SUPERAntiSpyware 4.20.1038 Beta

You can do the same exact thing (create a filename only) with many products and place it in different locatations and it will be detected. The data that you don't have is the millions of computer diagnostics we have and we know that statistically certain names don't appear as legit products.

We have run similar tests on many other products and you can "trick" them into detecting items that are named as infections or placed in locations infections are known to infect.

The bottom line is that with 100's of millions of scans done over that past couple years, we see little to no False Positives on those types of names, so with facts like that we focus on removing infections and not passing silly tests.

 

He he he

I was expecting this kind of answer

You can trick almost every software, that's right. A signature has to be strong and has to guarantee detection of a malware with a small (the best would be without) % of FPs. Since when using file name as detection pattern is a strong signature? Does its job? Oh yeah, forsure. If someone renamed (hey, I'm not saying rebuild, pack, crypt and other silly tricks, I said renamed) Sasser worm, for example, your detection would have been totally bypassed.

You're using far smarter detection ways on your software, then why using file name on MORE than "a definition" (as you said on your first reply)?

It's faster and easier? Sure.
It's almost totally useless? Sure.

You're in the security field since a lot of time, you know why file name has not been used since ages as detection parameter. You know why every security company would not use it. It's simply useless. It means giving the users a false sense of security.

 

I think you would be surprised at how many companies actually use the filename and file location ONLY as their form of detection.

Most of the Vundo detections in popular products are by wildcard filename only.

You are welcome to your opinion, but the reality is that we clean millions of systems each year - and I'll stick with those results in developing our product.

 

At least filename AND file location

Anyway, if I write such technical things, do you think I don't know who and how use these kind of detections?

Your opinions are more than welcome My main goal is to let users know about facts and then leave users decide

 

SUPERAntiSpyware has over 10 million users and is recommended by Dell, AT&T, HP, Microsoft among others, so I agree, the expects can decide!

 

Technical? Did I miss a post?

 

Wow Congratz

 

Oh, no no Don't worry, it's okay You haven't missed anything, these informations are coming from the other world

 

Thank you! We work hard just like every other company to try and keep up with the threats

 

So, let me rephrase:

What is the reason to use a filename over another type of detection? Do you use filenames just because of limitations in the engine? Shouldn't an antivirus/antispyware engine be able to find programs based on signatures, not filenames?

And it shouldn't be a limitation of the engine, because it's using some other nice techniques (bytes check, MD5, MD5 over specific zones, etc...)

 

We do what is necessary and most effectively detects and removes the infection - we have hundreds of techniques at our disposal in the engine and our 4.20 version adds some additional technology pieces to handle the new waves of threats that other products won't even know are there.

 

Ok, so now users know that SuperAntiSpyware make uses of filenames as detection pattern That's all

And, quoting a post from some time ago:

https://www.wilderssecurity.com/showpost.php?p=1238271&postcount=31

I totally agree

Thank you for your explanations

Bye

 

SUPERAntiSpyware uses a very advanced engine to detect and remove threats - part of that MAY include filename detection if necessary, and may include other techniques as well.

Name detection is used by many products on the market. It's interesting that all the threats you referenced by filename were from 3 years ago. In many cases, that's all that was necessary to detect those at that time.

A non-technical user still won't understand what you are referring to - and if it matters or not. What they understand is what cleans their system.....and that's what we do!

 

I still have version 4.15.0.1000. I have checked for updates but keep getting a message that none are available. Do I have to manually download an update for Vista?

 

4.15.0.1000 is the current release version and 4.20.1038 is still in beta. You can get the beta from the SAS tech. forum.

 

We have that current version 4.15 on all our computers, Vista Home Premium and XP. No problem with daily updates on any of them.

This is a piece of software we won't be without.

 

Chuck75, he is talking about version updates, not about signature file (definitions) updates.

 

Yeah, duhhhh, it's called 'old age disease.'

 

I recently purchased Superantispyware and personally so far I think it is great. I am considering installing Vista x64 but wanted to know if it supports x64? I poked around on the site and didn't find anything on this and with the advanced scanning engine in it, I am hoping it runs on x64.

 

http://forums.superantispyware.com/viewtopic.php?t=1789&highlight=64bit

 

I have SAS on my HP m9350f with Vista 64 as on-demand only. I have the stable version not the beta. I tried it with realtime enabled and my computer would not boot, I had to do a factory restore, because it would not uninstall in safe mode.
I would be wary to use it realtime till its fully compatable with x64.

 

Thank you...