Taking signatures seriously
To run the test, you have to let a signed ActiveX control run in Internet Explorer. That's OK.
But they do essentially tell me to ignore the security dialog:
This screen lets you know that eTrust PestScan is a signed or certified ActiveX application that you can trust.
That is more than the signature actually tells me. The signature tells me that some company—in this case Pest Patrol Inc.—says I can trust it.
Problem is: I never before heard of Pest Patrol Inc. While I trust Computer Associates, I do not trust a company I never even heard of. If I am this sloppy with signature authenticaton, there is little wonder that I get infected with spyware.
And this is not only CA—hardly anybody expects their end users to check a signature.
PS: My experience is that Pest Scan must be run under an administrator account, but that the error message only tells you to enable ActiveX.