The best antispyware?

It,s an interestimg observation. Can anybody confirm it?
I have read a bit similar complaint about CounterSpy in the past.
I tried to reproduce it with SuperAntispyware and according to my observatiuon, it is wrong.

 

Anyone can "break" any application at any time - meaning, if you use our, or other anti-spyware products, as they are meant to be used, they typically will function well and remove the spyware and leave the rest alone, but if you try and make applications LOOK like spyware, then the anti-spyware applications, including SUPERAntiSpyware, will likley detect the application as spyware/malware.

Renaming files, and creating situations that do not occur in the real-world is like taking your car, driving it on a lake and saying it does not work like a boat - why? Because it is designed to drive on real-world roads not on water.

I will always favor spending my development time and money on dealing with real-world spyware/malware infections because that is what 99.99% of our users need. Those that want to break our product, or find fault, will most likley find things that may not work as "they" want.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

Well said, Nick and I totally agree with you.

Edwin

 

i would say spysweeper but i got a problem with it that makes it hangs on start up for like 5mins really annoying. and i have tryed to contact webroot about it like 5times and they say uninstall and reinstall aka done that also 5times same thing. anyway counterspy seems that its good and i have read that there support is great from some people.

 

I'm using Ewido too and Ewido doesn't detect it as spyware. You said your product use an advanced system of heuristics, checksums, in-file scanning, unpacking and other techniques, but why it doesn't know the different between spyware and legit application ? I change only the name and I don't think I tried to make the application looks like spyware. Spyware is not about the name, but what it act.

In the real world someone can change name of malware and send it to me. SAS can't find it. When I execute it, my computer is infected.

I only want to inform your users, that it's easy to fool SAS. I don't want to break your product. I've tried SAS and I like it, but you have to make it better.

 

I am currently using Ewido anti-spyware. IT IS GOOD ENOUGH compared to others?

 

I don't have an opinion on what's the best AS program.Currently using Spyware Terminator beta and the A-Squared free scanner.

 

If you change the name of spyware, we will likely still detect it through heuristics and checksums. We don't rely on the name. It is easy to get spyware past Ewido, SpySweeper, Spyware Doctor, etc. you can fool any application by changing simple things in a file.

As I stated above, we focus on what we see in the real-world, and what we find on our users diagnostics.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

Absolutely bang on Nick! If i took a piece of malware, altered it until it wasn't detected by any AS applicaton's i could sit there saying "There you go, it's not detected any more". So what! I'll sit there and it's not going to cause a problem with anyone else. Is it? But if i put this out on the net and it started to get into people's pc's then it wouldn't take that long until people like you Nick will get hold of a copy of it and then add it to your database. Now that's the real world, and how it works. They call them variant's i believe. The other type are the complete new malware which has been written from scratch. Again, this is the real world.

Oh, and in the real world i can't alter malware to make it undetectable, and i can't write complete new malware. Just so you all know

muf

 

Is Ewido antispyware a good one? Just want a few opinions

 

Nick,

When you say "it is easy to get spyware past Ewido.." ... are you saying that your approach is different that thus it is not as easy to get past SAS?

Have any independent comparative tests (like AVCompartives) been done?

Best wishes, and I hope you continue to develop and improve the product. Thanks for including a free version.

v/r ftp

 

I didn't target Ewido specificially as you can see above in the thread. What my point is, is that it is easy to get spyware past ANY anti-spyware or anti-virus scanner, including SUPERAntiSpyware. It is impossible for ANY anti-spyware or anti-virus application to get everything, on a given day due to the rampant spreading of new variants of existing spyware and the release of new spyware/malware on a daily basis.

To me comparative tests really only sum up what a given application does on a given day, against a given set of samples. If the samples are provided to the vendors ahead of time, then the detection rate should be 100% - if they are new variants that no one has seen, or seen traces of, the detection rate will likely be very low.

I think the true test of an anti-spyware and/or anti-virus application is how it does over a period of time, such as a year, and how the team reacts to new variants and samples,and how the customers are supported.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

And I can testify that the support of Nick's company is A+. Just like Mike of Tall Emu, Nick and his men are very fast when it comes to giving customer support. Keep up the good work and other companies: act the same!

 

I agree.
Nick! what about adding some heuristic module in SAS for advanced users as to my knowledge no AS has this module( if I am correct).
It might give some false postives but heuristic detections will be for advanced users so they can handle this.

