Hi Malwarebytes Team,
Driver Restore has gone through a transition and we are now working on making sure our application user friendly.
We would like to go through each point noted by screen317. Before we do that, we would like to thank screen317 to for taking the time to review our application. We also decided to respond in the long form, apologies for the wordy response.
1) We have reviewed our terms and conditions and removed the highlighted section. Thanks for bringing this to our attention. In 2014, we bundled the Yahoo Search Toolbar with our software. It was a great idea in 2014, but not as great of an idea today. We don't bundle anything with our software anymore and there is no need for that paragraph.
2) We understand that no one will use our application for biological or nuclear weapons, but its there because our lawyers wanted it there. Our application is sold in multiple languages, and around the world. Since we are US based, we have to comply with the laws where we don't export our software to countries on US no trade list. Along with that, we have to specifically say that you can't use our application to make weapons. We have worked with Norton in the past, they have similar paragraphs in their terms and conditions. In fact, you will this in Apple's terms in conditions too. We hope its ok.
3) This is a split brain issue. Our scanner interacts with our server. If a scan is cancelled on the user side, and server has already received the data to analyze the scan, it records what the scan resulted in. Even though a user never saw the scan results, those were in fact generated for the user. When the user clicked on the register link to go to the website, scan information is pulled from the server. So you are right, website knew more than application. We know it can be confusing, but if scan was finished, you will not see this out of sync issue. Its just a corner case, split brain issue, not meant to be misleading at all.
4) There are couple of reasons you might have seen a blank screen. We don't have a tech support number or live tech support in every region. However, if you are in most English speaking countries (since this is an English build you tested), you should have received something. Our application does a live query in our server to see which number should be given, depending on the country/region. This is being driven by and image server, which is based on openx/revive ad server. Since you seem like a security expert, you might had ads blocked. Since the number is coming from an image from an adserver, it is most likely getting blocked. However, we are very quick to support. We respond to most of our users within hours. We use Zendesk, and we are about 98% as good as anyone else in the market, according to Zendesk. We are very responsive.
5) Targeted Advertisement :
Our eCommerce platform does wonderful things, just like any other eCommernce platform. It reminds users of cart abandonment. We also do re targeting ads with companies like Google and Bing. We do not sell our user data, we don't send any PII data to any third parties. We are very protective of our customer. These terms are only there to optimize our sales efforts and make sure if someone wants to buy our software, we can reach out to them. As you probably know, google does use almost anything you use from these to track the user around the internet. We use google analytics as our analytics package, much like majority of internet websites these days. Our lawyer had us put that in for those reasons also. Again, we are not trying to be malicious. Just alertings our users. We don't buy user data from anyone, we don't sell user data to anyone, its just good old user tracking for analytics.
6) DriverRestore has done "probably needs based" advertisement with partners who would prompt the user to install Driver Restore. We approve the screens and make sure they are not misleading. We only work with partners who are reputable, and working with groups like Clean Software Alliance. We do checks on these partners to make sure they are not misleading the users. We have been around for many years, and we know there are many partners in the space who will do anything to get an install. We don't work with that type of partners. We have been running DriverRestore for many years. We have seen the good, bad and ugly partners for sure, but we only work with reputable companies, some of which are publicly traded and follow industry practices.
7) We are not sure which partner is doing that, but that is not an approved creative from our side. We would like to know which partner it is. After all these months, we are probably not advertising with that partner anymore.
8) You guys were the pioneers I would say in PUP detection. We actually think most of the industry follows you guys. We have been working with some of the other AV companies, at least the ones that respond and you can see on virus total that biggest ones have white listed us. There are still some heuristics based guys who might have us listed, but we are engaging with them and pleading our case. We are small software company. DriverRestore is important to us and we are working with everyone to make sure our software abides by the industry standards.
We have looked at your updated PUP policy, and here is our response to each point:
Here are some of the criteria we use:
obtrusive, misleading, or deceptive advertising, branding, or search practices
RESPONSE: We do not use such advertising or branding. We are very clear in telling our customers that we will update their drivers also let them know that they will have to pay before they download.
excessive or deceptive distribution, affiliate or opt-out bundling practices
80% of our advertisment is done on search engines. We only work with top tier affiliate providers which are part of Clean Software Alliance, and App Esteem.
aggressive or deceptive behavior especially surrounding purchasing or licensing
We are very clear to tell our customers about what they are buying, and offer a no questions asked 60 days policy. We extend this policy as far as the payment method allows us to do refunds.
unwarranted, unnecessary, excessive, illegitimate, or deceptive modifications of system settings or configuration (including browser settings and toolbars)
We do not do any such changes. We install cleanly, and uninstall cleanly.
difficulty uninstalling or removing the software
We provide a clean uninstaller, which does not even require a use to restart. We are committed to creating quality software and believe that a clean uninstaller is an essential part of it.
predominantly negative feedback or ratings from the user community
We have looked at our feedback on MalwareBytes forums and noticed that only feedback from your community is about it being a false positive. We also looked elsewhere. Other than spammy SEO websites, we have only seen handful of complaints. We are addressing those complaints actively and reaching out to the customers. We have lacked in reaching out to the customers in the past and we strive to improve on this.
diminishes user experience
We are never in user's way and user has multiple ways int he settings screen to decide how they want the software to interact wth them. We provide a clean and easy to use UI.
other practices generally accepted as riskware, scareware, adware, greyware, or otherwise commonly unwanted software by the user community
While we are aware that there are many applications in our space which are not "trustworthy", we believe we stand out of the crowd. We have been around for over 7 years. We were one of the first, and our product has been user driven. We don't hide and always use our code signing certificates when distributing the software.
We do see some removal guides. Those are the spam search engine optimizers (SEO). They are in business of getting free clicks from users, and then promoting a product themselves. There are many of these even doing it from Malwarebytes and other good companies. In the past, we never responded to these, but we understand our online reputation is important. We have started responding to any users issues online and have seen some positive reviews show up.
We also noticed that you said there are many clones. We only have one clone. DriverWhiz. DriverWhiz is only promoted on Google. It has never been bundled, or has bundled anything with it. We don't have any other clones.
In conclusion guys, we want to help our users. We do so by providing free information about which drivers are out of date. If they want to use the automated update process, we have to charge them because we are using our servers for bandwidth, and there are other parties involved which need to be paid. We have no malicious intent. If you feel there still are some concerns which we need to address, or believe our software warrants changes, please let us know. We will be happy to.