PC Tools now have a suite of free antimalware software - AV, FW and now Threatfire. Is anyone using these as a suite and if so do they work well together?

It seems we have at least two companies, PC Tools and Comodo going strongly for this free market. Will this affect the better known AV houses?

Thanks.

Not sure about Comodo, but PC tools has to repair their image in my book. Maybe this is their attempt to do so. Or maybe they are simply trying a different marketing metthod. Give people the freebies so they will upgrade to the paid applications.

Hi, folks: Both companies have done home pc users a lot of favours by providing freewares.
PCtools has be nurtured to this day by two products; spyware doctor and registry mechanic.Their late entry into already-crowded security sector may indeed provide non-commercial pc users more options, that does not mean they already have a workable suite on hand, and IMO, the chance having a free suite is very remote. Their products carry two classes of services; no frills-at your own risk and full serve-with limited liability. Freewares are used as marketing lancers, exploring new territory and testing uncharted water. No free lunch on their land.
Comodo is indeed providing clean and pure freewares. Their bread and butter is focused on commercial clients. Freewares of excellent quality will bring them fame and fortune. Its CEO's vision is high above the clouds-has earned my admiration.
At the end I shall commend both companies for their tireless efforts in providing us good quality options.

I have to disagree with the last post. There is a fair amount of evidence from various forum posts that PCTools indulge in dubious possibly unethical marketing practice.

Rather than report what others say, I will share my experience. Downloaded V5 Spyware Doctor via Google (freeware) it found 3 baddies. It was heavy on resources and I actually only wanted on demand. Went to forum, guy advised to download v4.1 which I did.

I did not realise that this was NOT a freeware version so it only finds baddies you have to register to remove them. Fair enough.

BUT when I scanned, it found 633 YES six hundred and thirty three items.

I checked probably 20 of them, none of them were on my system. Followed up with scans from Avir, AVG, Super AntiSpyware, Spyware Terminator. NOT ONE OF THEM found anything.

So what gives between version 4.1 NOT FREE and version 5 free. Does the paid for version find more. No it doesn't. So it must be a scam to NUDGE YOU TO BUY.

That is what I call dubious marketing tactics. How can you trust an organisation that does this. If you don't believe me Google the forums.


Terry

As a past-customer of theirs, I know that they are guilty of a lot more than "goading to purchase", so if they want to give back to the people that have supported them in the past....so be it!!!

{QUOTE->

BUT when I scanned, it found 633 YES six hundred and thirty three items.
<-QUOTE}

They probably were all cookies. NOTE: Protection agains cookies is not included with Google’s “starter” edition.


http://www.pctools.com/spyware-doctor/google_pack/


tD

One thing I certainly didn't like at all was the fact that as a registered user of Spyware Doctor they charged my credit card for the renewal automatically. This was done without my approval. :o

You do have a certain period in which you can ask for a refund, but once past that, you're stuck.

I do like their firewall which I tried, but not their current anti-spyware which hogs resources and produces false positives over and over again. :-\

I sincerely hope they'll change their marketing technique, because they do have great apps too.

For now I'm waiting until they release a new version which works at lot better then the current SD. :)

Hi Technodrome

Think you might have misunderstood my post Re your comment:

"They probably were all cookies. NOTE: Protection agains cookies is not included with Google’s “starter” edition.

http://www.pctools.com/spyware-doctor/google_pack/"

The 633 items found were via the SD 4.1 download not the version 5 Google download.

AND NO they were not all cookies by a long shot. Some, if they had actually existed were real nasties.

Why don't you download SD v4.1 you can always disprove me and say my experience was a one off. Remember v 5 produced only three mild nasties .


Regards

Terry

I don’t use any of PC Tool programs .I just have a hard time to believe that you had 633 malware infections. Which weren’t detected by free version. Many AS programs are identifying cookies as malware (marketing?) and they do confuse average users.

{QUOTE-> Why don't you download SD v4.1 you can always disprove me and say my experience was a one off. Remember v 5 produced only three mild nasties <-QUOTE}

My machine is clean. I don't think this would be helpful in this case. 8)


tD

ThreatFire is so far their best tool. Though whole base and entire team is from Novatix. Their antivirus was also quiet problem free in Vista and WinXP. But their firewall was a complete disaster in Vista. Works fine in XP but in Vista it's a real wonder to get it working.

