PC Magazine review: SUPERAntiSpyware Professional 4.0

Discussion in 'other anti-malware software' started by EliteKiller, May 8, 2008.

Thread Status:
Not open for further replies.
  1. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    Here's the thread from last year discussing PC Mag's review of SAS 3.7. I just came across their review of SAS 4.0 from last month.

    Spy Sweeper and Spyware Doctor are top tier? :rolleyes: Maybe in the bloatware dept.... As much money as those two companies are making they can't even give you a 30-day fully functional trial.
     
  2. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    I'm not sure but these reviews don't seem too far off the beaten path. They gave Avast and Comodo Firewall Pro great reviews which are free apps. I am actually already using Malwarebytes Anti-Malware instead of SuperAntiSpyware so for me it doesn't really matter. However, I hope some of the die hard SAS users chime in to explain why it got such a bad review yet again. Personally I blame the beetle they use for the System Tray Icon. LOL.
     
  3. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Ever seen reps for Spy Sweeper or Spyware Doctor around here addressing user concerns?

    If they have then I've missed any of their input.

    Did you read the only comment at the review.
     
  4. cp4eva

    cp4eva Registered Member

    Joined:
    May 26, 2007
    Posts:
    127
    Location:
    TX
    I don't pay much heed to PCMag reviews. I've used SAS to clean a few PCs for friends and family and it has performed just fine. I use the free version on my PC to scan on-demand every now and then and my wife uses SASPro on her laptop realtime. I recommend it every chance I get to those who are stuck with SS or SD.

    SAS is top-notch :thumb:
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I have yet to find a malware that SAS can't remove.
    I'm sure there are many, but so far I've been lucky and SAS has always saved the day.
     
  6. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    I will say it thoroughly cleaned my sons PC a few months ago and it is indeed good to have someone like Nick to help out in the forum. I would always pick SAS over any of the big boys. You guys should know by now that I like to ruffle a few feathers now and then. LOL. I do think MBAM is a good program though and hopefully we will see a review of it soon. But anyway, I trust what you folks have to say in here much more than I do most of the PC magazines I see in book stores and am grateful there's a free program like SAS. If they would just change that icon though. LOL.
     
    Last edited: May 9, 2008
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Two articles about SAS and two times the same author.
    That's an o(h)ne man show : one opinion, one test bed, one way of thinking, ... not really something you can build on. :)
     
  8. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Blame the beetle as will, but you may be thankful for the beetle when it detects a rootkit using our Direct Disk Access that Malwarebytes and other products will never see because they use the Windows API to access the disk :)
     
  9. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Neil at PCMag does his best to perform these tests. Since he is a one man show, he doesn't have the resources to perform the tests ideally. It's a tough task.

    The problem is, if he tests product "A" today, then tests product "B" two weeks later, product "B" has had two additional weeks to add definitions, so it will logically detect more of the current infections. You can see how many definitions we do in a day, so multiply that by two weeks and you can see what I mean (this goes for any vendor):
    http://www.superantispyware.com/definitionupdatehistory.html

    SUPERAntiSpyware was tested at the front of the test pack as we were one of the only apps "ready" with our new release.

    The bottom line is no application can catch everything on a given day - SUPERAntiSpyware has many technologies such as our DDA (Direct Disk Access) to detect items other products will never see on the disk - which could be stealing personal information and the user would never know - these new "breed" of threats don't show any indication that they are there, and >90% of the current scanners won't see them because they use the Windows API and these rootkit style threats "hide" below those layers and filter all access to keep themselves from being detected.

    The best defense is, of course - safe surfing, but to get your system clean if you are infected, multiple layers of protection/detection are always needed.
     
    Last edited: May 9, 2008
  10. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi Nick, what about Rustock C? :D
     
  11. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    If you have something we don't remove, simply pass the samples to us at samples AT superantispyware.com and they will be analyzed and processed immediately.
     
  12. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That's right, a scanner that doesn't remove Rustock.C, doesn't belong to the elite anymore and won't be mentioned in any magazine either. One malware can really make a difference. :D :D :D
     
  13. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    This is one of the most interesting malware indeed. :)
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    It,s not so simple! :)

    U did not reply my Q indeed.
     
  15. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    If you have samples, send them to us - we detect many variants of Rustock, if you have ones we don't detect - send the files, or source of the files and we will process them - it really is that simple :) If you can't get the files, we have tools that use our DDA that can get ANYfile no matter what :)
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    So was CoolWebSearch in the past. To me Rustock.C is just another bad change, that needs to be removed.
     
