Jump to content


  • Content Count

  • Joined

  • Last visited

About NickFury

  • Rank
  • Birthday 01/01/1970

Profile Information

  • Interests
  1. Somehow I didn't see the post as it was mark as "read" on my side. Many of the items you have suggested are on the "wish list" and "to-do list" for future versions - I can't give specific dates of release, but we keep all suggestions and take them seriously. We won't be bloating SAS anytime in the future Very good to know on that last comment(!) and all around. I admit I'm a bit of an eccentric, and a competent (yet humble) bench technician, so compared to most my ideas and feature requests are a bit odd for an app targeted at end users, but really right now the tools of my trade (with the functionality required to actually be very useful to an experienced tech) simply do not exist, and apps such as this are surprisingly helpful but it's just not enough because the feature set is oriented entirely for the end user. Considering all that, I initially didn't expect a response or consideration from the maker of any app that I've wrote the suggestions to; it just so happens I noticed you're one of the good guys and you do give personal response so I was surprised you didn't reply. I'm glad you saw the message and I'm glad to now know my ideas are at least in the back of your mind somewhere whether I put them there or not, because this functionality is needed, has always been, and at some point in time in the future more developers will realize this; I just wish that would happen sooner rather than later, and since I don't see it on anyone's future agenda or anyone talking about it, I just had to step in and put in my 2 cents to let it be known that there are tons of us silently waiting for the day when (and constantly searching for) the tools to make our lives easier and help us do our job better. One only has to talk with techs for ... say "Geek Squad" or their handle enough of their unsatisfied customers to know that even still, there are tons more techs (and completely clueless large companies behind them) that aren't operating at a certain level or aren't experienced enough to even know what they need, could benefit from, or are completely missing out on. The boys in Redmond themselves could use some fresh perspective and some tutoring on their own products in relation to the malware fight from the break/fix technician perspective, and that much is apparent when they do something such as buy Sysinternals and their tools and hire the dev who did it all. Even still, that's not enough and only the beginning of what needs to be done; but more will come eventually, of that I'm certain. The few who have considered such ideas, even when they are as simple as working with multiple user accounts and their respective registry hives, user profiles/cookies/etc. are stuck in this whining mode about the APIs don't exist to handle xxx function when they fail to realize there's a more conventional way around that using the external tools already found in every copy of Windows (XP and above) combined with a little bit of ingenuity, vision, and the open-mindedness to understand that existing methods (of detection and otherwise) used by their software may need to be altered. When those methods are worked out properly the same concepts apply to more advanced situations such as multiple Windows installations and other usage. Perhaps I just need to give up and learn to code in a good language instead of doing everything with batch. hah. if only I had the time and inclination (and the brain power that seems to be rapidly diminishing with each passing year) to learn... /rant off Back to you, since my first post I've had more time to evaluate your app (albeit no time whatsoever to evaluate any "proper application usage" as the end user would use it, but let's face it, we're not end users;) yet myself and everyone under my influence have noticed how well your app performs and sees the value in it's usage. We're counted among your believers now; you've attained that Ad-Aware/Spybot status in our minds as a noble and useful tool in the good fight. Thanks for your efforts!
  2. no? I would have thought this might have at least warranted a response like "great idea" or "bad idea" or a "not possible with my current workload" or "no plans for that" or a "already planned for the future" or a "too few people would require or know how to use such functionality" or "it's on the back burner, maybe I'll consider it by the year 2010" or "you're a fruitcake get lost" or "I don't care" or something.
  3. Wow, I pretty much just posted this in a form letter I've written and have been posting around to various sites today. please see my post "Loading additional Registry hives, command line interface..." for details. Basically, it's LONG overdue for anti-malware apps to get their special tech bench functionality. I'm talking about running scans from outside the client's Windows environment but not just on the file system like any app can, but on the system, software, and various user account registry hives as well. command line functionality for complete scripting... etc. Now that's something I'd like to see someone attempt. I'm no programmer and I'm not that familiar with the Windows API, but I guarantee you it cannot that hard if I can personally do it with batch files utilizing simple reg.exe query routines and dumb removal for in do loops with defs I maintain myself. what a pain. Time for someone else to take the load off! Just go easy on the licensing, I agree a 1 tech bench license not a per use client machine Also, awesome to see you're accessible in your forums! So far your software looks great, I will be further evaluating it for use professionally, when