{QUOTE-> One thing I certainly didn't like at all was the fact that as a registered user of Spyware Doctor they charged my credit card for the renewal automatically. This was done without my approval. :o

You do have a certain period in which you can ask for a refund, but once past that, you're stuck.

I do like their firewall which I tried, but not their current anti-spyware which hogs resources and produces false positives over and over again. :-\

I sincerely hope they'll change their marketing technique, because they do have great apps too.

For now I'm waiting until they release a new version which works at lot better then the current SD. :) <-QUOTE}
To elaborate on the automatic renewal, I had downloaded PC's Registry cleaner app, (I forget the exact title) from a PC World promo. A year later I received an e-mail from PC tools informing me that they had renewed the app and my Visa card would be charged. I had 48 hours to cancel. They provided no link or phone number to contact. After much navigating on their support pages, I found an e-mail contact site and sent them a stern message to cancel the renewal. After a day I received a return e-mail telling me it had been canceled. Now what I found out later is that on the download page for the app, there is a radio button, and next to it in small letters it says that if you DON'T want auto renewals, uncheck the radio button. How many people do you think noticed it?>:(

{QUOTE-> ThreatFire is so far their best tool. Though whole base and entire team is from Novatix. Their antivirus was also quiet problem free in Vista and WinXP. But their firewall was a complete disaster in Vista. Works fine in XP but in Vista it's a real wonder to get it working. <-QUOTE}
And RejZor is going to join their team soon!;D ;D

Those infections are heuristic rookits detections or some sort. You probably configured the app to the max just like i did wich indeed let to that many detections wich many top tier apps did not flank. To be precise it flagged every file inside Steam. However with that specific config option there was a warning about possible fp's.

How can threatfire be a succes? Cyberhawk had nice looks yes, good support yes, many fp's, almost to the point making it more a hips then b.blocker,easy to use i say no with that many fp's, bugs yes, system resource issues?

What about pctools: nice looks yes, support never dealt with them, many fp's,bugs yes, bloated?

Ok now combine those and take a wild guess what kind of an app threatfire will be: very nice looks, support?, behaviour blocker or hips?, many bugs, huge amount of fp's.

Could there be any truth in this simple calculation or is it going to rock our worlds? Im hoping for the last but dare not touch it in the coming years.

{QUOTE-> How many people do you think noticed it? >:( <-QUOTE}I sure didn't see it, however their forum admin helped me to get this refund back.
You're right, you can't find anything on their website to contact them. ???
{QUOTE-> But their firewall was a complete disaster in Vista. Works fine in XP but in Vista it's a real wonder to get it working. <-QUOTE}Not here on my installation. It ran just fine without any trouble and light on resources. :)
Besides it's not easy to find a firewall which will run on Vista and is free on top of that. 8){QUOTE-> Im hoping for the last but dare not touch it in the coming years. <-QUOTE}I for sure am going to try every new update to see if there's improvement.
As for renewing my subscription, we'll see what the future brings. ::)

Hello all; half of me says I should leave this post alone as I don’t want to start any sort of ‘he said’ - ‘she said’ flame war but I thought I would reply for two reasons 1) to show someone from PC Tools has read your comments and will raise them internally; 2) to provide another side of the story (of course!).

Let me prefix with this, everyone is entitled to their comments and opinions, nothing I can say can probably change your mind if it’s made up but I believe it doesn’t hurt to try. So let me address a few points raised:

{QUOTE-> PC Tools now have a suite of free antimalware software <-QUOTE}

Yep, we now have a full range of free products in addition to the paid ones. For free you can now get Spyware Doctor (Google Pack edition); PC Tools AntiVirus; ThreatFire; Firewall Plus; you can also basically get the SPAM product for free it has very limited restrictions so effectively if you wanted a suite of free products you could do it – although it wouldn’t be the most optimized method as everything would be running independently.

{QUOTE-> PC tools has to repair their image in my book. Maybe this is their attempt to do so. Or maybe they are simply trying a different marketing metthod. Give people the freebies so they will upgrade to the paid applications. <-QUOTE}

Fair comment - there is no hidden agenda; yes I’m sure we’d love people to “upgrade” to our paid products – hey someone has to pay my salary – but there isn’t any hidden conspiracy. Great thing about free products you can use them all you like and if for some reason they annoy you or the free-ness changes (not that it will with ours) you can pull them off just as quickly. I don’t think there is any “trick” that could ever be pulled that could force you to upgrade?

