Security

Review: SuperAntiSpyware Professional security software

SuperAntiSpyware Professional is a non-disruptive, time-saving and easy-to-use utility that administrators and support technicians can wield to prevent infections and efficiently recover when infestations occur.

Malicious software - unwanted adware, spyware, Trojan programs and other malware threats - plague technology professionals and business systems. These incessant programs foil IT pros' attempts to keep business systems running smooth and trouble free. SuperAntiSpyware Professional, however, is a non-disruptive, time-saving and easy-to-use utility that administrators and support technicians can wield to prevent infections and efficiently recover when infestations occur.

Specifications

  • Manufacturer: SuperAntiSpyware
  • Product: SuperAntiSpyware Professional
  • Version: 4.26
  • File Size: 5.5MB
  • Operating systems: Microsoft Windows 98/98SE/ME/2000/XP Home/XP Professional/2003/Vista
  • Languages: Danish, English, French, German, Italian, Macedonian, Norwegian, Polish, Portuguese and Spanish.
  • Download: SuperAntiSpyware Professional
  • Price: $29.95 (corporate licensing available)
  • Get a closer look in the TechRepublic SuperAntiSpyware Professional Photo Gallery

Who's it for?

Windows computer users, IT consultants, computer service and repair shops, and small businesses will all find SuperAntiSpyware Professional an effective program for blocking and removing spyware, adware, Trojans, keyloggers, hijackers, worms and other malicious software. Even enterprise environments can leverage the software's strengths.

What problem does it solve?

Spyware and malware threats increase daily. Most every Windows system connected to the Internet requires capable virus and malware threat detection. Often a one-two punch of separate antivirus and antispyware programs -- standalone applications combined on the same workstation -- is necessary to effectively secure systems. When employing such a tandem, administrators and support technicians need a fast-working, reliable antimalware tool that minimizes false positives while delivering thorough removal.

SuperAntiSpyware Professional monitors 50 different common system entry points to help prevent real-time infection. The software also packs some two dozen automated repair routines in addition to the standard scan and removal options. Further, the professional version enables scheduling canned or custom scans, automatic updates, system diagnostics and registry protection.

Standout features

  • Thorough detection - SuperAntiSpyware detects and removes malware infections other antimalware programs miss. In several real-world cases on my office's test bench, where problematic client PCs showed "clean" following scans using other leading antispyware programs, SuperAntiSpyware detected and removed active Trojan infections, thereby returning systems to proper operation.
  • Real time protection - The professional version includes active protection against real-time threats. The antimalware application automatically scans files before they run; manual scans are not required to identify and remove potential threats. When threats are detected, the application prevents offending programs from executing.
  • Automated repair routines - Support and bench technicians frequently repeat the same repairs when troubleshooting infected systems. Whether it's resetting Internet Explorer security zones, repairing hijacked browser and system settings or fixing corrupt WinSock LSP Chains, SuperAntiSpyware provides one-click fixes for some two dozen common errors.
  • First Chance Prevention - SuperAntiSpyware's First Chance Prevention feature makes it easy for technicians to specify that high-risk registry start up locations automatically be reviewed when a user logs off or shuts a system down. By checking for infections that attempt to replace themselves at shutdown, this "first chance prevention" method helps eliminate vexing malware threats that constantly reinstall themselves.
  • Light footprint - SuperAntiSpyware places little load on Windows workstations, at least when providing active protection. When providing real-time security, the service consumes just 616KB of RAM on a test system in which other antispyware applications consume 15MB-20MB of RAM or more. Scans place a higher demand on system resources, however. When performing full disk scans, RAM consumption jumps to 70MB-80MB, while CPU cycles rise from negligible to 40%-70%.
  • Attractive license pricing - SuperAntiSpyware is competitively priced. At $29.95 per license, the publisher also permits users to install each full priced license on two workstations within the same office or organization. Volume license discounts of 20 percent kick in when purchasing 10 licenses. Forty percent discounts take effect at just the 50 user level, and lifetime licenses (which eliminate renewal fees of $14.95 per year) are only $9.95 more each.

