Microsoft crams its anti-virus technology into Malicious Software Removal Tool

I’m smart enough to engineer a trip to Honolulu a couple of times a year — but somehow, with only a couple of weeks to go till I get to paradise, I wind up in Chelmsford, Mass., where the temperature drops to a posterior-clenching 15 degrees. That means hell has officially frozen over, and I have to rely entirely on Microsoft’s new anti-virus tool.

You can get the MSRT (Microsoft Malicious Software Removal Tool) either from the Microsoft download site or via AutoUpdate. Try the virus tool, and you’ll bump into a scanning wizard that’s aimed at Windows 2000, Windows XP, and Windows Server 2003 platforms only. That leaves Windows 98/ME holdouts in the lurch, which I suppose was to be expected. Now get set for the temporary disappointment.

Where Microsoft’s anti-spyware tool was based on specific anti-spyware technology acquired from another company, the anti-virus solution is based only on existing Microsoft technology. Microsoft has anti-virus technology? Sure, if you count all the previous disparate scanners and removal tools the company has released to combat the nastiest viruses aimed at its platforms. Roll all those suckers into one giant taco and you’re munching on MSRT.

Redmond promises to update MSRT with new anti-virus scanners … every month. Pardon me, good sir: Did you say “every month?” Mayhap your tequila glass is filled a trifle deeper than mine. How for the sake of Cuervo is this supposed to supplant an active anti-virus tool, and why in the name of salt and lime did Symantec’s stock take such a dive after this was announced?

Answer: Because stock brokers are intelligence-challenged and because Microsoft never intended this tool to be an active anti-virus tool. Talk to a Redmond rep in the know, and he or she is actually not so happy with how the tool was positioned in Microsoft’s press releases and the recently issued trade press. Seems the tool was intended solely as a backup to an active anti-virus solution. Where Symantec still makes you download separate removal tools for the worst worm and Trojan offenders, MSRT is designed to make this process automatic via AutoUpdate. Even if you contract the badware, MSRT will eventually nuke it if Norton doesn’t do the job right away. Multiple layers of security, just like all the security gurus are preaching.

Subsequently, this first version scans only for the big boys of badness, including Blaster, Sasser, MyDoom, and a bunch more worming digital diseases. If MSRT finds any of these problems on your machines, it auto-removes them and, of course, prompts for a reboot. While anything that’s automatically pushed out onto large numbers of clients and then performs individual operations on them tends to make IT administrators nervous, MSRT is really pretty tame at the moment because all of its rolled-up scanners have already been tested in the field. Given that Redmond intends to update this toolset every month, that may change, but for the moment, you needn’t worry.

Combine Windows AntiSpyware Beta with MSRT and you’ve got a pretty effective Windows security suite — as long as you’re using them primarily as backup. AntiSpyware can function on its own, but testing over the last couple of weeks has shown us that it works the most effectively when it runs in conjunction with a second anti-spyware package such as Spybot or Ad-Aware.

Some will scoff that this makes them effectively worthless, but they’d be flat wrong. Multiple layers of security is, sadly, a requirement these days, and Microsoft is essentially providing this second tier of security to its customers for free. Sure, the company is largely responsible for the fact that we need to deal with these layers in the first place, and it still isn’t fixing the real problem: namely, the company’s millions of lines of less-than-properly-tightened code. However, both of these tools are effective while posing little risk of unintentional problems. And they’re free. That makes them well worth a look, in my book.