{QUOTE-> I will share my experience. Downloaded V5 Spyware Doctor via Google (freeware) it found 3 baddies. It was heavy on resources and I actually only wanted on demand. <-QUOTE}

Fair enough, we have been working a lot of the ‘heaviness’ of SD5, in our internal and external testing it’s about middle of the road, not the lightest application around but not the heaviest either. We’re working on it and the new version 5.0.5 is better, next version 5.1 even more … it’s a very high internal priority along with sociability (i.e. playing nicer with other security applications). As for on-demand only; i.e. no service/drivers; the effectiveness would be hugely decreased - a lot of the new threats require kernel mode scanning, that can’t be done by a simple on-demand scanner and that’s being shown in a lot of recent reviews that include those types of products.

{QUOTE-> when I scanned, it found 633 YES six hundred and thirty three items. I checked probably 20 of them, none of them were on my system. Followed up with scans from Avir, AVG, Super AntiSpyware, Spyware Terminator. NOT ONE OF THEM found anything. <-QUOTE}

Well this is a tricky one as only you have access to your system but I can say from the millions of users we have I have not heard of anyone ever getting this many detections with nothing existing on the PC.

We like anyone have FPs from time to time, we try to avoid them as much as possible (every database goes through 2 layers of FP testing), but we have over 9.6 terabytes of “white” test files; to do a full FP scan takes two weeks. If we waited two weeks to get every database out we would miss the mass distribution period of most threats. We do the 99.999% testing but sometimes a 0.001% will slip through and with the billions of files out there this is pretty hard to completely avoid. In most reviews SD is highlighted for not getting any FPs (e.g. the latest PC World round-up).

Also we are always clean system testing the product, and there is nothing in there that will detect infections when the infections don’t exist. Only thing I can think if you had some other AS program installed that modified some registry keys, or installed some immunization that made it look like something was installed to our scanners – very hard to say without seeing the exact system.

{QUOTE-> That is what I call dubious marketing tactics. <-QUOTE}

I guarantee it is not a “marketing tactic” if it was we would be out of business very quickly.

{QUOTE-> as a registered user of Spyware Doctor they charged my credit card for the renewal automatically. This was done without my approval. <-QUOTE}

Auto renewals are love hate, some customers love them for the convenience some not so much, pretty much every security product is auto-renewal these days – Symantec, McAfee, OneCare, Webroot… so some points on our system:

1) When people signup we make sure it is clearly mentioned in no less than 3 places (create an account jump screen, on the checkout confirmation page, and in the confirmation emails). We have *never* charged anyone’s cards without their approval, and in fact we don’t charge any cards (it’s done by Digital River) who control and audit the process. We have no access to credit card numbers and couldn’t force any renewal ourselves or choose to charge a card without authorization.

2) You can cancel/opt-out at any time using many methods and people do. Email us at support@pctools.com and include your order number; reply to the confirmation email and request no auto renewal; login to “My Account” at https://secure.pctools.com/myaccount/ and do it yourself; call us toll free on 1-800-764-5783; submit a ticket online; write us a letter; start a live chat; contact us through our forums.

3) If you are ever charged and you didn’t cancel in time you can contact us for a refund. The telephone number if printed right on the statement or see above about how you can contact us.

{QUOTE-> ThreatFire is so far their best tool. <-QUOTE}

Thanks we think it’s great too.

{QUOTE-> Their antivirus was also quiet problem free in Vista and WinXP. <-QUOTE}

Thanks again

{QUOTE-> But their firewall was a complete disaster in Vista. Works fine in XP but in Vista it's a real wonder to get it working. <-QUOTE}

Version 3.0 beta is coming out in the next couple of days which has been tested a lot on Vista, v2 worked in a lot of scenarios but in some it caused problems. Please check the beta and let us know if you still have problems…

{QUOTE-> You're right, you can't find anything on their website to contact them. <-QUOTE}

Up the top of our site is a link that says “Company” under that is a link that say “Contact” it goes to http://www.pctools.com/contact/ and has the phone numbers and addresses. If you would like online support please go to http://www.pctools.com/contact/support/. If you would like to email us directly please use support@pctools.com.

Thanks for reading if you made it this far.

Regards,

David
PC Tools

David,

Thanks for the responses. However, the problem with PC Tools go beyond simple problems with your software. To summarize:

1. PC Tools AntiVirus: problems with scanning Unicode filenames and not releasing USB drives reported almost 8 months earlier. Forum representative assures that problems are being looked into. No action taken to date.

