Microsoft Releases Anti Spyware Beta

chewmanfoo · Post by **chewmanfoo** » Thu Jan 06, 2005 8:47 pm

I just downloaded and installed it. It's fantastic! It combines the best of SpySweeper, SpyBot and Ad Aware. It has resident shields, the ability to scan mapped network drives, the ability to schedule updates and scans, plus a tool called Tracks Eraser that gets rid of MRU lists for Windows and several third-party applications. Plus, if you choose to be a member of SpyNet, you have the advantage of reporting spyware found on your PC automatically and taking advantage of spyware found by other members of SpyNet. You can dumb it down a lot too for an inexperienced user by turning off notices and alerts. Score one for Microsoft.

BillyGoat · Post by **BillyGoat** » Thu Jan 06, 2005 10:38 pm

its too bad that most spyware is on your computer because of security flaws of MS

Post by **FlyingPenguin** » Thu Jan 06, 2005 10:50 pm

It's just Giant Anti-Spyware re-packaged with the Microsoft brand name. Giant was a good spyware scanner. Just hope Microsoft doesn't screw it up now that they own it. Support is everything. That's what happened to Adaware - they aren't keeping up the definitions and it misses a lot of spyware now.

Adaware's been off my radar for the past 6 months.

canton_kid · Post by **canton_kid** » Fri Jan 07, 2005 7:51 am

Giant Anti-Spyware re-packaged with the Microsoft brand name.

I had never heard of that one myself. Anyway wouldn't it be nice if MS came out with something of their own sometime instead of just buying up or ripping off the other companies!

If you look at the history of windows, most of the BIG DEAL stuff they add some other company came out with first. And normally the other companies stuff was better also.

The old Disk managers, Drive compresion, various drive tools (like scan disk) were all out and various names BEFORE MS added them into windows. Nothing new, MS just grabbed someone elses ideas and bragged they were built into windows now! I am talking like back in the WIN 3.0 days, but still the same thing now. Look at all the firewalls out there, now XP has one, all the spy scanners and now XP has one! Hmm, did I finallly hear something after all theses years about XP getting a built in Virus scanner???
Gee all the advances that MS makes in computer technology

Kinda makes you sick don't it! Especailly since it's almost all just to fix problems they created in the first place!!!

Post by **FlyingPenguin** » Fri Jan 07, 2005 8:06 am

Actually Canton, it makes perfect sense. Why would you want MS to write an anti-spyware or anti-virus app from scratch? MS has no experience with those kind of applications. Nor do they have the large definitions database.

chewmanfoo · Post by **chewmanfoo** » Fri Jan 07, 2005 9:21 pm

Regardless of whether Microsoft wrote the program or not, I think people will finally wake up and smell the spyware coffee, now that Microsoft has slapped their name on an anti-spyware product. I think more people recognize the Microsoft name over Webroot, Spybot, Lavasoft, etc.

There are many people who don't even know what spyware is, let alone know how to get rid of it and what programs to use, so I think this product, if bundled in the next SP or issued as a Windows update, will educate people.

rndmtask · Post by **rndmtask** » Fri Jan 07, 2005 9:36 pm

I just tried this today, wow its nice. I wish I had known about it before I have a bad feeling MS is going to blow it and make this program suck.

canton_kid · Post by **canton_kid** » Tue Jan 11, 2005 9:46 am

"Actually Canton, it makes perfect sense. Why would you want MS to write an anti-spyware or anti-virus app from scratch? MS has no experience with those kind of applications. Nor do they have the large definitions database."

You are correct there FP, also since most of the problems are caused by MS holes in the first place I really would not trust it if they wrote it anyway I think.

Regardless of whether Microsoft wrote the program or not, I think people will finally wake up and smell the spyware coffee, now that Microsoft has slapped their name on an anti-spyware product. I think more people recognize the Microsoft name over Webroot, Spybot, Lavasoft, etc.

For the people to learn about the stuff and how to fix it or stop it is good. There are good things to be said for actaully having to learn how to use a computer!! MS created most of the mess we have by trying to make computers to easy!

MS slapping their name on it is what I meant I don't like. Score up another great advance for MS and Windows, based on some other companies product. The people that don't know what spyware even is (as mentioned) will simply think MS has made some great advance here, they have not!

People that never heard of the various names of antispyware software companies still will not hear of them most likely, use an "MS" product, thus companies loose support and sales also since enventually people would have found out about them at some point. Not everyone would donate or buy the programs, but most would use the free ones. Some of us would buy programs like Spysweeper, I was going to, but now I may wait a short while and see what happens. Probably buy it now and hope MS doesn't cause them to drop the support in 2yrs or less and move on to something else instead.

And as mentioned, MS will most likely screw it up anyway.
Anyone want to geuss how long it will be untill we start hearing of holes opened by MS antispyware that lets spyware onto the system even easier than before?? Maybe leave a port open to spyware that's supposed to be used for updates or something??