What's wrong?

  • No native 64-bit protection - SuperAntiSpyware operates on 64-bit platforms, albeit in 32-bit mode. The software company plans true 64-bit drivers "later this year."
  • No centralized administration - SuperAntiSpyware targets small businesses and individual computer users. Currently no centralized enterprise administration console is available; although volume licenses (which could be slipstreamed within disk image installs) lower the software's cost as much as 86% when purchasing 1,000 licenses or more.

Competitive Products

Bottom line for business

Combating malware is a daily frustration in the lives of most technology professionals. Simple antispyware tools that complement antivirus applications without causing incompatibilities, performance issues or other errors are necessities in most every technology department and/or consulting shop. SuperAntiSpyware uses few resources during its active protection mode. And although full disk scans trigger a significant jump in RAM and CPU cycles, such scans can be scheduled for off hours. The application is consistently accurate and effective in detecting and removing threats, which makes it a valuable addition to any computer tech's toolbox.

User rating

Have you encountered SuperAntiSpyware Professional? If so, what do you think? Rate the unit and compare the results to what other TechRepublic members think. Give your own personal review of SuperAntiSpyware Professional in the TechRepublic Community Forums or let us know if you think we left anything out in our review above.

Read our field-tested reviews of hardware and software in TechRepublic's Product Spotlight newsletter, delivered each Thursday. We explain who would use the product and describe what problem the product is designed to solve. Automatically sign up today!

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

11 comments
rwbyshe
rwbyshe

It seems company after company releases a new wonder software package for malware on a nearly daily basis. It's like everything else in life... everybody wants a "miracle drug" to cure all the woes in this world. This software isn't that miracle drug by a long shot. What works is to have the proper access points to your computer and data effectively blocked and to have effective software installed that will prevent and/or remove those malware/spyware critters that do happen to sneak through. I say keep it simple and take some relatively simple steps but be dedicated to keeping it all current and use it regularly. Here's what I have implemented in the small company I support, and I use this defense in my home also. Feed comes in to a cable modem and then goes immediately to a router that is password protected. Those items are my first line of defense. Next is software: Again simple and they're the right price. I use a software Firewall, AVG Free, AdAware AE, Malwarebytes, SpySweeper, CCleaner, and Advanced System Care. Yes you have to run most of these but I train everyone how to run them at opportune times in the day so that performance and productivity aren't compromised. If you simply run 1 or 2 of them a day during low use periods of the PC, it will reduce the potential for a problem substantially. It's a simple matter to train folks to understand that THEY have to help maintain their PC's so that they continue to perform well. Calling in tech support once the PC is hosed does nothing to help them or the company. So I prevent and maintain my personal home computers, the small company I support, and individual customers computers in much the same manner as I described. I've found that like everything else if you educate the people, much of the malware problem will go away because of their taking care of their own equipment. Please let me know when some company comes out with one piece of software that will effectively do the job that needs to be done in the malware world. Oh, and it should work well without totally overpowering the PC and making it useless while that software is running. Is that too much to ask???

Tony Hopkinson
Tony Hopkinson

It's the sort of name I'd expect to see off one of those "You are infected" so you might as well download this infected crap as well google hits. No centralised admin means it's a total non-starter for any but the smallest businesses, and there are enough decent free for personal use a/vs to make paying for you home PC vastly unattractive Avast by the way on my system is using 8.5M... Oh and if they optimised to reduce the memory foot print, that means something else was sacrificed. You don't get sumfing for nuffing in that process.

Mark W. Kaelin
Mark W. Kaelin

What anti-malware app are you using? How did you decide on it?

pgit
pgit

This is one more tool in the arsenal, and I find you do have to use a variety of tools. This is a good one, though. Top 3 from what I've seen in a couple days of testing. In fact one test machine had been cleaned with advanced system care, mbam and AVG, and we assumed that was that. But superspyware found a trojan agent nobody else did. We were pleasantly surprised...

