How useful is SUPERAntiSpyware’s new System Investigator tool?

Support.com has released version 6.0 of the anti-malware software SUPERAntiSpyware recently. One of the main new features of the application is the new System Investigator tool which scans key locations of the system and provides you with suggestions based on its findings.

This sounds a lot like what tools such as HiJackThis do, on paper at least.

The program scans the following key system areas: user startup programs, Internet browser plugins, services & drivers, desktop, start & taskbar, temporary folders, running processes, download folders, Registry load points, installed applications, classes, application data folders, Windows Task Scheduler, and Document Folders.

When you open System Investigator with a click on System Tools > System Investigator in the revamped interface, you may modify scan rules before you hit the start button.

The program will for instance download a whitelist and user ratings when you run System Investigator by default. You can prevent that from happening, even though it may remove helpful information from the report.

What you may want to enable however is the malware scan for all results. If you want, you can also customize the categories the program scans. If you leave it untouched, it will scan them all.

superantispyware system inspector

When you hit Start, you are taken through a series of result pages, one for each category scanned.

The first category, Windows User Startup, sorts startup programs into categories such as unknown or known good to help you make a decision.

Here you find listed user ratings as well if you have not disabled the feature which may be useful.

user startup

There is no direct option to remove an item from startup. To do so, you need to select the downvote button and check the item removal box on the page that is displayed.

This is far from ideal in my opinion. Say you want to remove a startup item that you like but no longer need. If you downvote it, the vote will be shared with the community so that future users will see it and may base their decision on it as well.

Each category that the program scanned on the system is displayed in similar fashion. One difference is that you do not get the vote options in all categories though.

The Internet Browser Plugins category for example shows only an x-icon next to each browser plugin which you can use to uninstall it from the browser. This did not work in tests though.

According to SUPERAntiSpyware, the uninstaller for the plugin should be launched. It is likely that it could not find the uninstaller for the selected items because there is none.

Some information are highly technical. The Desktop, Start & Taskbar listing for example lists file names such as ADBWINAP.DLL from Google, Inc as an unknown item, and a click on the details icon does not reveal information that help you determine if the file is legit or not.

unknown items

Up or downvotes may help, but only a few items are rated on that page currently. The only option you have at this point in time is to investigate the file by yourself to find out more about it.

If you do, you will find out that it included in the Android Developer Tools. Doing so for all of the unknown files listed here, on a test system 130, would take a long time though.

The same is true for other categories such as the Application Data Folders category which listed 670 unknown items or temporary folders with 40 items.

It would take days or even weeks to analyze those files manually.

Conclusion

SUPERAntiSpyware's System Investigator needs some refinement before it becomes a tool that is useful to users of all experience levels.

While it seems comprehensive in regards to the information it makes available, it lacks clear and easy to understand suggestions on how to proceed.

User ratings may be a step in the right direction, but there are not that many yet.

Please share this article

facebooktwittergoogle_plusredditlinkedinmail


Responses to How useful is SUPERAntiSpyware’s new System Investigator tool?

  1. intelligencia July 30, 2014 at 7:15 pm #

    Hello Everyone.

    I have used SAS on previous occasions in the past - - and did not find it effective.
    I found (at least on my computer systems) that it just picks up mostly cookies.
    The interface looks Impressive and that's all!

    Instead of SAS, I utilize the facilities of Malwarebytes and Hitman Pro to detect and remove malware.

  2. David July 30, 2014 at 9:02 pm #

    I use SAS and Malwarebytes. In my experience, both have been able to find and remove stuff that the other missed. The key point is to use more than 1 anti-malware app.

    • Uhtred July 30, 2014 at 9:57 pm #

      agreed. I use SAS and Malwarebytes also, though due to limited resorces not aways in realtime mode, but they each get a few outings a week

  3. Herman July 31, 2014 at 7:08 am #

    Good review. Am really looking for a decent replacement for Malwarebytes which has gone completely to S*** Haven't found one yet that works (worked) as well but I can see it won't be this one.

    Have you reviewed Spyhunter 4? It found thirteen individual malware infections today that the latest Malwarebytes totally missed. I then took that same infected machine and ran Adaware but that didn't work out well at all. Slow and found only seven of the thirteen from Spyhunter. I did have to rerun Spyhunter four times more to get the infections completely clear but it does let you click on its findings and go directly to the affected part of the registry where you can manually remove offending keys.

    • David July 31, 2014 at 8:50 pm #

      Were all those infections malware or were some of them PUPs? Sounds like you need to rethink some of the sites you visit and/or the stuff you download.

      • Herman August 1, 2014 at 4:19 pm #

        We are the IT department at a university. Sometimes students and faculty bring in their home computers for assistance. This particular one was from a professor who has to be at least 85. He uses it for nothing more than email and very light internet. In this day and age, even with the most robust virus scanner and anti-malware programs, people can easily be fooled into either downloading or "agreeing" to allow undesirable programs in. In this case, all infections were pup but there was one .js program which would not go away on its own and we needed to boot linux to remove the area of firefox profile where this script was propagating from.

        If you think 13 infections are a lot, you need to hang around here sometimes. The record I've seen was 50k+ from a young student who complained it took 45 minutes to boot her laptop. Said she thought it was strange but just learned to fire it up an hour before she needed it!

    • SAS_Dave August 1, 2014 at 5:37 pm #

      Just a quick note, this tool is in addition to the other scan & detection options within the product. Its main purpose is to help you locate malware when scanners don't find anything, but you're convinced the machine isn't clean. Since no scanner can detect everything, this will assist with manual detection and provide a means to remove difficult files.

  4. Dan July 31, 2014 at 12:58 pm #

    Read the comments on WOT (Web Of Trust) for Spyhunter (by Enigma): it's deemed malware.

  5. SAS_Dave July 31, 2014 at 5:26 pm #

    Thank you for the review and your feedback. As you pointed out, thorough analysis of every file found would be quite a lengthy process, though most of the results should be fairly obvious to the user using the file path and company name. Another great feature for Pro users; you can run the tool once on a clean computer, then enable the option to only show changes - very handy to filter the list to only the interesting things. These results can even be emailed to you on a schedule.

    The user votes are sparse currently (expected for a new tool), but we use vote data alongside our internal research so the database of safe files will grow, making the bad files more obvious in time.

    I'm not aware of any plugin uninstall issues, it would be great if you could come to the forums on our website to give us greater detail so we can resolve it. You also mention individual file removal; this is a fairly dangerous feature, so it was intentionally moved into the downvote prompt (it should really be reserved for removing something that can't be removed traditionally.)

Leave a Reply