2. Firewall. No stateful packet inspection, therefore fails grc.com port scanning tests. In response to customer enquiries the default ruleset now includes a particular rule to block port 0-1024, the ports scanned by grc, while leaving a large chunk of everything else unstealthed. Non-savvy customers now think firewall passes grc tests when it actually does not and cannot. No response to customer enquiries to date (this problem to be fixed in v3, hopefully?).

3. SD. The usual problems. Earlier FP fiasco with NOD32, as well as Skype ads.

The very basic mistakes your products have made and your company's response to customer enquiries regarding said mistakes do little to inspire confidence in PC Tools as a security software company.

PC Tools for sure has blatantly dubious and in my opinion, darn near illegal marketing practices with SD. I posted about blatant false positives (not cookies) with the google pack version. The other day I gave it another chance. Guess what? More blatant false positives. I manually looked for these pieces of malware and they are not there. God forbid anyone lets this p.o.s of a worthless program actually clean and delete things it finds!

{QUOTE->
The very basic mistakes your products have made and your company's response to customer enquiries regarding said mistakes do little to inspire confidence in PC Tools as a security software company. <-QUOTE}

I've got to disagree here: Several years ago I used PC Tools AV. I had issues w/ it and contacted support. They bent over backwards to fix my problems.

I'm a past and current user of SWD. SWD ver.5 was released a wee bit to early. It should have remained in beta for a while until all issues were cleared up. But nonetheless, any issues that I reported in beta version or Release (or were reported on the forum) got prompt attention.

...screamer

Anyone who is a malware removal specialist knows that SWD paid and free are extremely bloated with mediocre detection rates. As long as PC Mag's Rubenking and other mainstream websites/magazines keep pimping their software (along with SS) it's unlikely that we'll ever see any 'real' improvements. As long as their software sales are high and profits are plenty, who cares about detection rates?

{QUOTE-> I'm a past and current user of SWD. SWD ver.5 was released a wee bit to early. It should have remained in beta for a while until all issues were cleared up. <-QUOTE}
Version 5 came out just (2-3wks) prior to my license renewal. I had it installed for maybe a week and it just didn't "play nice" so it got uninstalled. I let my license lapse also. I received a couple eMails from them for discount offers on the Doctor (and the mechanic) but I decided to pass for now. There was no "accidental" charge to my credit card. Having TF on my 'puter will probably convince me to trial other PC Tools again! "Only time will tell!"

{QUOTE-> Auto renewals are love hate, some customers love them for the convenience some not so much, pretty much every security product is auto-renewal these days – Symantec, McAfee, OneCare, Webroot… so some points on our system: <-QUOTE}Well, than that would be a big no-no for me.
I'm the one who decides whether to renew or not. I certainly don't want to renew because I payed once for SD. :-\
AFAIK Symantec, Webroot never renewed my license automatically.{QUOTE-> 1) When people signup we make sure it is clearly mentioned in no less than 3 places (create an account jump screen, on the checkout confirmation page, and in the confirmation emails). <-QUOTE}I surely never saw it on your website and it's not present in my confirmation email. I would however prefer to have control about that renewal and not because I automatically subscribe to it.
Make it a checkbox, so a user may check it if he wants that kind of subscription. :) {QUOTE-> We have *never* charged anyone’s cards without their approval, and in fact we don’t charge any cards (it’s done by Digital River) who control and audit the process. We have no access to credit card numbers and couldn’t force any renewal ourselves or choose to charge a card without authorization. <-QUOTE}Sure, it's done by Digital River, but it's done for your organisation and the apps you sell.
As I told before, I never saw anything about a subscription, so this transaction was done without my approval. :( {QUOTE-> 2) You can cancel/opt-out at any time using many methods and people do. <-QUOTE}That's what I did and I'm guessing those subscriptions won't do any good to your company either. You get disappointed/angry customers by doing so.
Let the people decide whether they want it or not, but don't add it automatically.
Hope you'll learn by not applying those scary marketing techniques. ;)

I have a SD license from work, however, with other anti-spy apps running,I just enable it over weekends, update and maybe a few times a month I'll run a scan. Their GREATEST SIN was by far the release of SD v5. Literally for months it locked up pcs. I'd install it after an upgrade and the same thing would happen. I can't prove it, but I'd say from reading their forum it was occurring to 1,xxxs. Customers, including me, had to restore on occasion. IT pros were reporting losing dozens of pcs at a time, and then spending hours/days rectifying the problems, yet they continued to release some of the worse software I'd ever used or read about. I really felt for the little old ladies out there that had their pcs nuked and had no clue about restoring. Right now v5 seems to be reasonably stable, however, like I said I don't use it much. They should have at least added three or more months to everyones license for all the grief they created!

