Security Task Manager hits the spot?
[Another post from SimpleRich via the wonders of syndication]
After the first week of using a computer that’s been online more than an hour, getting updates, doing software installs, etc, the formerly pristine condition, and trustworthiness of it is in doubt. Recently at my work some work stations got set up sans anti-virus software for around 12 hours on a high-speed connection and they had, when they got back to them, over 500 pieces of viral software on them, unwanted programs doing undesirable things without permission from us. What’s in your RAM?
What programs are running?
What are those programs?
What the hell is CTsvcCDA and why is it running all the time?
Why is my computer running so slow?
Why won’t msconfig actually WORK to make these start up programs just go away?!?
Why does KDB.EXE load itself every time I turn on the computer? Do I need it?
What is going on here?!?! It’s my computer, why does it keep running whatever it wants to?
Security Task Manager combines the task manager function of CTRL-ALT-DEL with a database of information on a huge variety of programs to give meaningful information about the programs that are currently running on your computer.
It doesn’t stop there though. It gives you an option to stop the program for this windows session, quarantine the program so it’ll never run again until you let it, or uninstall the program and remove it so it’s gone gone gone. I’ve used all those options, and they all work. This program gives you lots of information, and lots of control.
If you’re the type that appreciates the control of a manual transmission over the automatic in your computers this is a program you’ve got to have. The free version is what I’m using right now, but it’s certainly good enough to pay for, and I don’t say that often.
WGA – No Kill Switch
In a recent WGA article, I mentioned Ed Bott’s article about a theorized/alleged “kill switch” in the Windows Genuine Advantage stuff. On Friday, Computerworld.com posted an article with a quote from Microsoft denying such a thing.
“No, Microsoft antipiracy technologies cannot and will not turn off your computer,” said a spokeswoman with Waggener Edstrom, Microsoft’s public relations firm. “The game is changing for counterfeiters. In Windows Vista, we are making it notably harder and less appealing to use counterfeit software, and we will work to make that a consistent experience with older versions of Windows as well.”
Do we believe ‘em?
While the WGA thing calling home annoys and/or offends me, I’m not sure if I care if WGA disables unlicensed copies of Windows products. I’m legal and encourage folks I work with to be legit as well. Of course, the big caveat here is: Can you trust the WGA stuff to get it right? There are lots of stories (mostly anecdotal) about how it has either been wrong or hosed up systems… Until it is 99.99% accurate and no longer generating support calls and media hype, I’d certainly hope there’s no kill switch. But suppose its accuracy increases? Why shouldn’t MS be allowed to disable stolen software?
WGA Changes
Microsoft put out this press release this week to announce some changes with Windows Genuine Advantage.
If you cut to the chase:
The updated package includes some notable changes to the software based on customer feedback from the previous version.
- No daily configuration check
In the pilot phase, a PC that had installed WGA Notifications checked a server-side configuration setting upon each login, to determine if WGA Notifications should run or not. This configuration file check has been removed in the updated WGA Notifications package released today. It is important to note that WGA Validation still periodically checks to determine whether the version of Windows is genuine.- Clearer EULA and instructions to opt-in.
The End User License Agreement (EULA) has been replaced with a standard, General Availability EULA that more clearly explains the purpose of the software and details about WGA Notifications. For customers who choose not to install the updated package, and wish to remove an installed previous version, Microsoft has made available a set of instructions for removing previous versions of WGA Notifications from their PCs.
No more phoning home every time you log in (unless you had already “firewalled” it …).
Ed Bott, over at ZDNet, is getting lots of attention with his recent “Kill Switch” post. Scary stuff and worth a read.
WGA – Spyware?
Perhaps I shouldn’t have taken the effort to get WGA Validation stuff installed. After reading this article from Windows Secrets titled, “Genuine Advantage is Microsoft spyware” I’m feeling a bit suckered. I’ll say that article is bit “excitable”, but geeze. There are some interesting claims in there. Well worth a look if you’re running Windows.
The leadoff paragraph:
Windows Genuine Advantage the controversial program Microsoft auto-installed as a “critical security update” on many PCs starting on Apr. 25 not only causes problems for many users but has now been proven to send personally identifiable information back to Redmond every 24 hours.
Ok, that sucks. The article goes on to discuss Microsoft’s definition of spyware, the author’s and others’ definitions and then hits the high/low points of having this stuff around. The conclusion even offers some ways to live with it. The 3rd option is my favorite:
Step 3. Prevent WGA from phoning home to Microsoft servers. The WGA process that calls out to its remote masters can be blocked by 2-way software firewalls such as ZoneAlarm and McAfee. To do so, simply deny the connection when your firewall pops up an alert about Windows Genuine Advantage trying to use the Internet. Alternately, hard-code a denial via the firewall’s user interface. No ill effects of preventing WGA from establishing a connection have been reported.
Just for grins, I took that advice. My software firewall? Microsoft’s Live OneCare (beta) 
I present Exhibit A:
Windows Defender Beta 2 – First glance
Got the new beta 2 of Windows Defender installed tonight, and can confirm that it will cheerfully (and very silently) uninstall the previous beta (windows antispyware) should that currently be installed. Installation is painless, only snag was the usual pain in the butt related to doing the “prove you’re legal” thing with Microsoft whilst using Firefox. Not a huge deal, personally, as I’m pondering spending more time with IE7 beta. Hah, that’ll show ‘em. (besides, much hullaballoo recently about to FF’s memory management).
Boy, how was that for a lead-in paragraph with minimal focus?
First thing I noticed: no tray icon. Had to pop over to the Services control-panel to prove to myself that something was happening. Peeked under Start -> Programs and found the user interface portion. As an aside, the little castle icon for this is just so darned retro… tell me you don’t look at that icon and think Atari 2600 Castle Wars. I dare ya.
I’m very disappointed that it isn’t integrated with OneCare. I truly hope that at some point that will happen — it just seems to make all sorts of sense and (imho) is silly not to integrate these two.
How’s it work? Well, so far I don’t really know. I did some scans and it seems fast enough, but I’m not quite ready to go surf sites that want to pollute my machine. Testing this stuff is awkward sometimes. I suppose I’ll dump it in a virtual machine some weekend afternoon and try to pollute it. The previous beta handled that very well.
Oh, let me warn you to pay attention to scroll bars. I was in the “General Settings” section and initially very disappointed in the limited amount of configurable options. However, second time there I noticed the scroll bar. Turns out there’s more that can be configured. But all in all, this is definitely a simpler version than the previous and “feels” like a whole new app. Not sure if that’s for better or worse yet, but I suppose the non-geeks will be very comfortable with the whole thing.
Here’s what Microsoft says was improved for this release:
- Enhanced performance through a new scanning engine.
- Streamlined, simplified user interface and alerts.
- Improved control over programs on your computer using enhanced Software Explorer.
- Multiple language support with globalization and localization features.
- Protection technologies for all users, whether or not they have administrator rights on the computer.
- Support for assistive technology for individuals who have physical or cognitive difficulties, impairments, and disabilities.
- Support for Microsoft Windows XP Professional x64 Edition.
- Automatic cleaning according to your settings during regularly scheduled scans.
I’ll leave it run for a few weeks and see how it goes.
Referrals and Ads
Flair and Sparklies
