http://www.microsoft.com/security/malwareremove/default.mspx Silj -- siljaline MS - MVP Windows (IE/OE) 2003/04 AH-VSOP _______________________________________
![]() |
0 |
![]() |
Is this in addition to Microsoft AntiSpyware Beta 1? doug
![]() |
0 |
![]() |
Doug wrote in grc.news.latestversions: > Is this in addition to Microsoft AntiSpyware Beta 1? yes -- Kayode Okeyode http://del.icio.us/kayodeok http://www.kayodeok.co.uk/weblog/
![]() |
0 |
![]() |
"kayodeok" wrote: > Doug wrote in grc.news.latestversions: > >> Is this in addition to Microsoft AntiSpyware Beta 1? > > yes I beg to differ, it's a 'stand-alone' tool which is not a plug-in the MS anti-spyware (MSAS). http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en Or, http://snipurl.com/bxw7 Silj -- siljaline MS - MVP Windows (IE/OE) 2003/04 AH-VSOP _______________________________________
![]() |
0 |
![]() |
siljaline wrote in grc.news.latestversions: > "kayodeok" wrote: >> Doug wrote in grc.news.latestversions: >> >>> Is this in addition to Microsoft AntiSpyware Beta 1? >> >> yes > > I beg to differ, it's a 'stand-alone' tool which is not a plug-in > the MS anti-spyware (MSAS). Isn't that what I said? "Is this in addition to Microsoft AntiSpyware Beta 1?" "yes" In other words, we have Microsoft AntiSpyware Beta 1 and then we have another utility - Microsoft Malicious Software Removal Tool. We now have *two* utilities; (1) Microsoft AntiSpyware Beta 1 and (2) Microsoft Malicious Software Removal Tool Am I missing something here? "Is this in addition to Microsoft AntiSpyware Beta 1?" "yes" I don't see anything wrong in my answer except that it perhaps needs fleshing out. -- Kayode Okeyode http://del.icio.us/kayodeok http://www.kayodeok.co.uk/weblog/
![]() |
0 |
![]() |
In grc.news.latestversions kayodeok wrote: > siljaline wrote in grc.news.latestversions: > >> "kayodeok" wrote: >>> Doug wrote in grc.news.latestversions: [ ] > > "Is this in addition to Microsoft AntiSpyware Beta 1?" > "yes" I suggest that the reader read "Is this an addition..." (ie "Add-in")
![]() |
0 |
![]() |
kayodeok wrote: > siljaline wrote in grc.news.latestversions: > > > Am I missing something here? > > "Is this in addition to Microsoft AntiSpyware Beta 1?" > "yes" > > I don't see anything wrong in my answer except that it perhaps needs > fleshing out. > looked like substance was merely lost in translation ... -- poo .... the sound of inevitability
![]() |
0 |
![]() |
siljaline wrote: > http://www.microsoft.com/security/malwareremove/default.mspx > > Silj > > Impression is that this is a "Stinger" like program, targeting only specific viruses...
![]() |
0 |
![]() |
siljaline wrote: > http://www.microsoft.com/security/malwareremove/default.mspx > > Silj > > Wait a damn minute here! This tool just showed up on my Windows Update! It's probably a good thing that it came out, and maybe after it is out for a while and is proven to do no harm it would be OK for it to be automatic, but to set me up to download it on the first day? I think not! At least I am setup to get notices only so I got to see what it wanted to do first... (This is my first, shocked, reaction. I'm sure (almost) that it won't run, but I'll bet it installs. Arrogant pukes)
![]() |
0 |
![]() |
While parsing 'grc.security.software', I found "Nobody" stating: > siljaline wrote: > > > http://www.microsoft.com/security/malwareremove/default.mspx > > > > Silj > Wait a damn minute here! This tool just showed up on my Windows Update! > > It's probably a good thing that it came out, and maybe after it is out for a while and is proven to do no harm it would be OK for it to be automatic, but to set me up to download it on the first day? I think not! At least I am setup to get notices only so I got to see what it wanted to do first... > > (This is my first, shocked, reaction. I'm sure (almost) that it won't run, but I'll bet it installs. Arrogant pukes) LOL -- I know what you mean. I came here first and read up on it before I clicked that purdy yellow systray icon! There's more info in earlier threads by kayodeok -- lots of good links... :)
![]() |
0 |
![]() |
>There's more info in earlier > threads by kayodeok -- lots of good links... :) Message-ID: <Xns95DBBE299AEF0news4kayode@news.grc.com> Date: Tue, 11 Jan 2005 18:41:26 +0000 (UTC)
