BeeThink SpyDetector 2.0

{rw_text}Giveaway of the day for December 25, 2008 is BeeThink SpyDetector 2.0.
[rssless]————————-{/rw_text} –>


  • Real-time protection.
  • Firewall and spyware protection in one program (HIPS)
  • Built in whois query.

{/rw_good} –>


  • Is not set by default to automatically start when Windows starts.
  • Is not detected by Windows as a firewall.
  • Software by unknown company.
  • Gives a (false!) warning about my blog =P.
  • Windows gives warning about un-registered driver/publisher.
  • Doesn’t actually remove the spyware/adware if it gets installed.

{/rw_bad} –>

{for=”Features as Described” value=”10″}As I mention below, I am not a security expert so I cannot truly test if this software properly blocks malware, but I give this a 10 anyway. WTHBBQ.
{for=”Ease of Use” value=”7″}Easy, but not very easy.
{for=”Usefulness” value=”10″}Who doesn’t need protection?
{/rw_score} –>

When installing this program, you may get warnings from Windows such as the following:

Messages like that occur because this software, more or less, has not been ‘certified’ or ‘registered’ to work with Windows – the publisher is unknown, therefore the driver cannot be trusted sort of thing. In order to use this software, you will have to pass this warning message. Usually these error/warning messages are meaningless in the sense that the software/driver most likely will not harm your computer. But that is not always the case and I cannot vouch for this software, because I have never heard of BeeThinks, so I will not recommend you to go further since there are free alternatives available (keep reading please).

Registration went well though – just run Activate.exe after you ran Setup.exe.

This program is, more or less, a firewall that is able to recognize spyware, trojans, adware, etc. That being said, this is what the program window looks like:

The program operates like many firewalls. Your open connections are displayed; detail is given about those connections such as port used and IP address. It also includes a ‘warning’ if SpyDetector thinks the connection is harmful. You can block individual connections, IP addresses, ports, etc. You have the ability to create ‘rules’ were you can mass block IP addresses, ports, etc. You can view your connections by each open connection (Session Mode) or by each packet sent/received by your computer (Packet Mode). With these traditional firewall features, BeeThink SpyDetector 2 is able to detect malware. By my understanding, SpyDetector does this by studying your ‘normal’ network/internet activity and if any action deviates from the norm, SD labels it as malware. But I am no security expert so I may be wrong on how it works exactly, nor can I comment on how well SpyDetector 2 works in detecting malware. Bottom line is that this program is a firewall + anti-malware protection. One thing to note, however, is that this program does not remove/delete malware if the malware actually gets on your computer. This program is supposed to detect and block malware before it gets onto your computer – this program offers HIPS protection. You will need an on-demand antimalware scanner to remove malware if you accidently get infected (scroll down to free alternatives).

When you run the program for the first time, be sure to do what the setup wizard says so you can get the program to work properly. I find it annoying that you have to close things like MSN messenger and let the program run for 20 minutes to setup. Can’t be on my messenger for 20 minutes, nooooooooo.

One feature I liked about this software is that you can look up the remote IP address your computer is connected to – a whois (who/what it belongs to). Right click on a connection -> Look up remote IP address.

That all being said, I have never heard of BeeThink before. I am not willing to trust an unknown company with the security of my computer especially if you consider the recent scareware episode where companies in the USA were shutdown for selling fake protection software. Not saying this software itself is bad, just saying…be sure you know the company you are trusting your security with.

Also, there are a few things I noticed:

  1. SpyDetector 2 is not set by default to startup on Windows boot. Yes I know I have complained about programs setting themselves up to startup on Windows load by default before, but this type of program, firewall + anti-malware, is one of those few programs that should start up when Windows load. To make the program start up when Windows loads, go to Tools -> Options -> General -> Start up. Check “Start automatically with Windows”.
  2. Windows (Vista Home Premium 32-bit) does not recognize SpyDetector as a firewall. Usually if you install a firewall onto your computer, Windows Security Center will recognize it as a firewall and turn off Windows Firewall (if you have it enabled). It will also recognize what firewall is enabeld if you look at Windows Security Center. However, this does not happen with SpyDetector 2.
  3. SpyDetector 2 gives a ‘red’ warning about my blog! Lame. I promise that my website does not secretly download spyware/adware/other crap onto your computer. Cross my heart, hope to die, stick a needle in his eye. At least I don’t think so XD.
  4. “Possible Backdoor.Nodelm, Backdoor.Hesive.B, Trojan.Esteems.C Attacks” is said for a lot of TCP connections – even those that are not given a ‘red’ warning. As I said, I am not security expert, but labeling something like 50% of my TCP connections with that warning really cuts into the credibility of this software.

Free Alternatives:

Real-time Protection

Spyware Terminator – comes with Crawler ‘Web Gaurd’ and ClamAV antivirus. I suggest not installing Crawler Web Gaurd (you have to uncheck the option when installing) and turning off ClamAV. Use Avira for the best free antivirus.


Spyware Doctor

On-demand Scanner

Ad-Aware 2008

Malwarebytes Anti-Malware


Firewall w/ HIPS Protection

Comodo Firewall (now Comodo Internet Security) – Internet security includes AntiVirus and Firewall. I suggest not installing the AntiVirus portion of Comodo Internet security. Just use the firewall. Use Avira for the best free antivirus.

Online Armor

PMnet Verdict: For a comprehensive firewall w/ HIPS protection, I suggest Comodo over BeeThink. Comodo is truly an award winning and time tested product that works. Regardless of what you decide, you should still consider getting on-demand scanners since BeeThink and Comodo cannot remove spyware/unwanted stuff (although Comodo Internet Security can remove viruses) if your computer is infected. For on-demand scanning, I suggest Malwarebytes because it has a fairly small footprint when compared to the others, but all three are excellent. For real time protection I suggest Threatfire (for 32-bit only!) but Spyware Terminator is excellent also – just be sure not to install the Crawler “Web Guard” toolbar (it is very annoying). Whatever you decide, remember to not get more then one real-time protection software because it will lag your computer. You can, however get Comodo + Threatfire because they have little to none conflict with each other.


Related Posts