Ocie3
Ocie3

"It seems company after company releases a new wonder software package for malware on a nearly daily basis." Hmmm.... I think that most of those are _fake_ anti-malware packages, unfortunately :-( (http://rogueantispyware.blogspot.com/). FWIW, running the programs that you do is not likely to protect you if there is any vulnerability to exploit, and the malware that exploits it is becoming increasingly difficult to identify. Criminals are creating malware with sophisticated features for evading detection and identification. If your security software cannot recognize a malware process(es), then it cannot stop them. If your security software cannot identify the malware file(s) and remove them, then it cannot rid your computer of the malware. Thus far, all anti-malware scanners need and use a "signature" to recognize whether any executable code that it finds and examines is malware. Signatures can be created by analyzing "infected files" or, most often, by analyzing the malware executable(s). That means that you, I or someone else must detect and locate a file(s) that is, or seems to be, associated with malware activity, then send it to one or more anti-malware researchers for analysis. Personally, I've yet to observe any anti-malware program actually use "heuristics" to detect a proven intruder for which no signature was in the database. At present, my computer system has an Embarq ADSL modem, a Linksys WRT54G NAT router, Sunbelt Personal Firewall (I'm thinking about changing to Online Armor), and Sunbelt Software's VIPRE anti-malware (which has an "active protection" feature). And I run almost every program that uses the Internet in a Sandboxie "sandbox". All that a malware TCP packet needs to pass the router to reach a computer is that computer's "machine address". If the router is running a Stateful Packet Inspection (SPI) firewall, then it should not allow a packet to pass unless the destination computer also has established a connection with the server which has sent that packet. However, if the computer has an open port "listening" for incoming traffic, then the SPI firewall will allow any packet that has that computer's machine address to pass, if the packet also has that specific port as its destination. Every time a browser fetches a website page, the packet that it sends has the machine address of the computer that is running the browser. After all, if the website server doesn't have that computer's machine address, it wouldn't know where to send the reply packet, would it?? Anyone who is sniffing the traffic of the server can acquire the machine address from every packet that the server receives. Another way that a computer's machine address is disclosed is by allowing the browser to execute Javascript. That is, the website server sends a page that has the Javascript on it, and when the browser encounters that script, its Javascript processor will execute it -- if the browser is enabled to do that. The script can send the machine address (and a lot of data about the computer and operating system, etc.) to any Internet IP address, such as one used by criminals. The script itself can also download malware, or, more likely, a malware installer which, of course, proceeds to use the computer to install malware. Try running Windows Internet Explorer 7 or 8 sometime with Javascript disabled, and you'll know why I run Firefox 3 with the NoScript add-on. I've had at least one malware process running on my computer for over a year. I've used more than 20 scanners and several "rootkit" detectors, and nothing has found that malware, although there is plenty of evidence of its presence. Even after I nuke the HDD, re-install Windows XP from its original retail CD-ROM, then bring it current with SP2 and SP3, ... etc., ad nauseum, the malware is reintroduced into my computer system within at most 72 hours. It usually becomes evident when Windows Explorer crashes, and I must use a hardware reboot to regain use of the computer. As I've described above, nothing gets past the NAT router, and its SPI firewall, unless it has my computer's machine address and, presumably, unless my computer has a connection established with the server which has sent the packet. It is puzzling as to how some packets make it through the router, only to be dropped by Sunbelt Personal Firewall. Unfortunately, there is at least one that isn't dropped that should be dropped. OK, in fact, the first packet that most recently re-infected my computer passed through Windows XP Firewall SP2. (I had not reinstalled Sunbelt Personal Firewall yet.) To begin with, Embarq ADSL supposedly chooses an IP address at random from a pool of 32 IP addresses, each time that my computer logs-on to their network. In practice, I've found that the IP address for my connection (i.e., for the router -- for the ADSL modem) actually remains the same for at least a few days and as long as a couple of months. The only way that I can make it change is to power-cycle the ADSL modem, and the recommendation is to also power-cycle the router (with the computer either off or disconnected from the router). Also, I regularly change the LAN address of the Ethernet adapter in my computer (to which the router is connected, of course). These measures simply limit the amount of time that someone can use my computer's most recently disclosed machine address. FWIW, for some time, I've suspected that a specific website has installed (and re-installed) the malware on my computer, probably via Javascript. Perhaps more likely, someone associated with the website (or with the employees of the owner of the website) has used the legitimate connection and/or Javascript disclosures of the features of my computer to create a packet with my computer's machine address and a payload that exploits a weakness in Windows Explorer. It seems unlikely that the owners of the website authorized the installation of the malware (whether they are even aware of it). But the attitudes of some of their employees suggest that they might be acting in league with someone else who installed the malware. It would be pointless to use that website without Javascript, so I have, of course, enabled it. After I carry out my next nuke-and-reinstall-it-all-fresh operation, though, I'm not returning to that website! Last, but not least, there is also the possibility that someone can use an exploit to take direct personal control of another person's computer system. That happened to me in 2005, via Windows Messenger, which was automagically installed without informing me of that fact -- thus, not with my consent -- and it could not be uninstalled, despite the fact that I never used it. .... So, I just moved all of the Messenger files into a PKZIP file in their directory. Windows XP has never noticed.