![]() |
0 |
![]() |
http://forum.aumha.org/viewtopic.php?t=10865 Silj -- siljaline MS - MVP Windows (IE/OE) 2003/04 AH-VSOP _______________________________________
![]() |
0 |
![]() |
Nobody wrote: > siljaline wrote: > >> http://www.microsoft.com/security/malwareremove/default.mspx >> >> Silj >> >> > Wait a damn minute here! This tool just showed up on my Windows Update! > > but I'll bet it installs. Arrogant pukes) MS said it shows up in XP windows update but not w2k or 2003. I ran *mst* -- MS says it does not install, merely scans for several malcodes and removes. scan is quick and just starts, less than 1 min, found nothing here. DLs as exe (cab) I think it puts mst in temp folder and runs. when it's done, MS says the temp folder will delete after reboot. they say they will update this tool every month... -- poo .... the sound of inevitability
![]() |
0 |
![]() |
Wandering aimlessly about grc.news.latestversions,grc.security.software, I heard Nobody say: > siljaline wrote: > >> http://www.microsoft.com/security/malwareremove/default.mspx >> >> Silj >> > Wait a damn minute here! This tool just showed up on my Windows Update! > > It's probably a good thing that it came out, and maybe after it is out > for a while and is proven to do no harm it would be OK for it to be > automatic, but to set me up to download it on the first day? I think > not! At least I am setup to get notices only so I got to see what it > wanted to do first... > > (This is my first, shocked, reaction. I'm sure (almost) that it won't > run, but I'll bet it installs. Arrogant pukes) You'd lose the bet, since there is no "installation" involved. The "arrogant pukes" are offering a tool via the update process that does *not* install anything, does *not* even download unless you accept the displayed EULA, even on automatic updates, and if the EULA is accepted, downloads and runs, and then deletes itself. Still "shocked"? -- Dutch GRC Newsgroups/Guidelines/No Regrets http://client.grc.com/news.exe?cmd=article&group=grc.techtalk&item=124863
![]() |
0 |
![]() |
> siljaline scribbled: > http://www.microsoft.com/security/malwareremove/default.mspx I allowed WU to install it, but also manually downloaded it. I went back to WU after rebooting, but there is nothing on that page that allows me to run the tool.... The only way I have found to run it is by manually downloading the install file from: http://www.microsoft.com/downloads/details.aspx?familyid=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en ....and double clicking on it. It means you have to agree to the EULA each time.... :-( No way of automating it's scan through task scheduler when that has to be done by the user... This webpage http://support.microsoft.com/?kbid=890830 says: <quote> When the Malicious Software Removal Tool runs, it performs the following functions. Except where noted, the tool has the same behavior independent of what command-line switches you use or how you download and run the tool. Note that the tool is not actually installed on a computer. Therefore, no entry is created for it in the Programs folder or in Add/Remove Programs. <end quote> ....which appears to say that it doesn't actually install an 'executable' on the hard drive that users can run. Still looking CLOSELY at what it reports back to Microsoft each time it's run. Dont know how that's going to work if I'm not online when I run it. -- mlvburke@xxxxxxxx.nz Replace the obvious with paradise.net to email me Found Images http://homepages.paradise.net.nz/~mlvburke
![]() |
0 |
![]() |
I understood ... thanks for the info doug
![]() |
0 |
![]() |
In grc.news.latestversions Nobody wrote: > siljaline wrote: > >> http://www.microsoft.com/security/malwareremove/default.mspx >> > > Impression is that this is a "Stinger" like program, targeting only > specific viruses... Except that the MSRT *only* scans for selected *active* malware. Stinger scans files on disk as well. http://support.microsoft.com/?kbid=890830 "Q16: Why does my antivirus product take longer to scan my computer than this tool? A16: Unlike an antivirus product, the Malicious Software Removal Tool scans only for "active" malicious software. Specifically, the tool does not scan the whole hard disk. ..."