Threatfire so far seems better than Cyberhawk. I wish they list the processes like Sana Security Primary Response Safeconnect or Norton Antibot. You could at least find the offending program and put in quarantine or delete it.

{QUOTE-> 1. PC Tools AntiVirus: problems with scanning Unicode filenames and not releasing USB drives reported almost 8 months earlier. Forum representative assures that problems are being looked into. No action taken to date. <-QUOTE}

Have you tried Av 3.6 beta - http://www.pctools.com/downloads/avbeta.exe? AFAIK this issue it not outstanding in the new version but if it still occurs for you please let us know.

{QUOTE-> 2. Firewall. No stateful packet inspection, therefore fails grc.com port scanning tests. In response to customer enquiries the default ruleset now includes a particular rule to block port 0-1024, the ports scanned by grc, while leaving a large chunk of everything else unstealthed. Non-savvy customers now think firewall passes grc tests when it actually does not and cannot. No response to customer enquiries to date (this problem to be fixed in v3, hopefully?). <-QUOTE}

Yep, stateful packet inspection is in v3.0 -- beta soon

{QUOTE-> 3. SD. The usual problems. Earlier FP fiasco with NOD32, as well as Skype ads. <-QUOTE}

Both problems agreed. Out of interest NOD32 FPed on us as well and we fixed our FP in a day their's went on for a few weeks ... but again like I say FPs are an ongoing task and something that we don't like but it's a very delicate balance sometimes.

{QUOTE-> Anyone who is a malware removal specialist knows that SWD paid and free are extremely bloated with mediocre detection rates. <-QUOTE}

I would politefully disagree here, there may be some magazine reviews that are not as deep as others, but we also win ones where they dive very deeply. e.g. the PC World test was done by AV-Test.org, who are not new to testing malware detection rates, and tested against 110,000 samples, not a small test - http://www.pcworld.com/article/id,136205/article.html. The VB100 awards are done also by experienced malware testers, as are a number of others.

{QUOTE-> The other day I gave it another chance. Guess what? More blatant false positives. I manually looked for these pieces of malware and they are not there <-QUOTE}

Would appreciate if you could send the logs to me via PM as this can't happen unless there is something funky on the machine.

Regards,

David
PC Tools

{QUOTE->
2. Firewall. No stateful packet inspection, therefore fails grc.com port scanning tests. <-QUOTE}
While it may fail based on the ruleset, just because something does stateless filtering does not mean it will fail port scanning tests. It all depends on the users configuration, which should be to block all incoming TCP SYN connections unless they purposely want to open a certain port, in which case they would make a rule for it. Therefore, it is poor ruleset creation, not the lack of stateful packet inspection (stateful packet inspection is superior in almost every regard though, don't get me wrong)

Cheers,

Alphalutra1

Am trying out the firewall, AV and TF here for fun. So far TF is great, the firewall seems passable but I haven't really tested it yet in any way or form, the AV is *painfully* slow on scanning any type of archive, especially .CAB files (even small ones!), it almost chokes on them. After an hour and 15 minutes, scanning a 40 gig HD, it's still only 77% finished. Most other AVs scan the drive in 30 mins give or take a few.. Will play with everything for a while and see what else I notice...

For those interested the Firewall Plus beta 3.0 is now available at http://www.pctools.com/firewall/ or the direct download at http://www.pctools.com/mirror/fwbeta.exe

Usual beta precautions should be taken, e.g. system restore point, non-critical PC, but if you've had issues in the past (e.g. Vista) we'd like to hear how those issues are behaving on the new version.

{QUOTE-> AV is *painfully* slow on scanning any type of archive, especially .CAB files <-QUOTE}

Kerodo, I'll have a look, are you using AV v3.6 beta or the current release 3.1.2?

