Re: Alerting - Malicious software removal tool

Leythos wrote:
In article <9AAC7AE5-48B8-4E88-9163-59674962BF01@xxxxxxxxxxxxx>, steve.riley@xxxxxxxxxxxxx says...
Leythos, which "security people" claim the tool is useless?

Your claim is certainly unsubstantiated by the data. We released the tool in early 2005. As of June 2008, the tool has executed almost three billion times and has performed over 62 million disinfections on almost 24 million distinct computers.

This information, plus much more research, is available from our twice-yearly Security Intelligence Report. You can download the latest edition from http://www.microsoft.com/sir. You can see a list of the malware families the MSRT recognizes at http://www.microsoft.com/security/malwareremove/families.mspx; we update

How many people, other than MS people, do you see suggesting that it's the proper tool to use when removing malware?

How many people, other than MS people, do you see suggesting that compromised computers should be cleaned with it?

How many machines were not cleaned by the MS provided tool?

You don't have to take my word for any of it, all you have to do is a LITTLE research to see that noone in the community puts any serious faith in using the tool.

I have NO connection to any vendors products or tools, I have no investment in any vendors products or tools - I make this statement to affirm that my opinion is not biased by greed.

My personal experience with over 3700 machines this year, is that it's not effective when compared to other tools. I think the MSRT is a noble effort and was a good thing, but actually securing the OS would have been more worthy and a better allocation of money.




People usually do not recommend MRT because, on a computer that has automatic updates allowed (the default setting) it is run the first Tuesday of every month when new Windows updates are released.

I place a shortcut to the MRT on the desktop of every Vista computer I work on so the computer owner can run it "on demand" - along with any other antimalware the may run.

If you are not recommending people to run this when they have an infection, or do not utilize it yourself, you are not using an important tool that is at your disposal.
.

Relevant Pages

  • Re: Group Policy - Pushing out Software
    ... going to VNC into the computer, log on as the local Admin and do my thing". ... I would suspect that you are familiar with 'updates' via GPO. ... I know the way we access users machines using Remote Desktop ... > life easy for 2 administrators keeping 80 users machines updated. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Exceptional Error - Custom Menus deleted at startup of Access
    ... machines with SIMILAR ... And more precisely I sould say that I have "Microsoft Office 2000 ... * "If updates would be making this kind of problems then why other machines ... > implied that installing the updates would break things. ...
    (microsoft.public.access.formscoding)
  • Re: Is a Windows 98se computer more, or less, of a security threat with IE 5.5 (unused) & Firefo
    ... from drive-by attacks its a closer ... hardware solution where the updates get applied rather than our local ... So far i've been able to keep most of the old machines running myself. ... do this just because of a security risk alone is difficult. ...
    (microsoft.public.windowsupdate)
  • Re: Comparing update systems
    ... It checks for updates at the repositories, ... I understand what a network is. ... are not to many machines, you can do it during instalation. ...
    (alt.os.linux.suse)
  • Re: Weird Wireless Speeds
    ... The rom/firmware version is the same for the wireless card, ... on both machines. ... How about some numbers instead of generalities on the speeds? ... Critical updates only, or did you include the optional updates and ...
    (alt.internet.wireless)
Quantcast