Amateurish

  • Thread starter Thread starter Hugh
  • Start date Start date
H

Hugh

This whole anti-spyware project is amateurish.

Why is the second beta still referred to as Beta 1 when I
do Help->About ?

I just installed the updated version, but then again maybe
that failed and I cant tell, who knows!

It also claims to have removed spysheriff, several times
now, I have rebooted etc but spysheriff is still there,
totally unimpacted by the anti-spyware.

Also it is utterly amateurish to not have an auto-reboot
option that automatically reboots when it has done with its
spyware removal.

Giving me a stupid dialog that says "Please rebbot and do
so quickly, if you dont reboot quickly the spyware may
regenarate itself".

I have never read such a stupid message from an MS
application since the days of DOS.

Get a grip.
 
Beta 2 has not been released.
There is a new version of Beta , Version 1.0.614, but it is still Beta 1.
Look under Help/About to verify.

You want automatic reboot, others do not.
When computers do automatically reboot, the complaints from users are
similar to yours except stronger.
In your case, you need to reboot.
In the other case, people are prevented from doing their work and sometimes
lose data because of the automatic reboot.
There are advantages and disadvantages to both, take a look at the other
side before criticizing to much.
But then again, this is still Beta 1, much will change before the final
product is released.
Make your suggestions known.
 
The real amateurish thing for Microsoft to do would be
for them to abritrarily decide what to do after a scan
simply because it's what the programmers like, not what
the end-users like. This is a sure-fire way for
Microsoft to lose more users to its competitors.
Microsoft has always, or almost always, looked at what
the end-users liked before designing or re-designing a
program, while a lot of its competition did exaclty the
opposite.

Now back to the other comments you made in your post.

An unexpected reboot can also imply there's something
wrong with the system. Many users might think their
system is infected with a virus such as the blaster
virus, which if I'm not mistaken caused people's systems
to reboot constantly. This IS NOT good programming
practice, as this will cause more problems and complaints
than it's worth. Not to mention the many people going to
Microsoft's Support pages, and trying to find out why
their system is contantly rebooting after a scan is run,
only to find out that the way the program is designed is
what's causing their problems, which will likely cause
them to stop using the product. All this IS NOT good far
anyone, especially Microsoft, as they will likely have to
address this in the form of a security patch or a new
version.

Another problem that I see with using this type of
feature is that some spyware/malware program, or even a
virus, Trojan, or Internet worm could use this feature to
fake MSAS into thinking it has just completed a scan,
causing the system to reboot. Once the system reboots,
and before MSAS loads, the program installs onto the
users system, and takes total control of the system.
This wouldn't be the first time that a damaging program
acted in this manner. Look at all the programs that can
turn off your AV program's scanner.

The best way to deal with this is for the scanner and
removal tool to be improved so this isn't even necessary
in the future.

The last thing someone, especially a system
administrator, needs is to happen is to run a scan, and
try to correct some other problems on the system, only to
have the system reboot itself before the other problems
are fixed, causing an important system file to be
corrupted. Just think of the nightmare this system
administrator has to deal with, as all the data on the
system might be lost, including some important files that
someone else in the company needs in order to complete
the project(s) they are working on. This is just one
reason that auto-rebooting a system after a scan is
simply stupid. Not to mention the fact that if you
wanted to see what it found and removed, you would have
to open MSAS, go to Tools > Spyware Scan > View Spyware
Scan History, and most users simply wouldn't do this.
This would make most users not realize that their system
is being compromised by the same spyware over and over,
which will defeat the entire purpose of the program to
begin with (i.e., to make it easier to protect and rmove
any possible spyware/malware from a system).

Also, the best way to currently deal with many forms of
spyware is to run a full system scan in Safe Mode.

Alan
 
Hi Hugh,

Thanks for your opinions.
I have different ones tho.

The 'forced reboot' , as others have mentioned wouldn't go over will in many
places. Such as those who have other open files and programs as the machine
goes black.


Ron Chamberlin
MS-MVP
 
I have posted comments here many times and I am
dissapointed by the reactions.

One MS person advised to me to "use the ausbmit new spyware
report" option.

Had that person bothered to read my post he would have seen
that it was the FAILURE of that feature that led to my
posting, ie I tried and failed.

I spend a lot of time testing MS software, not least of
which is VS 2005, xp64, C# etc.