time permits, but so far it looks to be a great app with a surprising number of actually real detections that other scanners miss; but my own two eyes don't miss much, so without certain features, it's just a waste of time for my crew. Home users though, I will say I haven't paid attention to it as a memory resident protection app yet (does it even have such a feature lol, I don't recall I disable all resident scanners on my TBC's without even thinking twice; but if it has a light footprint and I don't hear anything bad in the next month or so, I'd consider to start recommending it to my clients. So far so good, when I went searching for new apps last week I brought home your app and GData for A/V; there was a lot of skepticism at work especially over superantispyware ... (BTW the name really throws us off, as most of us are used to recognizing a reputable product by the way the name sounds) and this sounded like a spybot clone which may remove some malware, may just implant it's own advertising in it's place, and may intentionally detect false positives to instill fear or cause damage on removal. but we appear to be very wrong indeed, and people are starting to take notice of this. keep up the good work! I hope it only gets better!
  4. Let me start by stating that this is not the first time I've posted this today to an Anti-Malware software vendor's forums, and may not be the last. I sincerely hope my questions and suggests do not go unnoticed! Good Anti-xxx apps are difficult to find and for me, this product is a surprise late entry, so alas, here I am to hopefully help you, and in doing so, help myself and countless others. Since this is the FIRST forum I've visited that specifically welcomed suggestions, some of my comments may be long and unneeded, but bear with me, I don't feel like re-writing this! But I MUST spread the word. On with the idea. Anti-Malware applications have always catered to the home user initially, and later many have added functionality for the all the troubled network administrators out there trying to keep their networks clean. Unfortunately there is one major consideration for which after all these years is still missing from Anti-xxx apps. This is new functionality for the average break/fix computer technician who is not working with just one system, but many on a daily basis. First I will explain my own situation, later I will tie it in to the future of the home user and how it will benefit them as well. The most common method for a technician such as myself to clean a system of virii/malware is not to battle it on the client's machine if at all possible. Most computer shops I've worked for, briefly co-owned one, or visited out of interest and boredom, all have at least one (if not an army of them) what I refer to as a "tech bench computer." I'll refer to it as a "TBC" from here on. Mostly the systems are used for virus removal but in the last few years, ad/spy/malware of other types are actually many times more difficult to remove than your every day virus, so these TBC's are now more equiped to fight viruses and ad/spy/malware on client machines. The function is simple; remove the hard drive from the client's machine, attach as a secondary to the TBC, run anti-whatever scans on the client's hard drive. Even these machines are slowly being replaced (when circumstances permit) by custom WinPE boot CD's; yet the function remains the same. Additional features of some anti-malware software can alleviate a lot of the time it takes to do a malware removal on a system; important features like providing command-line parameters for automation; network admins no doubt find this invaluable as well. In my store I've developed an entire series of custom NT-based batch files and scripts designed to automate nearly every program we currently use to do it's job. It promotes consistency among our techs and saves tons of time, though it cannot be said that it's entirely efficient; Initially I run anti-virus and anti-malware scans from our TBCs or Boot CDs, followed by my own archaic brute force scans with 'defs' that I personally create and maintain, followed by manual inspection of the client's file system and examination of loaded registry hives for additional malware that isn't detected, to which I can later add to my own brute force defs. The serious inefficiency is then having to run pretty much the same scans on all of the client's hard drives again after they are put back into their actual machines, and we start up windows. (for all intents and purposes, I'm only referring to scanning/cleaning NT-based OSes) Further still, is running those scans on multiple user accounts. Just one client's machine, if it had 5 user accounts, now has had 6 different scans run on it by the same application! There comes a point in time where you have to say enough is enough. Here is where you, to name just one vendor, fits in. Your great application, for which I've only recently discovered, is only tailored for home users. Maybe you even have a version or functionality in the works that caters to lan admins and network scans (I honestly haven't looked...) but there is much functionality that can be added for technicians such as myself who do a job well and as complete as possible for their clients. It all starts with the ability to scan other users' registry hives without having to log on to those other user accounts! Still the major icing on this cake would be the ability to load and scan additional registry hives which are foreign to the system running the scanning software. Yes, I could scan a file system with your app on a client's hard drive from my TBC or Boot CD, but not the registry! Even with my own archaic batch files and scripts consisting of archaic detection methods, tons of for /f in do loops, using reg.exe to brute force known entries from defs I painfully maintain myself, this can be accomplished. I simply load the client's registry hives into my TBC's registry under HKLM for my own scripts and later manual inspection, in this format: HKLM\guest_SYSTEM HKLM\guest_SOFTWARE HKLM\guest_%username% HKLM\guest_%username% HKLM\guest_%username% etc... where I assign the "guest_" prefix as a static indicator of the client's particular loaded hive, and %username% is the variable for all the NTUSER.DAT's I can find in \Documents and Settings on the client's hard drive; my scripts take if from there. I can even query for values under certain keys and automatically fix issues such as the USERINIT and SHELL values under the ..