![]() |
0 |
![]() |
In grc.news.latestversions Max Burke wrote: >> siljaline scribbled: >> http://www.microsoft.com/security/malwareremove/default.mspx > > I allowed WU to install it, but also manually downloaded it. I > went back to WU after rebooting, but there is nothing on that page > that allows me to run the tool.... [ ] > ...and double clicking on it. It means you have to agree to the > EULA each time.... :-( > No way of automating it's scan through task scheduler when that > has to be done by the user... > > This webpage http://support.microsoft.com/?kbid=890830 says: > > <quote> > When the Malicious Software Removal Tool runs, it performs the > following functions. Except where noted, the tool has the same [ ] > ...which appears to say that it doesn't actually install an > 'executable' on the hard drive that users can run. AFAICT the executable is "stand-alone" with the possibility of skipping the EULA each time *only* if it is "installed" via WU and if XP. Likely a registry setting somewhere. > Still looking CLOSELY at what it reports back to Microsoft each > time it's run. Dont know how that's going to work if I'm not > online when I run it. http://support.microsoft.com/?kbid=890830 "EULA display" "Reporting infection information" "Reporting component" and others...
![]() |
0 |
![]() |
Mark V wrote: > In grc.news.latestversions Max Burke wrote: > > AFAICT the executable is "stand-alone" with the possibility of > skipping the EULA each time *only* if it is "installed" via WU and if > XP. Likely a registry setting somewhere. > even directly running just the mrt.exe GUI from temp dir opens EULA here, "accept" and it starts immediately, no trace that it phoned home but it also reported as clean so nothing to report ... -- poo .... the sound of inevitability
![]() |
0 |
![]() |
"Max Burke" <mlvburke@%$%#@.nz> wrote in news:cs2eni$23kh$1@news.grc.com: >> siljaline scribbled: >> http://www.microsoft.com/security/malwareremove/default.mspx > > I allowed WU to install it, but also manually downloaded it. I went > back to WU after rebooting, but there is nothing on that page that > allows me to run the tool.... I also "downloaded" it using the Windows update, and saw nothing different on my screen. However, after doing some digging, I found a new file, MRT.LOG, in my C:\Windows\Debug folder with the following content: Microsoft Malicious Software Removal Tool v1.0, January 2005 Started On Wed Jan 12 08:35:11 2005 Removal Tool Results: No infection found. Microsoft Malicious Software Removal Tool Finished On Wed Jan 12 08:35:13 2005 So, I'm guessing that users will only be made aware of it running if something is found. I've always been critical of M$ "minimal information" policy. In this case, if a user has "asked" for it, M$ should be considerate enough to tell you what happened... Daniel Bragg
![]() |
0 |
![]() |
Mark V wrote: > In grc.news.latestversions kayodeok wrote: > > >>siljaline wrote in grc.news.latestversions: >> >> >>>"kayodeok" wrote: >>> >>>>Doug wrote in grc.news.latestversions: > > [ ] > >>"Is this in addition to Microsoft AntiSpyware Beta 1?" >>"yes" > > > I suggest that the reader read "Is this an addition..." > (ie "Add-in") Absolutely. "Silj" read "an" rather than "in". Oh!, the joys of English :-) -- Tony.P
![]() |
0 |
![]() |
Daniel Bragg wrote: > "Max Burke" <mlvburke@%$%#@.nz> wrote in > news:cs2eni$23kh$1@news.grc.com: > after doing some digging, I found a new file, > MRT.LOG, in my C:\Windows\Debug folder with the following content: same here on w2k_sp4 c:\winnt\debug\mrt.log it appends newer info to old. I did not use WUP but rather did a download. -- poo .... the sound of inevitability
![]() |
0 |
![]() |
Daniel Bragg wrote: > "Max Burke" <mlvburke@%$%#@.nz> wrote in > I also "downloaded" it using the Windows update, and saw nothing different > on my screen. However, after doing some digging, I found a new file, > MRT.LOG, in my C:\Windows\Debug folder with the following content: > > > Microsoft Malicious Software Removal Tool v1.0, January 2005 > Started On Wed Jan 12 08:35:11 2005 > > > Removal Tool Results: > No infection found. > > Microsoft Malicious Software Removal Tool Finished On Wed Jan 12 08:35:13 > 2005 > > > So, I'm guessing that users will only be made aware of it running if > something is found. > > I've always been critical of M$ "minimal information" policy. In this > case, if a user has "asked" for it, M$ should be considerate enough to tell > you what happened... > > Daniel Bragg Same here. I put a shortcut to the file on my desktop so I can look in it occasionally. There's gotta be a file somewhere that runs it though .... wouldn't you think? -- Get Firefox! Rediscover the web. http://www.mozilla.org/products/firefox/
![]() |
0 |
![]() |