  17. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    Be careful what you suppose .

    We do already have a a driver that has DDA , how else could we be breaking file headers of in memory/locked/cloaked files ?

    We have another driver in the works that will be doing early load backup delete .

    As of now we use the API for what it is best for and DDA for the nasty stuff .
     
  18. nosirrah

    nosirrah Malware Fighter

    Joined:
    Aug 25, 2006
    Posts:
    561
    Location:
    Cummington MA USA
    As for testing I agree with what Nic is saying in a lot of ways .

    I want to see this :

    Take a machine and have it infected by security experts that know where the newest and nastiest malware is .

    Clone the drive to multiple drives and load them up in identical machines .

    Have each machine install , update and then scan and remove what it finds with a different antimalware application .


    A second (and better) test would be to have the active protection turned on first and then try to install the same malware .



    One thing I am annoyed with more than anything else are the tests that consist of nothing more than scanning a folder with hundreds of thousands of samples from the last 10 years in it . Malware used to be pathetic and padding defs to ace a test like that is easy . This test also says nothing about detection of hidden malware , removal of malware and blocking of malware .
     
  19. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    You are kidding Nick! :)
     
  20. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Hey Nick, you missed my other post. Why are you always picking on me? LOL.

    I will say it thoroughly cleaned my sons PC a few months ago and it is indeed good to have someone like Nick to help out in the forum. I would always pick SAS over any of the big boys. You guys should know by now that I like to ruffle a few feathers now and then. LOL. I do think MBAM is a good program though and hopefully we will see a review of it soon. But anyway, I trust what you folks have to say in here much more than I do most of the PC magazines I see in book stores and am grateful there's a free program like SAS. If they would just change that icon though. LOL.
     
  21. Jadda

    Jadda Registered Member

    Joined:
    Jun 5, 2007
    Posts:
    422
    The beetle is cute. :)
     
  22. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    ErikAlbert if that was case then PC review mags would be reviewing handful of private tools and dr web's cure-it only....so your statement is just cr@p.

    Bruce....maybe if someone took GMER driver and added Partizan functions then u might have a very powerful weapon.That said rbanshee still has more tricks;)

    Nick S,

    As with loaded MBR rootkit unless you code new module SAS will not be able to remove loaded Rustock C. Its merges with any boot load driver selected at random and then jumps every so often to new host driver.MD5 checkers going to get mauled over this one.

    As far as samples go i have uploaded Dr Webs broken Rustock C driver to both MWR & MIRT so if you have'nt got then no excuse for not having. It is a packed broken driver and giving a lot of experts/software engineers quite a few headaches;)
    So good luck:)
     
  23. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Bruce - you know me better than to make a claim or statement that is untrue, remember you were in direct interaction with us before MBAM. I don't say ANYTHING without doing my homework :)

    I am not talking about Kernel Direct - that was 2 years ago for us, just as the early load driver to remove files - it's very flattering how MBAM is cloning most of what we have already done :) Bypassing memory/locked/cloaked files is a piece of cake. We have fully analyzed how MBAM works (along with all our competitors - just as you have done with SAS), and there is no DDA.

    If you do claim to have DDA, would you like to take the NTFS file system question challenge? :) I can provide you a test rootkit so you can create signatures for it and see if it can be detected AND removed - with DDA and early load drivers, it should be a snap!:)

    MBAM is a great application, and I am not putting it down at all - you guys are doing a great job leveraging your forum relationships and detecting the top level threats from the "adult" sites - the more clean machines the better! :)

    We are all in this together to fight spyware, the way I look at it is that since no single application can catch everything on a given day, the more legit scanners the better and since MBAM + SAS can co-exist on a single system, it's twice the protection for the user - so everyone wins!
     
    Last edited: May 9, 2008
  24. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Not picking on anyone! :) MBAM is a nice application. I wish them the best on their review - it's a "crapshoot" depending on the samples used, when he tests, etc. - one day you can be on top, the next on the bottom with the PC Mag reviews. We have over 8 million users now, so I guess SAS is working for someone!
     
  25. SUPERAntiSpy

    SUPERAntiSpy Developer

    Joined:
    Mar 21, 2006
    Posts:
    1,088
    Wow Ade! Haven't heard from you in forever! Glad to see you are still around! :) Yes, fully aware of the MBR ad Rustock C driver issues - we do our best to detect and remove anything we find, and certainly don't do it with MD5's :) Hope you are doing well!
     
Loading...
Thread Status:
Not open for further replies.