Superantispyware

What a shame that threads get to this state!

I know I am not an expert user but I do know when a program I use is connecting to the internet.

I (as I posted before) have been using SuperAntiSptware for a while,I have added it to my sons machine and a small help group I am involved with are trying it on clients machines(WE Help elderly/disadvantaged people with pc/internet etc).

I have NEVER seen anything that could be considered malicious about this program.
I use Kerio firewall,all apps. are set to ask and you can see in realtime anything connecting or running,I have been able to check for any connection as this program is started and with auto updates switched off there is NO attempt/connection made.
I like this program and will continue to trial it.

 

Upasaka - I agree 100% with your comments regarding threads reaching this state. It is very frustrating. I really don't like having to deal with people like Snowman when they simply "bash" a product for no reason - especially when I believe I have shown that we are responsive and will take user's suggestions and concerns seriously. Unfortunately, I do have to respond so the errant comments and nonsense ranting don't end up as "fact" because no one disputes the comments.

If you have any suggestions for the improvment of our product, please let me know!

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

Um, not to bash the product, but I read something about injection of code? I know it was kind of explained, but I still do not understand why we need to have that aspect. If there could be some clarification as to that. I don't want to mess with my computer if I don't understand what exactly a new program is doing.

As to the whole calling home issue, as far as I understand from Nick's comments, can it really be called "calling home" if it's just checking if the server has updates? Aren't products supposed to check for updates? If nothing in our security arsenal "called home" then we would have obsolete definitions wouldn't we? Although, it would be better to have control over this, that I agree on. What can I say, I'm a control freak.

 

I will be happy to clear up the "code injection" question/concern. SUPERAntiSpyware does not inject code into processes at all. We have kernel drivers that exist to handle rootkit style infections that have to be dealt with at the kernel level.

SUPERAdBlocker (http://www.superadblocker) which also contains a version of SUPERAntiSpyware, does use what is called a "system hook" that is used ONLY to detect mouse clicks and keyboard clicks in applications such as Outlook Express, Yahoo Messenger, etc. that host Internet Explorer, but don't load our plugin (called a Browser Helper Object). We do this so if the user clicks a valid link in those programs Super Ad Blocker does not block the link by mistake.

You would be amazed at how many applications used these hooks - they are provided by windows to allow programs to perform tasks such as we use them, but, like anything good - it can and has been exploited by "harmful programs". Applications such as Yahoo Messenger use hooks to determine when the sysetm is idle, for instance.

Please let me know if this clears up the code injection issue!

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

Very good. Thanks. I'm going to install this on a test machine tonight. I'll see how it goes.

 

BTW, I uninstalled SiteAvisor and Google Desktop today and both loaded the browser without my permission, so bad. If I am not forgetting SpySweeper did this also on uninstalling its trial. Za Pro asked me before doing this, that,s ok.

 

I contacted nick through their support today and are really impressed with their excellent service.. I would have spoken with nick at least 4 or 5 occassions over 4 hours with a few queries that I had and each was responded too within a few minutes.
One of the questions i asked of Nick was what the diffirence is between the superantispyware in the " SuperAd blocker " compared to the "superantivirus pro" . Any ways the short of this is that he is offering a "special for a limited time" for users that purchase Super Ad Blocker - they will get a copy of the SUPERAntiSpyware Professional for free ( like I did), Or, if they purchase SUPERAntiSpyware Professional, they can have a free license to Super Ad Blocker.
any one whose interested just contact nick

 

New version by Friday?:

Quote Nick over at Spyware Warriors:

"The issue with the large file(s) has been resolved and our new version will be released by Friday".

 

I'm not bashing here, but I've tried the free version on my sons machine and you have a splash screen when you start up, WHY? - cos it is free you cannot disable(within the program.) Also I recieved 2 icons(ads?) links to other products on my desktop - a problem to a novice using Limited a/c!
Scan results were a little disappointing, 5 f/p for BTelecoms BB check-up, 1 for a tmp file relating to a program he has, called Namo-page editor, and 3 adware f/ps.......but, not outrageous false reports.
On a positive as I've read it has SYSTEM right, something I do with other security scanners, so thats good.