Wandering aimlessly about grc.news.latestversions, I heard TCM say: > Daniel Bragg wrote: >> "Max Burke" <mlvburke@%$%#@.nz> wrote in > >> I also "downloaded" it using the Windows update, and saw nothing different >> on my screen. However, after doing some digging, I found a new file, >> MRT.LOG, in my C:\Windows\Debug folder with the following content: >> >> Microsoft Malicious Software Removal Tool v1.0, January 2005 >> Started On Wed Jan 12 08:35:11 2005 >> >> Removal Tool Results: >> No infection found. <> >> Microsoft Malicious Software Removal Tool Finished On Wed Jan 12 08:35:13 >> 2005 >> >> So, I'm guessing that users will only be made aware of it running if >> something is found. >> >> I've always been critical of M$ "minimal information" policy. In this >> case, if a user has "asked" for it, M$ should be considerate enough to tell >> you what happened... >> > Same here. I put a shortcut to the file on my desktop so I can look in > it occasionally. There's gotta be a file somewhere that runs it though > ... wouldn't you think? If you got the MSRT from WU, it ran in "quiet" mode, and was then deleted on completion of the run. -- Dutch GRC Newsgroups/Guidelines/No Regrets http://client.grc.com/news.exe?cmd=article&group=grc.techtalk&item=124863
![]() |
0 |
![]() |
TCM wrote, in post news:cs419s$h82$1@news.grc.com : > Daniel Bragg wrote: >> "Max Burke" <mlvburke@%$%#@.nz> wrote in > >> I also "downloaded" it using the Windows update, and saw nothing >> different on my screen. However, after doing some digging, I found >> a new file, MRT.LOG, in my C:\Windows\Debug folder with the >> following content: [...] >> So, I'm guessing that users will only be made aware of it running if >> something is found. >> >> I've always been critical of M$ "minimal information" policy. In >> this case, if a user has "asked" for it, M$ should be considerate >> enough to tell you what happened... >> >> Daniel Bragg > Same here. I put a shortcut to the file on my desktop so I can look in > it occasionally. There's gotta be a file somewhere that runs it though > ... wouldn't you think? I downloaded the tool during a WU session but couldn't find hide nor hair of it when the session was through, so I just moved on over to the MS download site and DL'd it to a folder. It's named Windows-KB890830-ENU.exe. Description:Self-Extracting Cabinet, size 255KB. You click it, a wizard-like screen appears, you click "Accept all terms yada...", click Next, and maybe 3 seconds later you get the results. Is it just scanning RAM or what? I guess it's better to have than not to have. A quick second opinion sorta. PZ -
![]() |
0 |
![]() |
PrivacyZealot wrote: > TCM wrote, > in post news:cs419s$h82$1@news.grc.com : > > I downloaded the tool during a WU session but couldn't find hide nor > hair of it when the session was through, so I just moved on over > to the MS download site and DL'd it to a folder. It's named > Windows-KB890830-ENU.exe. Description:Self-Extracting Cabinet, > size 255KB. You click it, a wizard-like screen appears, you click > "Accept all terms yada...", click Next, and maybe 3 seconds later > you get the results. Is it just scanning RAM or what? I guess it's > better to have than not to have. A quick second opinion sorta. > PZ > - when you run windows-kb..-enu.exe it creates a new 'temp' directory where it deposits mrt.exe. I renamed mrt and moved it to a new location, still runs ok, and appends to debug .log. -- poo .... the sound of inevitability
![]() |
0 |
![]() |
> poo0gimmal scribbled: > when you run windows-kb..-enu.exe it creates a new 'temp' directory > where it deposits mrt.exe. I renamed mrt and moved it to a > new location, still runs ok, and appends to debug .log. Two command line switches for this tool.... /Q runs in quiet mode. Does NOT prompt user to accept the EULA. (So it can be a scheduled task after all) /? displays version, language, etc.... The only 'annoyance' I have know is that it renames a temp file that GRR warns about, and asks if the change should be allowed.... -- mlvburke@xxxxxxxx.nz Replace the obvious with paradise.net to email me Found Images http://homepages.paradise.net.nz/~mlvburke
![]() |
0 |
![]() |
On Wed, 12 Jan 2005 17:48:09 -0600, poo0gimmal wrote: > PrivacyZealot wrote: >> TCM wrote, >> in post news:cs419s$h82$1@news.grc.com : >> >> I downloaded the tool during a WU session but couldn't find hide nor >> hair of it when the session was through, so I just moved on over >> to the MS download site and DL'd it to a folder. It's named >> Windows-KB890830-ENU.exe. Description:Self-Extracting Cabinet, >> size 255KB. You click it, a wizard-like screen appears, you click >> "Accept all terms yada...", click Next, and maybe 3 seconds later >> you get the results. Is it just scanning RAM or what? I guess it's >> better to have than not to have. A quick second opinion sorta. >> PZ >> - > > when you run windows-kb..-enu.exe it creates a new 'temp' directory > where it deposits mrt.exe. I renamed mrt and moved it to a > new location, still runs ok, and appends to debug .log. According to FileAlyzer it's a self extracting cab file (internal name SFXCAB.EXE), so each time it is run, it acts like a patch, except that it searches and reports, rather than replacing system files and crocking your box..... Fits on floppy disk too. -- Parker Molin