In the old days you used to hear of alot of software that was better than what MS ended up including in windows. Stacker, Mem managers, Disk managers, most of the 3rd party stuff worked better/faster/reliably, then MS adds there own, Double space and drive space, that did not work as well and crashed more often. People get the free garbage with MS and stop using the better stuff, then you don't see the continued support and upgrades from the better stuff and it fads away or outright dies!
Companies either go under from the lost sales, or they move on to other programs, either way leaving everyone stuck with MS bull.

fords8 · Post by **fords8** » Thu Jan 13, 2005 2:23 am

The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000.

http://support.microsoft.com/?kbid=890830

FAQ: Frequently asked questions

• Q1: Does this tool provide my computer with protection against infection from malicious software like viruses, worms, and Trojan horses?
A1: No. This tool is strictly a postinfection removal tool.

• Q2: What installer does this tool use?
A2: The tool does not install or update files on a computer. Therefore the tool does not use an installer, such as Windows Installer or Update.exe. It is packaged within a self-extracting CAB executable to reduce the size of the package.
• Q3: How do I remove this tool?
A3: The tool does not have to be removed because the tool is never installed. No Programs folder entry or Add/Remove Programs entry is created when the tool is run. However, there may be a temporary folder left in the root of one of your disks. This folder will be removed on next restart.

• Q4: Is this tool digitally signed by Microsoft?
A4: Yes.

• Q5: What type of information does the log file contain?
A5: For information about the log file, click the following article number to view the article in the Microsoft Knowledge Base:
891716 Deployment of the Microsoft Windows Malicious Software Removal Tool in an enterprise environment

• Q6: Does this tool require a restart?
A6: When run from Windows Update or from Automatic Updates, the tool may trigger a restart prompt. However, the prompt is triggered only when the restart is required to remove malicious software.

• Q7: Is this tool a replacement for an antivirus product?
A7: No. We strongly recommend that you install and use an up-to-date antivirus product. For more information, visit the following Microsoft Protect Your PC Web site:

http://go.microsoft.com/fwlink/?linkid=37595

• Q8: How does this tool work with the System Restore feature in Windows XP?
A8: This tool does not create a system restore point, nor does it scan system restore points for malicious software. However, if there is active, prevalent malicious software running on a computer that is stored in a restore point, the removal tool will detect and remove it.

• Q9: Can this tool be redistributed?
A9: Yes. Per the terms of this tool's EULA, the tool can be redistributed. However, make sure you are redistributing the latest version of the tool.

• Q10: Can the tool run on a computer that is running Microsoft Windows 98, Microsoft Windows Millennium, or Microsoft Windows NT 4.0?
A10: No.

• Q11: What is the difference between this tool and an antivirus product?
A11: There are three key differences between the Malicious Software Removal tool and an antivirus product: • The tool provides postinfection removal of malicious software. It can only remove malicious software from an already-infected computer. Antivirus products are also able to block malicious software from running on a computer. It is significantly more desirable for malicious software to be blocked from running on a computer than being removed postinfection.
• The tool removes only specific, prevalent malicious software. See "Release information" for the specific list. Specific, prevalent malicious software is a small subset of all the malicious software in the wild today. An antivirus product can remove significantly more-malicious software.
• The tool focuses on the detection and removal of active malicious software. Active malicious software is malicious software that is currently running. The tool cannot remove malicious software that is not running. An antivirus product can perform this task.

• Q12: When do new versions of the tool become available?
A12: New versions become available on the second Tuesday of every month. Microsoft may also release an updated version of the tool to supplement these releases if an emergency occurs.

• Q13: Where can I obtain new versions of the tool?
A13: If you are a Windows XP user, use Windows Update or Automatic Updates. If you are a Windows Server 2003 user or a Windows 2000 user, download the tool from the Download Center, or run the tool from Microsoft.com. See the "Download and setup information" section for more information.

• Q14: How do I know that I am using the latest version of the tool?
A14: Check Windows Update or Automatic Updates if you are a Windows XP user. Check the Microsoft Download Center if you use Windows Server 2003 or Windows 2000. Also, if the tool is more than 60 days out of date, it will remind you to see whether there is a new version of the tool.

• Q15: I ran the tool, and it found nothing on my computer. But my computer is still exhibiting strange behavior. What should I do now?
A15: Visit the following Protect Your PC Web site, and then follow the steps:
http://go.microsoft.com/fwlink/?linkid=37595
Scan your computer with an up-to-date antivirus product, and then visit the following Microsoft Web site:
http://www.microsoft.com/spyware

• Q16: Why does my antivirus product take longer to scan my computer than this tool?
A16: Unlike an antivirus product, the Malicious Software Removal Tool scans only for "active" malicious software. Specifically, the tool does not scan the whole hard disk. This enables it to run fairly quickly. It is highly recommended that you use an up-to-date antivirus product to also scan for inactive malicious software.

• Q17: Will the Microsoft Knowledge Base article number of the tool change with each new version?
A17: No. The Microsoft Knowledge Base article number for the tool will remain as 890830 for future versions of the tool. The file name of the tool when downloaded from the Microsoft Download Center will change with each release to reflect the month and the year when that version of the tool was released.

