this :

Take a machine and have it infected by security experts that know where the newest and nastiest malware is .

Clone the drive to multiple drives and load them up in identical machines .

Have each machine install , update and then scan and remove what it finds with a different antimalware application .


A second (and better) test would be to have the active protection turned on first and then try to install the same malware .



One thing I am annoyed with more than anything else are the tests that consist of nothing more than scanning a folder with hundreds of thousands of samples from the last 10 years in it . Malware used to be pathetic and padding defs to ace a test like that is easy . This test also says nothing about detection of hidden malware , removal of malware and blocking of malware .

 

You are kidding Nick!

 

Hey Nick, you missed my other post. Why are you always picking on me? LOL.

I will say it thoroughly cleaned my sons PC a few months ago and it is indeed good to have someone like Nick to help out in the forum. I would always pick SAS over any of the big boys. You guys should know by now that I like to ruffle a few feathers now and then. LOL. I do think MBAM is a good program though and hopefully we will see a review of it soon. But anyway, I trust what you folks have to say in here much more than I do most of the PC magazines I see in book stores and am grateful there's a free program like SAS. If they would just change that icon though. LOL.

 

The beetle is cute.

 

ErikAlbert if that was case then PC review mags would be reviewing handful of private tools and dr web's cure-it only....so your statement is just cr@p.

Bruce....maybe if someone took GMER driver and added Partizan functions then u might have a very powerful weapon.That said rbanshee still has more tricks

Nick S,

As with loaded MBR rootkit unless you code new module SAS will not be able to remove loaded Rustock C. Its merges with any boot load driver selected at random and then jumps every so often to new host driver.MD5 checkers going to get mauled over this one.

As far as samples go i have uploaded Dr Webs broken Rustock C driver to both MWR & MIRT so if you have'nt got then no excuse for not having. It is a packed broken driver and giving a lot of experts/software engineers quite a few headaches
So good luck

 

Bruce - you know me better than to make a claim or statement that is untrue, remember you were in direct interaction with us before MBAM. I don't say ANYTHING without doing my homework

I am not talking about Kernel Direct - that was 2 years ago for us, just as the early load driver to remove files - it's very flattering how MBAM is cloning most of what we have already done Bypassing memory/locked/cloaked files is a piece of cake. We have fully analyzed how MBAM works (along with all our competitors - just as you have done with SAS), and there is no DDA.

If you do claim to have DDA, would you like to take the NTFS file system question challenge? I can provide you a test rootkit so you can create signatures for it and see if it can be detected AND removed - with DDA and early load drivers, it should be a snap!

MBAM is a great application, and I am not putting it down at all - you guys are doing a great job leveraging your forum relationships and detecting the top level threats from the "adult" sites - the more clean machines the better!

We are all in this together to fight spyware, the way I look at it is that since no single application can catch everything on a given day, the more legit scanners the better and since MBAM + SAS can co-exist on a single system, it's twice the protection for the user - so everyone wins!

 

Not picking on anyone! MBAM is a nice application. I wish them the best on their review - it's a "crapshoot" depending on the samples used, when he tests, etc. - one day you can be on top, the next on the bottom with the PC Mag reviews. We have over 8 million users now, so I guess SAS is working for someone!

 

Wow Ade! Haven't heard from you in forever! Glad to see you are still around! Yes, fully aware of the MBR ad Rustock C driver issues - we do our best to detect and remove anything we find, and certainly don't do it with MD5's Hope you are doing well!