![]() |
0 |
![]() |
Parker Molin wrote: > crocking your box..... Haven't heard this one... ?? :-)
![]() |
0 |
![]() |
Dutch wrote: > Wandering aimlessly about grc.news.latestversions,grc.security.software, > I heard Nobody say: > >>siljaline wrote: >> >> >>>http://www.microsoft.com/security/malwareremove/default.mspx >>> >>>Silj >>> >> >>Wait a damn minute here! This tool just showed up on my Windows Update! >> >>It's probably a good thing that it came out, and maybe after it is out >>for a while and is proven to do no harm it would be OK for it to be >>automatic, but to set me up to download it on the first day? I think >>not! At least I am setup to get notices only so I got to see what it >>wanted to do first... >> >>(This is my first, shocked, reaction. I'm sure (almost) that it won't >>run, but I'll bet it installs. Arrogant pukes) > > You'd lose the bet, since there is no "installation" involved. The > "arrogant pukes" are offering a tool via the update process that does > *not* install anything, does *not* even download unless you accept the > displayed EULA, even on automatic updates, and if the EULA is accepted, > downloads and runs, and then deletes itself. Still "shocked"? Yeah, sorry. Independent of their motives, I think it is totally inappropriate, even with a eula (that most will not read), for MS to (as part of their patching service) download an executable, run it, and delete it without ANY visible indication of what just took place (unless it finds something). They haven't even publicly indicated (that I have seen at least) that there is a log file left on the system with the results of the scan. This makes them "arrogant pukes", IMO, because this is the typical "we know what's best for you" attitude that they seem to always apply to us "stupid customers". If I may paraphrase Steve, 'This is my (damn) computer', and they are not entitled to treat it like it was theirs. This is NOT MS bashing. It wouldn't matter a damn to me what company did this, it would still be unacceptable.
![]() |
0 |
![]() |
Wandering aimlessly about grc.security.software, I heard Nobody say: > Dutch wrote: > >> Wandering aimlessly about grc.news.latestversions,grc.security.software, >> I heard Nobody say: [...] >>>Wait a damn minute here! This tool just showed up on my Windows Update! >[...] >>>(This is my first, shocked, reaction. I'm sure (almost) that it won't >>>run, but I'll bet it installs. Arrogant pukes) > >> You'd lose the bet, since there is no "installation" involved. The >> "arrogant pukes" are offering a tool via the update process that does >> *not* install anything, does *not* even download unless you accept the >> displayed EULA, even on automatic updates, and if the EULA is accepted, >> downloads and runs, and then deletes itself. Still "shocked"? > > Yeah, sorry. Independent of their motives, I think it is totally > inappropriate, even with a eula (that most will not read), for MS to (as > part of their patching service) download an executable, run it, and > delete it without ANY visible indication of what just took place (unless > it finds something). They haven't even publicly indicated (that I have > seen at least) that there is a log file left on the system with the > results of the scan. > This makes them "arrogant pukes", IMO, because this is the typical "we > know what's best for you" attitude that they seem to always apply to us > "stupid customers". > If I may paraphrase Steve, 'This is my (damn) computer', and they are > not entitled to treat it like it was theirs. This is NOT MS bashing. > It wouldn't matter a damn to me what company did this, it would still be > unacceptable. Whatever, but isn't that pretty much what many of the updates also do? They download, run some not so obvious process to fix "you know not what", and then exit, leaving nothing behind except an indication that the patch has been installed. Why is this tool seen any differently? -- Dutch GRC Newsgroups/Guidelines/No Regrets http://client.grc.com/news.exe?cmd=article&group=grc.techtalk&item=124863
![]() |
0 |
![]() |
Dutch wrote: > > Whatever, but isn't that pretty much what many of the updates also do? > They download, run some not so obvious process to fix "you know not > what", and then exit, leaving nothing behind except an indication that > the patch has been installed. Why is this tool seen any differently? Definitely! I've got an XPH laptop and the MSRT shows just like another update. And the other EXEs are gone too unless they persist in a temp folder somewhere.
