Jump to content
bushhog

SAS not honoring context menu settings.

Recommended Posts

Hi thank you for the fine product. I've noticed when unticking the "Display scan option in Explorer context (right-click) menu" SAS does not honor it because I can run Sysinternals Autoruns and under the Explorer tab it still shows all the SUPERAntiSpyware items loading up into Explorer. Thanks, bh.

Share this post


Link to post
Share on other sites

Hi bh.

Autoruns will show SAS processes if you have SAS set to run at startup. That's regardless of the context menu option being disabled or not.

Share this post


Link to post
Share on other sites

Ah I see...

Are you referring to sasctxmn.dll?

Yes it lists that one under 2 different registry keys and also sasseh.dll also under a different registry key. Is it ok to just uncheck them in Autoruns since unchecking them through the SUPERAntiSpyware preferences

does not keep them from loading into explorer.

Share this post


Link to post
Share on other sites

Yes it lists that one under 2 different registry keys and also sasseh.dll also under a different registry key. Is it ok to just uncheck them in Autoruns since unchecking them through the SUPERAntiSpyware preferences

does not keep them from loading into explorer.

I suspect the context menu dll loads so that a restart isn't required if you decide to re-enable it. Don't quote me on that though.

I suspect similar for sasseh.dll (shell execute hook).

Might want to wait for a developer to respond, but keep in mind those processes don't have any negative effect on system performance.

Share this post


Link to post
Share on other sites

Ok thanks Seth, how did you know I was working on my systems performance :blink: lol. I was just trying to tweak my system with "The TweakGuides Tweaking Companion" by Koroush Ghazi and got to the part about context menus and wanted to try to keep as little stuff from loading at startup as I could. But if they have no impact on performance ill probably re-enable them.

Thanks again for your help :-D ,

bh

Share this post


Link to post
Share on other sites

Ok thanks Seth, how did you know I was working on my systems performance :blink: lol. I was just trying to tweak my system with "The TweakGuides Tweaking Companion" by Koroush Ghazi and got to the part about context menus and wanted to try to keep as little stuff from loading at startup as I could. But if they have no impact on performance ill probably re-enable them.

Thanks again for your help :-D ,

bh

You're welcome.

Given your knowledge, I doubt you'll make your system any faster than what you've already done.

Provided that you have adequate ram, the three most important aspects that will affect speed, are antivirus, third party firewall, and needless services/programs in Msconfig.

Share this post


Link to post
Share on other sites

Ok thanks Seth, how did you know I was working on my systems performance :blink: lol. I was just trying to tweak my system with "The TweakGuides Tweaking Companion" by Koroush Ghazi and got to the part about context menus and wanted to try to keep as little stuff from loading at startup as I could. But if they have no impact on performance ill probably re-enable them.

Thanks again for your help :-D ,

bh

Our dll uses little memory and certainly will not slow down your system :)

Share this post


Link to post
Share on other sites

Why would users want to load a shell hook utility developed by SuperAdblocker.com? Why would users that configure SuperAntispyware (SAS) to not add itself to the context menu of Windows Explorer still want to have a then worthless extension configured for Windows Explorer? That the shell hook utility (written by someone else) consumes little memory or its impact is insigificant is irrelevant to the question at hand, and that is why is SAS installing an extension into Windows Explorer when users have explicitly said NOT to do so? This is rude behavior. Good thing I use other security software that caught this attempt to add another startup item. Of course, once I got alerted then I had to go research this utility (which is fluffware to me since I specifically told SAS *not* to add to Windows Explorer's context menu).

This rudeness is not only with SASSEH.DLL. You also load the SASWINLO.DLL handler (WinLogon Processor). Thankfully the other security program alerted on that, too, and I could eliminate its startup entry. This other startup entry uses the WinLogon Notify event in the registry to hide that startup item (or alter when it gets loaded) versus being defined as an NT service (as other posts have claimed this is a service when, in fact, it is a background process that uses a non-standard startup location in the registry).

Since this is happening with the free edition, and since the free edition does NOT include real-time scanning, this version should not be burying itself into the OS as it does. If users opt to not add SAS as a Windows Explorer extension then SAS should comply. Since the free edition is an on-demand scanner only, it should have no startup entries, especially hidden ones, and claim it is a service which it is not.

Share this post


Link to post
Share on other sites

Why would users want to load a shell hook utility developed by SuperAdblocker.com? Why would users that configure SuperAntispyware (SAS) to not add itself to the context menu of Windows Explorer still want to have a then worthless extension configured for Windows Explorer? That the shell hook utility (written by someone else) consumes little memory or its impact is insigificant is irrelevant to the question at hand, and that is why is SAS installing an extension into Windows Explorer when users have explicitly said NOT to do so? This is rude behavior. Good thing I use other security software that caught this attempt to add another startup item. Of course, once I got alerted then I had to go research this utility (which is fluffware to me since I specifically told SAS *not* to add to Windows Explorer's context menu).

This rudeness is not only with SASSEH.DLL. You also load the SASWINLO.DLL handler (WinLogon Processor). Thankfully the other security program alerted on that, too, and I could eliminate its startup entry. This other startup entry uses the WinLogon Notify event in the registry to hide that startup item (or alter when it gets loaded) versus being defined as an NT service (as other posts have claimed this is a service when, in fact, it is a background process that uses a non-standard startup location in the registry).

Since this is happening with the free edition, and since the free edition does NOT include real-time scanning, this version should not be burying itself into the OS as it does. If users opt to not add SAS as a Windows Explorer extension then SAS should comply. Since the free edition is an on-demand scanner only, it should have no startup entries, especially hidden ones, and claim it is a service which it is not.

The Shell Excute Hook and the Winlogon processor are BOTH used by the Free Edition of SUPERAntiSpyware. By removing and/or disabling those extensions/files you are limiting the ability of SUPERAntiSpyware to remove spyware (even the Free Edition).

We have NO HIDDEN entries, nothing is blocked from access or discovery.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...