Thanks

David
PC Tools

{QUOTE-> While it may fail based on the ruleset, just because something does stateless filtering does not mean it will fail port scanning tests. It all depends on the users configuration, which should be to block all incoming TCP SYN connections unless they purposely want to open a certain port, in which case they would make a rule for it. Therefore, it is poor ruleset creation, not the lack of stateful packet inspection (stateful packet inspection is superior in almost every regard though, don't get me wrong)

Cheers,

Alphalutra1 <-QUOTE}
Fair enough; however, my point was that the grc test was meant to check if a firewall is capable of stealthing unused ports, and the PCT fw is incapable of doing that short of choking off your internet connection, AND the inclusion of a rule specifically designed to falsify passing the grc test.

Downloading the beta now; let's see how much things have changed.

{QUOTE-> Have you tried Av 3.6 beta - http://www.pctools.com/downloads/avbeta.exe? AFAIK this issue it not outstanding in the new version but if it still occurs for you please let us know. <-QUOTE}
Yes. Assuming a newer version of the beta hasn't been released since I tried it last month, the same problems still exist, after more than 8 months.

{QUOTE->


Kerodo, I'll have a look, are you using AV v3.6 beta or the current release 3.1.2?

Thanks

David
PC Tools <-QUOTE}
Using the current release downloaded from the web site.. Am back to another image right now, but may try out the beta at a later time.. The release version did seem to have some trouble specifically with CAB files. It took quite some time on each file, meaning close to 60 seconds sometimes for one small file.

{QUOTE->
I would politefully disagree here, there may be some magazine reviews that are not as deep as others, but we also win ones where they dive very deeply. e.g. the PC World test was done by AV-Test.org, who are not new to testing malware detection rates, and tested against 110,000 samples, not a small test - http://www.pcworld.com/article/id,136205/article.html. The VB100 awards are done also by experienced malware testers, as are a number of others. <-QUOTE}
I respectfully disagree. ;) While AV-Test may be considered a credible testing lab, their results are not the holy grail, and my experiences are on 'real' computers infected by the end user. I personally clean an average of 5 infected systems each week in my shop, and Spyware Doctor (SD) fails to impress me. The poor detection rates are primarily the reason I did not renew my paid subscription.

One of the AnandTech mods, who is a malware hunter/researcher, performed a little test on his Win2k box a few weeks ago. He collected 95 malware samples, including exploits, rootkits, trojans (Zlob, DNSChanger, LoadAdv, VideoAccessCodec and others), backdoors, password-stealers, PUPs/adwares (including some DLLs, BHOs and EXEs harvested from a few live installs on his honeypot), a malicious HOSTS file, a QuickTime exploit, and a couple email worms, plus a really tough one: sneaky Frogexer images used to smuggle malicious code through the firewall. This is fresh real-world malware, hot off the bad guys' servers today 8-15-2007.

http://forums.anandtech.com/messageview.aspx?catid=76&threadid=2084972&enterthread=y

SD (not listed) was used a few hours ago (nearly 2 weeks after the fact) and it only detected 21 out of 95. Worse than Spy Sweeper......and both of you guys are critically acclaimed. As long as magazines and websites keep pimping your product, who really cares about detection rates, right?

{QUOTE-> I respectfully disagree. ;) While AV-Test may be considered a credible testing lab, their results are not the holy grail, and my experiences are on 'real' computers infected by the end user. I personally clean an average of 5 infected systems each week in my shop, and Spyware Doctor (SD) fails to impress me. The poor detection rates are primarily the reason I did not renew my paid subscription.

One of the AnandTech mods, who is a malware hunter/researcher, performed a little test on his Win2k box a few weeks ago. He collected 95 malware samples, including exploits, rootkits, trojans (Zlob, DNSChanger, LoadAdv, VideoAccessCodec and others), backdoors, password-stealers, PUPs/adwares (including some DLLs, BHOs and EXEs harvested from a few live installs on his honeypot), a malicious HOSTS file, a QuickTime exploit, and a couple email worms, plus a really tough one: sneaky Frogexer images used to smuggle malicious code through the firewall. This is fresh real-world malware, hot off the bad guys' servers today 8-15-2007.

http://forums.anandtech.com/messageview.aspx?catid=76&threadid=2084972&enterthread=y

SD (not listed) was used a few hours ago (nearly 2 weeks after the fact) and it only detected 21 out of 95. Worse than Spy Sweeper......and both of you guys are critically acclaimed. As long as magazines and websites keep pimping your product, who really cares about detection rates, right? <-QUOTE}
While SD is not a top product IMHO as well, trying to imply that your personal anecdotal evidence and a test of 95 samples performed by a random person beats AV-Test in credibility is funny at best.

