back to article Microsoft spells out new rules for exiling .EXEs

Microsoft has updated the methodology it uses to define adware, a move designed to make it clearer just what the company considers worthy for removal by its malware tools. Redmond's new rules are simple: an application is adware if any of the following criteria are met: It breaks the “unwanted behaviour” rules (in more …


This topic is closed for new posts.
  1. Tannin


    Full credit to Microsoft in this instance. (And if you know me, that's not something I say often or easily.) This is very welcome news.

    1. Anonymous Coward
      Anonymous Coward

      Re: Kudos

      Man, the MS shills are getting up early these days! What are they paying you to say these things?

      1. Wzrd1

        Re: Kudos

        "Man, the MS shills are getting up early these days! What are they paying you to say these things?"

        I'm an information security professional, but a former BOFH.

        My very first thought was yours, followed instantly by "what if" licensing bullshit.

        Knowing quite well Microsoft's leverage habits and licensing games, I call bullshit and suggest it's a ploy to either extort other software providers fees to support their software and updates or the most laden in support requirements feature in the history of mankind.

        Consider how many updates there are for the shitware Adobe Flash, Java and its seventeen million fixes, then consider smaller company software, such as Autocad and open source software.

        Knowing Microsoft's history, it's either the most laden for support good idea or it's a poison pill, as any who refuse to pony up and is popular will lower the usage of the OS.

        In one, I'm thinking in particular. Adobe Flash, as Facebook is built upon it and requires incessant updates for their nonsense games to work.

        And to be honest, is the quickest reported problem in an the update system.

        When the worker is pissed off that their favorite "program" doesn't work, the helpdesk overflows. We get notification.

        So, with no due respect to either fanboy calls or fanboy denouncer nonsense, I'll sit back and kick into play either side of the aisle and see who remains standing.

        My preferred vote is for one of the *BSD, though not Apple's version.

        And for full disclosure, I'm using a MacBook Pro. Which gave me major heartburn to properly secure, but retain operational status.

    2. Wzrd1

      Re: Kudos

      Know *my* first thought?

      Adobe has to pay up or be blocked for updating by SCCM or other remote update.

      The same for Oracle for Java.

      Leaving all non-Microsoft software not updated and leaving *all* systems not using 100% Microsoft products vulnerable.

      Well, unless they and all open source product producers pay up.

    3. William Boyle

      Re: Kudos

      Personally, I want a "I don't want ANY adware on my system!" option. IE, nuke it all!

  2. Paul 129

    Pot meet Kettle..

    For a laugh....

    Ask those questions of Microsofts own software

    Oh and be fair

    Ignore the rule 'Falsely claim to be a program from Microsoft.'

    and then see how your microsoft software checks out.... I'm wondering what they have that passes

    1. big_D Silver badge

      Re: Pot meet Kettle..

      A future brother-in-law bought a new PC last week and tried to set it up himself, but had problems.

      When I got there, I found 30 instances of 5 differrent click-jackers on the machine! It seems many came over from his old XP machine, which had around 200 instances of malware on it! :-O

      Malwarebytes managed to clean up the mess, but Avira said both PCs were clean!

      1. Wzrd1

        Re: Pot meet Kettle..

        "When I got there, I found 30 instances of 5 differrent click-jackers on the machine! It seems many came over from his old XP machine, which had around 200 instances of malware on it!"

        Well, I had a brand new XP box and deployed to the Middle East.

        Within a minute of *modem* connection, I saw connection to my $C.

        I terminated connection and examined what Gateway sold me, software wise, in rather a bit of detail.

        When I reconnected, I had already ascertained no rootkit nonsense, no new connections to C$ and admin$ was long gone (thank the Gods of careless Computing for letting me miss that!).

        One burst of intracranial flatulence is all that it takes.

        As for Microsoft, my wife had a Vista64 box that was incorrigibly slow. *Nothing* this old BOFH could do could make it run reasonably.