Tony Hopkinson
Tony Hopkinson

Too many points of access, not a prayer. People running around inventing new ones to 'improve' the user exeperince everyday. While client side scripting is the vector, kiss anything better than a sandbox good bye.

Ocie3
Ocie3

"SuperAntiSpyware" had that name before anyone ever encountered "rogue anti-malware" (which should be called "fake anti-malware" or "extortion ware" because that is what it is). The name does tend to give one pause as to whether it is "serious" software, but it is recommended by some independent "computer user" forums such as Major Geeks and/or Spyware Beware. Another case in point is Commodo's "BO Clean" anti-malware package. Their website even looks like some college freshman's spoof. :-Z

Fitz-7600
Fitz-7600

There is a free version if you don't want to pay for the pro version. The free version doesn't provide real time protection...just on demand scans. The pro version also has a lifetime license.

Ocie3
Ocie3

Currently, I am running Sunbelt Software's "VIPRE" anti-malware successor to their well-known "Counterspy", primarily because it doesn't conflict with the former Kerio firewall that they bought over four years ago and re-named "Sunbelt Personal Firewall". I installed that firewall, and have paid an annual license fee of $20 for it, before I ever used any Sunbelt anti-spyware and/or anti-virus product(s). Unfortunately, that firewall, like the firewalls that are included in many anti-malware packages, is treated like a stepchild. Sunbelt Software didn't develop it, thus has no reason to invest in correcting any of the few flaws that it has. They also have no reason to improve its features -- especially the Network Intrusion Prevention feature, which competes with VIPRE's "Active Protection" feature (which I don't especially like, given the way that it behaves). During my trial examination of AVG's commercial package (November 2008), they ignored all of my requests for advice and assistance that pertained to the firewall. The AVG firewall is a perfect example of the "classic firewall" developed during the mainframe era, one that was designed to ensure the continuing employment of whomever developed it, because no one else will ever figure out how to configure it properly.

Tony Hopkinson
Tony Hopkinson

A lot of should I click or not click on this when browsing is gut feel. SuperAntiSpyware, makes mine churn I'm afraid. As would somthing that looked like a spoof. I'd actually expect the bad guys not to so that, but unprofessional and a/v is not a good combo in my book.

Tony Hopkinson
Tony Hopkinson

Centralised admin is a must, and I can get free and real time from several players. If I was really concerned about the memory footprint, and it was very few machines and the cost of the small footprint wasn't a problem, then maybe I'd have a look, as it is, though nothing grabs me. Not to mention the stupid name...

Editor's Picks