{QUOTE-> I respectfully disagree. ;) While AV-Test may be considered a credible testing lab, their results are not the holy grail, and my experiences are on 'real' computers infected by the end user. I personally clean an average of 5 infected systems each week in my shop, and Spyware Doctor (SD) fails to impress me. The poor detection rates are primarily the reason I did not renew my paid subscription.

One of the AnandTech mods, who is a malware hunter/researcher, performed a little test on his Win2k box a few weeks ago. He collected 95 malware samples, including exploits, rootkits, trojans (Zlob, DNSChanger, LoadAdv, VideoAccessCodec and others), backdoors, password-stealers, PUPs/adwares (including some DLLs, BHOs and EXEs harvested from a few live installs on his honeypot), a malicious HOSTS file, a QuickTime exploit, and a couple email worms, plus a really tough one: sneaky Frogexer images used to smuggle malicious code through the firewall. This is fresh real-world malware, hot off the bad guys' servers today 8-15-2007.

http://forums.anandtech.com/messageview.aspx?catid=76&threadid=2084972&enterthread=y

SD (not listed) was used a few hours ago (nearly 2 weeks after the fact) and it only detected 21 out of 95. Worse than Spy Sweeper......and both of you guys are critically acclaimed. As long as magazines and websites keep pimping your product, who really cares about detection rates, right? <-QUOTE}
From what I gathered from the link you gave, it was not to say product A is better than product B, but rather to point out that a layered defense is the better option. Granted, SpywareDoctor has seen better days!

{QUOTE-> While SD is not a top product IMHO as well, trying to imply that your personal anecdotal evidence and a test of 95 samples performed by a random person beats AV-Test in credibility is funny at best. <-QUOTE}
I never once questioned AV-Test's credibility. Last time I checked I was entitled to my opinion which is based on real world experiences. SD isn't a horrible program, there are simply better alternatives. I'd be delighted to post some log files comparing SAS vs. SD vs. AVGAS vs. SS on a hosed pc I am servicing as we speak.

Tried the AV beta last night but still the problem with hanging for 30-120 seconds on small CAB files. Not sure what's going on there, but it's not a good thing. Something is amiss... Otherwise, the firewall and TF seem fine. Firewall GUI hangs up at Windows shutdown also, which is annoying, but I can deal with that more easily than the AV scan problem..

{QUOTE-> I never once questioned AV-Test's credibility. Last time I checked I was entitled to my opinion which is based on real world experiences. SD isn't a horrible program, there are simply better alternatives. I'd be delighted to post some log files comparing SAS vs. SD vs. AVGAS vs. SS on a hosed pc I am servicing as we speak. <-QUOTE}

What do you recommend for free real time protection? Is it a waste of my time to be installing Windows Defender on pc's I clean.

{QUOTE-> What do you recommend for free real time protection? Is it a waste of my time to be installing Windows Defender on pc's I clean. <-QUOTE}

You could go with BOClean or Spyware Terminator.

{QUOTE-> What do you recommend for free real time protection? <-QUOTE}
Nothing on the free side. I'd rather pay $20 for SUPERAntiSpyware Pro (http://www.wilderssecurity.com/showthread.php?t=178713&highlight=superantispyware) which offers superior real-time protection that works alongside your resident AV, comes with lifetime updates, almost daily updates, and you get some of the best support in the industry. It's the best $20 you'll spend on any security app IMO.

{QUOTE-> Is it a waste of my time to be installing Windows Defender on pc's I clean. <-QUOTE}
Absolutely. Using WD is no different than relying on Ad-Aware to clean a hosed pc. A quick forum search will pull back plenty of hits on why you should avoid WD.

If you're cleaning hosed pc's feel free to check out the URL in my sig for more info.

tawd1992 - so we don't take this thread off topic, would you mind starting a new thread with your question. Thanks.

Snap

Hello,

I have read this entire thread, I hope my answers are on the mark.
I have used Spyware Doctor products in the past. For some reason, it only ever found false positives - which you could not remove in the free version.

There was a period when they offered an on-demand version capable of removal, I think it was 3.1, 3.2 or so. It was free for a certain period. On the last day of that period, false positives cropped, on two completely different, unrelated systems. And of course, you had to pay to remove the "problems."

I don't know what goes in the PC Tools labs, but I do find this ... strange.