![]() |
0 |
![]() |
Dutch wrote: > Wandering aimlessly about grc.security.software, I heard Nobody say: > > >>Dutch wrote: >> >> >>>Wandering aimlessly about grc.news.latestversions,grc.security.software, >>>I heard Nobody say: > > >>Yeah, sorry. Independent of their motives, I think it is totally >>inappropriate, even with a eula (that most will not read), for MS to (as >>part of their patching service) download an executable, run it, and >>delete it without ANY visible indication of what just took place (unless >>it finds something). They haven't even publicly indicated (that I have >>seen at least) that there is a log file left on the system with the >>results of the scan. >>This makes them "arrogant pukes", IMO, because this is the typical "we >>know what's best for you" attitude that they seem to always apply to us >>"stupid customers". >>If I may paraphrase Steve, 'This is my (damn) computer', and they are >>not entitled to treat it like it was theirs. This is NOT MS bashing. >>It wouldn't matter a damn to me what company did this, it would still be >>unacceptable. > > > Whatever, but isn't that pretty much what many of the updates also do? > They download, run some not so obvious process to fix "you know not > what", and then exit, leaving nothing behind except an indication that > the patch has been installed. Why is this tool seen any differently? Because it is NOT a patch, and it is NOT fixing something that is broken (or flawed, unless you consider the OS flawed because it doesn't include AV). It is a new, separate (albeit free) product. As far as I'm concerned, they could allay my objection by adding at the top of the EULA, in red type, "Warning, accepting this EULA will result the downloading and running of a simple AV program that will only report results if it finds a problem". I understand that the EULA may already say something to this effect, but since this particular tool does something different than one would expect from an "Update" I think it needs to be more clear. The red text would draw more attention to the fact that this is different.
![]() |
0 |
![]() |
Wandering aimlessly about grc.security.software, I heard Nobody say: > Dutch wrote: > >> Wandering aimlessly about grc.security.software, I heard Nobody say: >> [...] >>>Yeah, sorry. Independent of their motives, I think it is totally >>>inappropriate, even with a eula (that most will not read), for MS to (as >>>part of their patching service) download an executable, run it, and >>>delete it without ANY visible indication of what just took place (unless >>>it finds something). They haven't even publicly indicated (that I have >>>seen at least) that there is a log file left on the system with the >>>results of the scan. >>>This makes them "arrogant pukes", IMO, because this is the typical "we >>>know what's best for you" attitude that they seem to always apply to us >>>"stupid customers". >>>If I may paraphrase Steve, 'This is my (damn) computer', and they are >>>not entitled to treat it like it was theirs. This is NOT MS bashing. >>>It wouldn't matter a damn to me what company did this, it would still be >>>unacceptable. < > >> Whatever, but isn't that pretty much what many of the updates also do? >> They download, run some not so obvious process to fix "you know not >> what", and then exit, leaving nothing behind except an indication that >> the patch has been installed. Why is this tool seen any differently? > > Because it is NOT a patch, and it is NOT fixing something that is broken > (or flawed, unless you consider the OS flawed because it doesn't include > AV). It is a new, separate (albeit free) product. Removing trojans if they exist is not "fixing" anything? > As far as I'm concerned, they could allay my objection by adding at the > top of the EULA, in red type, "Warning, accepting this EULA will result > the downloading and running of a simple AV program that will only report > results if it finds a problem". I understand that the EULA may already > say something to this effect, but since this particular tool does > something different than one would expect from an "Update" I think it > needs to be more clear. The red text would draw more attention to the > fact that this is different. Ok, I'll accept that having the EULA text in red would likely catch the attention of a few more people long enough to read the very first paragraph of section 1, where exactly what the tool does is clearly spelled out. IMHO, most would still just "click-n-go", which is exactly why having the tool run "automagically", as it does for auto updates, is a good thing. Those are the very same people most likely to be infected... -- Dutch GRC Newsgroups/Guidelines/No Regrets http://client.grc.com/news.exe?cmd=article&group=grc.techtalk&item=124863
