PC Pitstop – Perfect Detection in VB RAP Test

PC Pitstop made numerous improvements to the new engine.  Super Shield 2.0 improvements  include,

  • Enhanced signature based detections
  • Enhanced hash based detections
  • Enhanced DLL detections
  • 100% internally developed and implemented eliminating our reliance on Vipre’s black list engine
  • New script based detections which block malicious scripts run through Power Shell, wscript, cscript, MSHTA, and runDLL before they execute.

The potential for our new engine was enormous, but we first wanted to prove it in independent tests. In June 2016, we submitted the new engine to the venerable and well respected Virus Bulletin RAP test. They ran their tests in August 2016, and we received the first  in December 2016.

You can read the full PC Pitstop fourth quarter newsletter here.

(Visited 169 times, 1 visits today)

3 thoughts on “PC Pitstop – Perfect Detection in VB RAP Test

  1. My understanding is that PcPitstop trounced others in the RAP test which is expected as it uses whitelist opposed to the typical whitelist methodology. However unless the whitelist is very good, false positives are not only possible but probable and most certainly more likely than a blacklist system. This image indicates strikethrough on PcPitstop which indicates false positives. From my recollection of PrevX (the original whitelist security program that if recollection serves chains through aquisitions/mergers etc PcPitstop’s Secure Shield) , this is to be expected if you run particularly novel software. So my software isn’t whitelisted. From critical reviews I see that it can be submitted for review with a 24 hour turnaround time. In the meanwhile, I can wait or run it anyway. Is there at least a sandbox for these situations? How are non-tech savy people supposed to manage false positives? Won’t they just run malware from bad learning eventually? Is it true that standard Windows services are disabled? If so why is that beneficial? What about critics that registry scanning is no longer needed since Windows 7?

    • Hello Jason,

      You are correct that with a whitelist based security program you are more likely to see false positives, however we believe that a small amount of false positives is always better than suffering from a ransomware infection. False positives can be fixed in a few clicks, in stark contrast to the steps you need to take after being infected with malware. I’m going to break this down in the order of the questions you asked at the end.

      1. We do not have any sandboxing in our product. We believe that removing taxing analysis like sandboxing on the endpoint keeps system resources available for the user and keeps our program lightweight.

      2. Non-tech savvy people in most situations won’t see false positives. They’re using common software that is already on our global whitelist so it will run like normal. In a situation where they do use software that is not on the whitelist they need to put the program into advanced mode to allow execution. While in the Virus Bulletin test we returned around 14,000 false positives, this is out of a clean sample size of 850,000 files. That gives a percentage of 1.6% on the test which will be even lower in real life usage.

      3. The only windows service that is disabled by our product is the windows defragmentation service. Our program intentionally disables this service due to the way the operating systems identifies solid-state drives. PC Matic’s SSD identification rules are more accurate and defraging reduces the life of solid-state drives. Our customer’s drives are not left without disk defragmentation, as it is included within PC Matic. We do not remove our customer’s ability to defragment their drives.

      4. Our product is focused on being a security product. We are constantly working to provide the best protection in the industry. The performance enhancement features come as an addition to that security, and users can decide if they want to take advantage of the performance suite or not. We still believe registry cleaning provides benefits to our customers, especially those on old operating systems.

      Thank you for the insightful questions, have a wonderful day Jason!

Leave a Reply

Your email address will not be published. Required fields are marked *