\Winlogon key, to name a VERY FEW. I can remove known problem services, logon\notify dlls, and anything that would otherwise startup even in safe mode on the client's machine, even the occasional BootExecute value, which, as it only runs native apps well before winlogon, nothing gets past it. I can even sound a pc speaker beep to alert a tech of something that needs manual attention. All of this is essential to a quick and easy recovery once the client's machine is up and running Windows on it's own power. So if I can do it, why can your product not do this? I simply think it was just never thought of, and the demand for such functionality isn't known yet. Well I submit to you my method. I'm a very busy guy with a few other techs to look after, handle their questions, handle a lot more than malware problems each day, handle a ton of calls from new and existing clients for everything from "my wireless mouse stopped working" [and I'm too stubborn to check the batteries or hit the little button,] to "I can't open my quickbooks file over the network ... what was, oh, the X: drive!" to "I forgot my password, do you know it?" to "My Windows is fine, but my XP is missing!" I'm too busy, too tired of the maintenance when new malware strikes, and I'd rather leave it to the PROFESSIONALS (that's you!) Now that I've stated MY case..... just think of the new breed of home user out there! DUAL BOOT ? How many people are finally starting to run dual boot configurations? Especially with Vista out, many home users want the switch but do not want to leave the security blanket of XP, I get approached all the time when someone is curious about running both OSes. You think it'll take long for it to occur to them that when malware starts to tank their XP install, that they might try to fix it from the Vista install? WinPE based BOOT CDs ? How popular has the methods of creating utility boot CDs with custom versions of WinPE running? How many home users do you think are using those methods now to fix their virus/malware issues? MULTIPLE MACHINES ? How many home users have multiple computers, spares, and are gaining the knowledge to use those additional computers to their advantage when it comes to virus/malware removal? Maybe it's not a lot, but it will be. Over 12 years ago as the PC became more affordable, and especially 6-7 years ago as they hit the sub-$500 (US) range, the average computer user started to become less and less knowledgeable. Now, the tide is turning as computers are more available in schools and more people can afford them (and even more than one) in their homes, and the average computer user is gaining skill and knowledge quickly. How long will it be before that home user starts to search for that functionality that I've been dying to see for many years now? Now is the time for Anti-malware vendors to step up and cater to a new crowd. Yeah, for that average user now the pretty GUIs and easy to use wizards are still a priority, but it won't be long before they start to see past that and start spending their money with more content and functionality in mind. Now back to purely selfish reasons: * PLZ consider adding the functionality of loading registry hives. I don't request it follow my guest_ prefix, I don't care. But a command line interface for the location of those hives would be nice, e.g. /includehives=f:\windows.000\system32\config;g:\documents and settings;h:\winnt\system32\config; (ETC...) where depending on the environment, specific drives/paths can be replaced with %variables% in scripts. * and if you don't already have that command-line interface free of prompts that would enable someone like me to entirely script your app's operation, please ADD IT! * plain text .INI files for different configurations are also sweet. encrypted or internal settings are a pain to modify through the program's interface for quick jobs when you really need it scripted. I can at least easily script an .INI file change. To be perfectly honest, I'm the guy who misses using DOS, if that explains anything, just don't use it as an excuse to dismiss my plea! * The ability to run scans from read-only media, and the ability to not require an "install" of the product would be great. There ARE those of us who do not run memory resident protection against any threat for ANY reason, and anything questionable gets done through a virtual machine. I will be taking the time to evaluate your software further in the near future and hope some of my requests are addressed. Providing at least the ability to script the app's operation through command-line parameters would enable me to use it in a professional capacity with my automated scripts. For my client's sake, keeping your software bloat-free and light on the system resources, staying honest and keeping up the good fight would enable me to recommend your product to my clients in good conscience. Thanks for your time and consideration! Also, sorry for the long post. Cheers
  • Create New...