![]() |
0 |
![]() |
While parsing 'grc.security.software', I found "Dutch" stating: > Wandering aimlessly about grc.security.software, I heard Nobody say: > > > Dutch wrote: > > > >> Wandering aimlessly about grc.security.software, I heard Nobody say: > >> > [...] > > > > Yeah, sorry. Independent of their motives, I think it is totally > > > > inappropriate, even with a eula (that most will not read), for MS to (as > > > > part of their patching service) download an executable, run it, and > > > > delete it without ANY visible indication of what just took place (unless > > > > it finds something). They haven't even publicly indicated (that I have > > > > seen at least) that there is a log file left on the system with the > > > > results of the scan. > > > > This makes them "arrogant pukes", IMO, because this is the typical "we > > > > know what's best for you" attitude that they seem to always apply to us > > > > "stupid customers". > > > > If I may paraphrase Steve, 'This is my (damn) computer', and they are > > > > not entitled to treat it like it was theirs. This is NOT MS bashing. > > > > It wouldn't matter a damn to me what company did this, it would still be > > > > unacceptable. > < > > >> Whatever, but isn't that pretty much what many of the updates also do? > >> They download, run some not so obvious process to fix "you know not > >> what", and then exit, leaving nothing behind except an indication that > >> the patch has been installed. Why is this tool seen any differently? > > > > Because it is NOT a patch, and it is NOT fixing something that is broken > > (or flawed, unless you consider the OS flawed because it doesn't include > > AV). It is a new, separate (albeit free) product. > > Removing trojans if they exist is not "fixing" anything? > > > As far as I'm concerned, they could allay my objection by adding at the > > top of the EULA, in red type, "Warning, accepting this EULA will result > > the downloading and running of a simple AV program that will only report > > results if it finds a problem". I understand that the EULA may already > > say something to this effect, but since this particular tool does > > something different than one would expect from an "Update" I think it > > needs to be more clear. The red text would draw more attention to the > > fact that this is different. > Ok, I'll accept that having the EULA text in red would likely catch the > attention of a few more people long enough to read the very first > paragraph of section 1, where exactly what the tool does is clearly > spelled out. IMHO, most would still just "click-n-go", which is exactly > why having the tool run "automagically", as it does for auto updates, is > a good thing. Those are the very same people most likely to be > infected... Am I allowed to agree with both of you? I like AVG's method of notification with their updates, but OTOH, I rarely read them and usually just click through anyway... <g>
![]() |
0 |
![]() |
On article <cs1efv$159n$1@news.grc.com>, siljaline wrote: > http://www.microsoft.com/security/malwareremove/default.mspx > > Silj > > > Silj, do you think this tool could be used as (a replacement to) McAfee's Stinger? -- Kind regards, Euler German Note that my eMail address is useless. Please, reply to the list
![]() |
0 |
![]() |
"Euler German" wrote: > On article <cs1efv$159n$1@news.grc.com>, siljaline wrote: > >> http://www.microsoft.com/security/malwareremove/default.mspx >> >> Silj >> >> >> > Silj, do you think this tool could be used as (a replacement to) > McAfee's Stinger? I wouldn't use it as a replacement, not for the time being at least. This may help > http://forum.aumha.org/viewtopic.php?t=10865 McAfee's Stinger is a "proven" stand-alone virus remover. http://vil.nai.com/vil/stinger/ http://download.nai.com/products/mcafee-avert/stinger.exe Regards, Silj -- siljaline MS - MVP Windows (IE/OE) & Security (AH-VSOP) __________________________________________ Security Tools Updates http://forum.aumha.org/viewforum.php?f=31 (Reply to group, as return address is invalid - that we may all benefit)
![]() |
0 |
![]() |