Take it any which way you will. Before quality ever comes in regards, there's the first matter of credibility and trust.

Mrk

I tried TF and i like the concept,but i noticed high CPU spikes when opening a new web page with Firefox.Spikes at about 48% of the CPU,dropping down to 0% once the page is loaded.I wish i could disable the net module which i suppose is used by TF.

Hi, folks: They do have a very fancy menu, which offers today's specials, new items and so on from time to time. This does arouse one's appetite. But the concern is that after each consumption, one(including myself) needs to seek the rescue of PeptoBismal. Darn, it is a love and hate cycle mess. I just wish they could do something.

{QUOTE-> While SD is not a top product IMHO as well, trying to imply that your personal anecdotal evidence and a test of 95 samples performed by a random person beats AV-Test in credibility is funny at best. <-QUOTE}I agree totally. Not "funny" ha-ha, but "funny" in the sense that, as Mr Spock would say, "It is not logical." *puppy*

I am using the beta of PCT's firewall. So far it is VERY good! Relatively easy to understand & configure. A tolerable number of pop-ups. Light on resources. Evidence of good protection. Stable -- BUT it is sometimes a tad reluctant to shut-down.

{QUOTE-> Stable -- BUT it is sometimes a tad reluctant to shut-down. <-QUOTE}
Yep, but some might call that a feature... :D

{QUOTE-> Hello,

...I have used Spyware Doctor products in the past. For some reason, it only ever found false positives...Mrk <-QUOTE}

Ahem...Strange indeed, but your main issue was about modified Hosts File and the issue has been fixed. There is no way ALL you get can be FP's. 8)

{QUOTE-> Ahem...Strange indeed, but your main issue was about modified Hosts File and the issue has been fixed. There is no way ALL you get can be FP's. 8) <-QUOTE}
Who said anything about modified Hosts File??? Why couldn't they've been ALL FP???

Hello,
My issue was never hosts file as I don't use them.
My hosts file always have a single entry - 127.0.0.1 loopback and that's it.
My issue was with various "CWS" and such entries... the false positives that are both serious and alarming to an unknowing user. The ones that might goad people into purchasing software to remove something that has never been there in the first place.
Mrk

Side note: all and EVERY security product I have used have only EVER found false positives. Keep that in mind. But some were simple and innocent mistakes, and all removable.

PC Tools SD is the only to sprout them the last day of the free version, when removal is no longer possible - and money must be paid to remove.

Sounds ... interesting.

{QUOTE-> Who said anything about modified Hosts File <-QUOTE}

Sorry there is no time to fill you in, the issue of Spyware Doctor FP's has been hotly debated on this forum since version 3. I do think it will end anytime soon. 8)

{QUOTE-> Sorry there is no time to fill you in, the issue of Spyware Doctor FP's has been hotly debated on this forum since version 3. I do think it will end anytime soon. 8) <-QUOTE}
I'm quite up-to-date on the FP issues, I was a customer of their's. {QUOTE-> Who said anything about modified Hosts File??? Why couldn't they've been ALL FP??? <-QUOTE} This was my question...if you have time.

Hi, folks: F.P. is the heirloom of SD. It has to be inherited from this version to the next one. No exceptions can even be contemplated. I have tested each newer version, each time results in the very same outcome---needing PeptoBismal to calm my upsetting stomach. If, if one day that tradition can be overthrown, I am willing to fork over my hard earned mooney for long term commitment. Until then everything they say are up in the air--unsettled. Good luck.

{QUOTE-> Hello,
My issue was never hosts file as I don't use them.
My hosts file always have a single entry - 127.0.0.1 loopback and that's it..

Side note: all and EVERY security product I have used have only EVER found false positives. Keep that in mind. But some were simple and innocent mistakes, and all removable... <-QUOTE}

Sorry Mrk: It was Fred22 who explained his own false positives on SD:

'alright..i know what it causes the FP's..i'll use hostman from abelhadigital.com
when i use REPLACE IP: 127.0.0.1 > 0.0.0.0..arr 5000 infecties?! '

For the rest of you who always get FP's and nothing else from SD versions, you are the only ones who can explain why. I do not get FP's. The last time I got an FP ALL the AS products of the time gave the same FP - it was a confusion between PC Agent spyware and Perfect Clarity Audio due to the .pca extension.

PC tools has issues with some products (including SD) but they are detailed on the PC Tools website. If SD is not your thing use a different product. ;D