• Q18: Is there any way I can request that new malicious software be targeted in the tool?
A18: Currently, no. Malicious software that is targeted in the tool is based on metrics that track the prevalence and damage of malicious software.

• Q19: How does the Malicious Software Removal Tool relate to Microsoft Windows AntiSpyware (Beta)?
A19: The Malicious Software Removal Tool is a different release than Microsoft Windows AntiSpyware (Beta). To download this antispyware tool, visit the following Microsoft Web site:
http://www.microsoft.com/spyware
The Malicious Software Removal Tool focuses on the detection and removal of malicious software. For example, malicious software includes viruses, worms, and Trojan horses. Windows AntiSpyware (Beta) detects and removes spyware.

• Q20: Does this tool send back any information to Microsoft?
A20: Yes. If the tool finds an infection or an error, anonymous information is sent back to Microsoft. See the "Reporting component" section for more information.

• Q21: Can I prevent this tool from sending information back to Microsoft?
A21: Yes. The reporting component can be disabled by setting a specific registry key. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
891716 Deployment of the Microsoft Windows Malicious Software Removal Tool in an enterprise environment

• Q22: Can I determine whether the tool has been run on a computer?
A22: Yes. By checking a registry key, you can determine whether the tool has been run on a computer and which version was the latest version that was used. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
891716 Deployment of the Microsoft Windows Malicious Software Removal Tool in an enterprise environment

• Q23: Why don't I see the tool on Windows Update or Automatic Updates?
A23: Several scenarios may prevent you from the seeing the tool on Windows Update or Automatic Updates:• Only Windows XP users are offered the tool on Windows Update or Automatic Updates.
• If you have already run the current version of the tool (through Windows Update or through Automatic Updates or through either of the other two release mechanisms), it will not be reoffered on Windows Update or Automatic Updates.
• For Automatic Updates, the first time that you run the tool, you must be logged on as a member of the Administrators group to accept the EULA.

• Q24: How does Windows Update and Automatic Updates determine who is offered the tool?
A24: All Windows XP users who are running the latest version of Windows Update or Automatic Updates and who have not already run the current version of the tool are offered the tool on Windows Update and Automatic Updates.

• Q25: When I ran the tool, it told me that errors were found during the scan. What were the errors, and how do I resolve them?
A25: You can view the specific errors by reading the log file, named Mrt.log, in your %windir%\Debug folder. For information about the errors, click the following article number to view the article in the Microsoft Knowledge Base:
891717 You receive an error when you run the Microsoft Windows Malicious Software Removal Tool

• Q26: Will you rerelease the tool even if there are no new security bulletins for a particular month?
A26: Yes. Even if there are no new security bulletins for a particular month, the Malicious Software Removal Tool will be rereleased with detection/removal support for the latest prevalent malicious software.

• Q27: How do I prevent this tool from being offered to me by using Windows Update or Automatic Updates?
A27: When you are first offered the Malicious Software Removal Tool through Windows Update or Automatic Updates, you can choose to decline downloading and running the tool by declining the EULA. This decline can apply to just the current version of the tool or to both the current version of the tool and any future versions, depending on the options you choose. If you have already accepted the EULA and if you would prefer not to install the tool through Windows Update, click to clear the check box that corresponds to the tool in the Windows Update UI.

• Q28: After I run the tool through Windows Update or Automatic Updates, where are the tool files stored? Can I rerun the tool?
A28: After the tool is run through Windows Update or Automatic Updates, it is automatically deleted from the computer. To run the tool without using Windows Update or Automatic Updates, run the tool from the Download Center or from the following Microsoft Web site:
http://www.microsoft.com/malwareremove

• Q29: Can I run this tool on a Windows Embedded computer?
A29: Currently, the Malicious Software Removal Tool is not supported on a Windows Embedded computer.

• Q30: Does running of the tool require any security updates to be installed on the computer?
A30: No. Unlike most previous cleaner tools that were produced by Microsoft, the Malicious Software Removal tool does not require any security update prerequisites. However, it is strongly recommended that all critical updates be installed before using the tool, to help prevent reinfection by malicious software that takes advantage of security vulnerabilities.

• Q31: Why did my taskbar disappear and reappear when I ran the tool?
A31: If the tool finds malicious software on a computer, the Malicious Software Removal Tool may have to restart Windows Explorer to remove the malicious software. This causes the taskbar to disappear and reappear but does not affect any part of your data.

• Q32: Can I deploy this tool by using SUS or SMS? Is it compatible with MBSA?
A32: For information about deploying this tool, click the following article number to view the article in the Microsoft Knowledge Base:
891716 Deployment of the Microsoft Windows Malicious Software Removal Tool in an enterprise environment

• Q33: Do I need the previous cleaner tools installed to run the Malicious Software Removal Tool?
A33: No.

• Q34: Is there a newsgroup available to discuss this tool?
A34: Yes. You can use the microsoft.public.security.virus newsgroup.

MS AntiSpyware vs Ad-Aware vs SpyBot

http://www.flexbeta.net/main/articles.p ... show&id=84