 

I have to agree with Meriadoc about the splashscreen and the 2 icons added to advertise other products. [they got deleted]However, when one is using a free product I suppose there has to be a downside. But not one that is wanted!
But I have to return to a subject that has caused a little controversy here. My Kerio firewall alerts me to SAS [update feature] on port 80 calling out for updates which is fair enough, but there are 2 more............. one is labelled SAS only which attempts to call adblocker.net on port 80, and one more tries to call home on port 443,https ie

Remote Point: ev1s-69-57-148-164.ev1servers.net [69.57.148.164], port https [443]
Protocol: TCP
would someone like to explain these 2 activities please, as I am not fully happy about this.?
Thanks Gordon
Incidentally SAS found nothing on my PC . which is good

 

The new version which will be available by tomorrorow (Friday, April 7, 2006 - 12 noon, Pacific Time) does not install the icons on the desktop and prompts before making any Internet connection. You can also disable the update checking in the start-up wizard so it won't do any connections unless you ask it to.

In the Free Edition, we have the splash screen stay up for 3 seconds just like McAfee, Ad-Aware (while it loads), and many other products - you can click it and it goes away immediately - we don't allow this to be disabled in the Free Edition, that is correct - you are getting a 100% anti-spyware scanner that took thousands of hours to create and takes thousands of hours to maintain to keep ahead of the spyware/malware/adware - surely we deserve to have some brand recognition from our product.

Did you do a rules update before scanning? All false-positives should have been eliminated many weeks ago - if you can send me the files to nicks at superantispyware.com I will immediately update our rules to not detect those items. Our new version has a built in "Report False Positive" option that will send us the file from within the product.

The connections we make are to our superantispyware.com, updates.superantispyware.com and superadblocker.com domains - our servers are located in EV1Servers facility. The domain is not 'adblocker.net'. The system diagnostic (if you choose to submit them) are sent to the superadblocker.com domain as that is where we have our master database of submitted diagnostics from all of our products - this keeps them in a single location. The connection over the https (443) port contacts our registration server to verify registration codes, stolen codes, etc. If you turn off auto-update checking, these connections are not made until you initiate a check for updates manually.

Once again, I encourage anyone concerned to use a packet sniffer to view the traffic back and forth to our servers - you will see no personal information being transmitted and that we only pull down data. We do send data for diagnostics and false positive reports - this is only initiated by a user request.

Please let me know if this resolves your concerns.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

I purchased Superantispyware and lifetime updates about a week ago. Have had no problems whatsoever. However, I fail to understand all the complaints Nick has to deal with for all his time and energy for something the vast majority of people [from what seems to be the case in the forums I've read] are using free of charge. I must admit that he is handling it much better than I could. Come on people, get a life and let him work on improving his product unless you truly have something constructive to add. If you don't like it, DON'T USE IT!

 

Dear Nick, Thankyou very much for explaining SAS's outgoing requests in my firewall. That has cleared that up! I am glad to hear the 2 icons will be removed in the next update and I will continue to evaluate the programme, with a view to later purchase.

Dear Bucksnort, if you dont ask any questions you dont get any answers.

 

Spoiled brat! How dare you to complain about a free version doing some fair promotion in a splash screen in return for their efforts!

 

So u think if it is free, you should not complain even if you feel some thing wrong!

 

Let us all think very hard before posting something with a personal remark included.

 

@wings-I wasnt even going to respond to that, but as I've recieved your message saying it was pathetic I will remind you that I did NOT complain! As far as I'm concerned I'm asking questions, I'm certainly no spoiled brat nor pathetic. I'm a top-down designer/lead programmer and look after some impressive hardware so its my nature I think to ask questions on others programs, and I take the time to report back especially when I've used a free app and you got the vendor posting.

@Super-I'll send no problem, but(I hesitate to type) was there a ver already upto date cos when I asked to be updated I got back that it was - cant quite remember the exact wording, and I did think it strange at the time. Maybe this was the problem with the scan, have you seen this as an issue for you cos nothing was stopping it here.

EDIT okay I first tried this on my sons machine, I thought it would get a good run on there, a better test because of on-line habit, games, files etc. Unfortunetly everything got deleted when he bined the 'tempory zone' (something I put together to safely try programs.) Anyway I have tried to replicate things on my machine, cos I could not use his. I've installed Namo, the BT Broad Band files and SUPERAntispyware into a tempory zone. After updating SAS I scanned and I have 8 hits for the BT files, thats +3...Search-Exe, and 1 for the temp file as before(once I brought his project over as well! hey I'm earning this freebie lol)...Unclassified. I could not replicate the adware but I did have a few for adware tracking cookie.
Strange my c files I have sorted - Whats your take on your programs cookie detections?