I have noticed a significant lack of quality in the
anti-spyware support when compared to these, I guess these
have far bigger budgets etc, but that difference is relevant.

Why do you not have a formal bug reporting system?

Why must I resort to a public informal newsgroup?

It is this facet of the operation that lies behind my
growing frustration.

Hugh
 
On the subject of auto-reboot.

I am surprised that this suggestion is considered so
negatively. Of course I understand the gravity and
potential for user confusion, but this is not a new thing.

Get serious.

Need I remind you that a chkdsk operation can result in a
pre-boot process running that carries out diagnostics and
repairs?

Sometimes this will reboot after it has finished.

What about doing this? telling the user that the system
will be scanned on the next reboot? That way there is no
need for a "surprise" reboot?

Or what is wrong with a dialog that says

"Warning AntiSpyware is in auto-reboot mode, pressing AUTO
may result in an automatic shutdown and restart, please
close all applications before proceeding. Press MANUAL if
you want to be asked whether to reboot or not."

What I am getting at and was getting at, is that the
current approach is clumsy and indicates (by virtue of the
phraseology it uses) that even the anti-spyware
algorithm(s) are not too certain about the state of the
machine, asking someone to reboot "quickly" is by far the
silliest thing I have seen in years.

You may feel it is legitimate and valid, I am amzed that MS
who have done an incredible job with NT, .NET etc are
letting this kind of code out the door.

Hugh


\
 
You must resort to these newsgroups because that is the way Microsoft
decided to run this Beta.
If you have growing frustrations with this, perhaps this Beta is not for
you.
 
I agree the way the warning is worded is clumsy.

But remember, this program IS NOT a program that
Microsoft created. They bought Giant Company so they
could get Giant AntiSpyware. They did some reworking of
the code, but most of the original stuff from Giant
Company still remains. If you press Ctrl-Alt-Delete you
will see some programs listed that start with gc, and in
the c:\program files\microsoft antispyware folder, you
will see a lot of files that start with gc as well.
These were originally coded by Giant Company, and
Microsoft has changed some of the code for these files.

As beta testing goes on, they are finding these types of
things throughout. I used the trail version of Giant
AntiSpyware also, and the main app is still roughly the
same as it was before Microsoft bought out Giant Company.

I've NEVER had chkdsk reboot the system. When I've tried
to run a full scan, I've had to tell it to scan some part
on the next boot cycle. The point you are trying to make
about this programs "reboot" feature is not even valid,
as the program doesn't tell the system to reboot. If
this has happened to your system, I'd suggest running
another scan because there could be a problem in the boot
sector. I've had a boot sector error in the past that
made the hybernation feature of Windows ME fail to work,
and the same could be true of the system you were writing
about.

The point is that NO, and I MEAN NO program should force
a person to reboot their system, unless it's in regards
to patching a major security hole. Just imagine if your
system is also a web server, and running the scan takes
your server offline. I wouldn't want to be the person
responsible for that server, as there's going to be a ton
of angry clients. This would cause MS to have to
redesign the app yet again before it can be released for
use in the business sector, which will be very costly to
MS and that cost will be passed onto the companies that
use the product, as this version will likely not be
free. This means that it could take over a year before
an enterprise version will be available, which is not
good for MS nor its users.

As I said in my reply, it can take MSAS a while to load
at startup. This could leave the door open for a program
to trick MSAS into thinking it's just completed a scan
and must reboot the system, and when the system reboots,
the program is installed before MSAS can detect it. If
it places code into the prefetch folder, it can be a
nightmare to remove. This is because whenever you launch
the app that the code is linked to, the program is
reinstalled, without MSAS or any other antispyware (AS)
app detecting it because the code is now on the system
and isn't from outside the system. ABetterInternet is a
good example of a spyware app that stores code in the
pretetch folder, and no AS app that I've used deteced
it's presence in the prefetch folder, nor it's
reinstallation onto the system.

What needs to be done is for the removal tool to
quarentine the app so it can't reinstall, and try to
delete the entire app. If it can't do so, then keep the
app quarentined and before Windows loads on the next boot
cycle, delete the program. This is how Giant AntiSpyware
had to deal with one piece of spyware it caught in the
past on my system. My guess is that the quarentine
feature is a little buggy right now and the warning is
MS's way of dealing with it until they can correct it.

Alan
 
Back
Top