 

We already have heuristics built into our advanced definitions, that's how we detect/remove many of the variants before we even see them in our lab.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

I just found this thread. It contains some great points and I want to add my opinions. First, I have not even your product Mr. Skrepetos. It has been recommended to me by a reliable friend. Currently, my AS of choice is Webroot's Spysweeper for many of the reasons that many others in this thread use it, I'm sure. Lavasoft's Ad-Aware Pro used to be on my system and I'm aware that it was one of the first AS on the market. I commend them for offerring a free version (even though I used the paid version), but now that product is egrediously under-developed and under-supported.

Mr. Skrepetos,
With all do respect, when discussing comparatives you stated the above. Is this not a case where your claimed heuristics should be picking up the new variants? Without comparatives, how else should customers compare alternatives? I agree that truly fair, comprehensive, unbiased tests are hard to come by, but it seems that complaints about such tests usually come from the products that perform most poorly.

I am concerned about the "name change" issue. If all a malware needs to do to sneak past your product is assign a random name to their files, then doesn't that substantially hinder your product's effectiveness? You also mentioned Checksumming as one method of detection. Couldn't a malicious coder simply insert random comments into their code to significantly alter the checksum of their file and thus defeat this method as well?

I will try your product on the recommendation of my friend and evaluate its effectiveness myself. Please keep in mind that I am not attacking your or your product, I'm just curious. It seems that your customer service is great and that is just as important as a good product. I heard some knocks against Webroot's Spysweeper customer support. My experience with it has been nothing but positive.

 

Heuristics do apply for new variants - it just depends on how they are implimented as many heuristic systems will create a large volume of false positives, which a non-technical user would have no way of understanding.

I guess our approach is more on the side of making the least amount of work and concern for the user. For our paid customers, we offer free diagnostics of their system if something is not detected and removed, and we can then update our definitions so only the spyware is removed, and false positives are kept to a minimum.

I am not concerned about an unbiased review of SUPERAntiSpyware - if a problem is found, we are quick at addressing issues so reviews are welcome, just as is feedback from our users - ultimately it just makes the product stronger for the users - so it's a win-win all around for everyone.

My concerns with reviews lie in the fact that many supposed "security experts" really have no clue about the spyware/malware game in the real-world, and provide negative reviews based upon personal opinions, and/or "features" they would like to see, and not about how the product actually does in the real-world testing, which includes reporting non-detected items and seeing how fast definitions are updated to deal with the infection.

Nick Skrepetos
SUPERAntiSpyware.com
http://www.superantispyware.com

 

I recently downloaded a trial copy of Superantispyware and found its scanning time to be slower than Ewido 4 and A-squared 2.0. SA's features seemed competitive with others though. Does anyone have similar experience with SA?

 

Hi lu_chin,

I ran some scans within the last couple of days, and found that SAS took 22 minutes, Ewido took 19 min 54 Sec, Counterspy took 24 min and 37 sec, and Spyware Doctor took 16 minutes.

I just tried a scan with a-squared. It had been scanning for 30 minutes, and appeared from the bar to be less than half finished. I am about to go to bed, and canceled the scan.

All the scans were full scans with all applications that normally run real-time running.

On my machines SAS does not have an especially long scan in my estimation.


Regards,
Jerry

 

Been fairly happy with SpySweeper. I'd imagine most folks are having issues with it or other apps due to app conflicts with either their AV, AT, another AS or an old OS like 98.

 

I use Spyware Doctor 4 (scans my 250 Gig hardrive in 3 min), my back-up is Spy sweeper 5 ( scans the same hardrive in 4 min). Both products have award after award from some of the most 'respected' PC Magazines.

Now as for 'BEST', that is something else. Many security websites and forums will throw so much conflicting stuff at your face. Here is the deal for me: Even if all the registered users on this forum can vote (excluding rogue products) on the issue, you can pick the product with the least votes and combine it with an AV, firewall and anti-trojan and remain reasonably secure depending on your 'safe' practice behaviour.

If cost is no issue, some free Anti-spyware products do a very good job.

 

I am testing SUPERAntiSpyware and SUPERAdBlocker at the moment and the test is running great, I must say. The feeling of both programs are great and compared to Ewido 4 I find that SAS is faster and it uses a bit less RAM

I think it's agood choice to download the free trials to find out for yourselves what it does omn your PC. I am not concerned about possibly longer scans. SAS does a thorough job and that I like. Maybe you too.

 

Hello,
My best choices go to:
Spybot - it's software that I trust, never had any problem with it, never had a FP, does what it's supposed to do.
Ewido - light, effective, powerful.
Mrk