 

maybe super should of made a beta version first?

 

Downloaded the new version and gave it a whirl.

I run a thinned down XP pro sp2 so my results will differ from the norm.

One desktop item created,no false positives,easy to configure,full scan of C (1.2 gig data) 2min 50 seconds,mem usage goes between 16-26 meg whilst scanning, sitting around 22meg realtime.

Only one initial warning from ZAP when first manually updating.

Quite like it.No malaware found.

As I prefer just to have ZAP and Sandboxie as my only realtime apps Superantispy is a keeper as an on demand app along with Ewido and My AV.

 

Meriadoc - if you are having false-positives detected, use the Report False Positive button and submit the files and I can then remove them promptly from the rules. Yours is the only report of false positves we have as of now, and I would like to resolve this so others don't have incorrect items detected.

Franklin - Thanks for the report. Glad you like it Let us know if you have any suggestions or quesitons!

Thank you to all those that have helped out!

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

Is it still relevant, I dont want to cause you a lot of unnecessaty work - I will try new ver and report anything promptly.
Update on this ver was ok, my system did not allow an update after install and I thought update didnt happen when asked-did a scan with no update and got a heap of stuff, updated and got less...wasnt sure then if you wanted a report or the files wraped and delivered...


EDIT : Report of false positives - done.
SUPER I like this program thats why I show interest and get your take on it. I only show my observations and like I said in my first sentance this is no bash. I might know how to get rid of the links but alot will be novice, maybe limited permissions-anyway that is no issue now. I say what I see and this program has good features - I liked it straight away.

 

Hi Nick, Can you tell us when you expect to have a fully X64 version available?

Like many here I am converting to X64, I use it as my main OS on this PC and also on one of my laptops.

With the kernel mode drivers I suspect that this will create quite some extra development for your company but, of course, this development will also aid your later versions for the belated Vista.

Cheers, Pilli

 

Meriadoc - thanks for the update. I only see 1 file in our false-positive report. Did you report each file that was detected? Was the screen shot from the scan AFTER you updated to the latest rules?

Pilli - We are currently evalutating the changes required to our kernel drivers and user mode portions of the product to support X64. Vista also changes the way hooking works, so we are researching those issues also - I will keep the group post as to our findings and developments.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

I only see 1 file in our false-positive report >SUPER

Oh it should of been a 8,5,1- I presumed they were all reported.
I will do it again v.soon.

AFTER you updated to the latest rules? >SUPER

Yup

 

SUPERAntiSpyware Free Edition and SUPERAntiSpyware Professional Release

Hello all - the new version 3.1.1010 has been released both on our site and activated in the update server. Those of you already running the product, may simply right-click the SUPERAntiSpyware icon and select "Check for Updates..." to download and install the new updates. The rules set updates are Core : 2852 and Trace : 1028.

The following are the major changes in this release.

* Enhanced scanning engine to detect more rootkit style threats and user mode hooking applications
* Enhanced Browser Hi-Jack Detection
* User Interface Enhancements including trust/allow, manage trusted items and explain detected items directly from detection screen
* False-Positive Reporting system that allows false-positives to be reported directly from the detection screen. We will then analyze and address them promptly.
* Installer no longer places extra icons on the desktop
* Auto-updating when the product starts may now be disabled in the General and Startup tab of Preferences
*Reset Defaults option added to the General and Startup tab to allow all settings to be restored to their default values
* Option to not resolve .lnk files added to Scanning Control
* Option to not terminate memory threats added to Scanning Control to help with spyware/malware that crashes the system when terminated
* Enhanced and updated Repairs to help repair system items damaged by spyware/malware
* Resolved rare issue where files over 4MB were scanned when a link (.lnk) pointed to the file
* Resolved issue where certain options were not getting properly saved (check states)
* Updated Help File
* Thousands of new detection rules - make sure you check for updates daily!

I would like to personally thank all of you that helped in the testing of the product and provided positive and valuable suggestions for improvement.

I am open to any feedback, comments or questions you may have regarding the product.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com