        I upgraded to Linux.

        The 64 bit system operates as advertised. Even her Facebook bullshit games work far, far, far, far better. Which means attempts at consuming 100% memory, but failing to and still operating.

        Even better, it plays moving pictures of our grandchildren quite well!*

        *Intentional use of a relatively ancient term. I'm equally comfortable in a low tech, no tech or high tech environment, operationally. I far prefer high tech for comfort. ;)

        1. Anonymous Coward
          Anonymous Coward


          Well, I had a brand new XP box and deployed to the Middle East.....

          I upgraded to Linux.

          Shock, fucking horror, an obsolete, 13 year old system is not a secure as a brand new one.......

          1. Anonymous Coward
            Anonymous Coward

            Re: @Wzrd1

            "Shock, fucking horror, an obsolete, 13 year old system is not a secure as a brand new one"

            So, what's your point?

            1. ByeLaw101

              Re: @Wzrd1

              Agree or disagree, I think that was his point.

            2. southpacificpom

              Re: @Wzrd1

              Well the point probably is that file extensions (.exe .bat etc) are still being used with Windows. Any virus/malware could instantly go after files based on their extensions.

          2. Anonymous Coward
            Anonymous Coward

            Re: @Wzrd1

            Possibly that MS allowed all this type of rubbish to be installed for the past 13 years and are only now getting round to doing something about protecting their users. ('Users' to differentiate between those who know what they're doing and the more typical MS customer)

    2. Anonymous Coward
      Anonymous Coward

      Re: Pot meet Kettle..

      I agree, but it's not limted to them, they are all bloody at downloading shit you don't want.

      Sourceforge, MS, Adobe, Java,Google.

      "Free" these days means spending 10 minutes avoiding the obvious links and looking for the direct ones.

  3. Dunhill

    internet explorer ?

    I just read the "Evaluation criteria"

    And the first thing that pops up in my mind is :

    internet explorer, active-x and conduit

    They rate very good with the given criteria

    I am not a real windows user so i can be very wrong


  4. king of foo


    Just for Monday morning s***s and giggles pretend you are reading an advert for windows 8 and windows store.

  5. Hans 1 Silver badge

    Will the Malicious Software Removal Tool uninstall Windows next ? Because anytime I open internet explorer, for example, I get a popup that takes me to some unknown website to setup my browser - no idea why it wants to go online, I close the bugger immediately anyway. Since sir BG said ie is integral part of windows, I wonder how the previously mentioned tools will remove the browser with the OS and without removing itself ... Like the UNIX "sudo rm -rf /" dilemma.

    DISCLAIMER: All I want to do in ie is see if window cleaners can access my site ...

  6. Mystic Megabyte Silver badge

    Too late

    The reason that I abandoned Windows was that I spent more time running programs to eliminate malware than actually using it productively.

    Last week I saw the first pop-under in years while running Chromium on Xubuntu and visiting (Warning! It's best not to visit this site if you're running Windows)

    1. cambsukguy

      Re: Too late

      One pop-under, still empty after 10s, nuked, didn't return.

      Played a bit of Gravity ( I think this site shows movies they do not have the rights to!). No popups or pop-unders.

      No extra guff on my IE11, apart from, obviously, the standard pop-up blocker.

    2. Anonymous Coward
      Anonymous Coward

      Re: Too late

      So that's it...

      Someone told me to look for that, but didn't give the spelling. I went looking for 'yiffy' instead and assumed it was their idea of a practical joke.

  7. adnim Silver badge

    They missed a rule...

    It shows advertisements.

  8. MacGyver

    Translation: Coming soon, no side-loading.

    They're keeping us safe, from ourselves.

    I only read this as brick number 1 in their soon to be coming "Walled Garden". So if you like the Apple App store you'll love this.

    Soon we'll all need to be "hackers" if we want to install a 3rd party non-approved Minesweeper game.

    1. Charlie Clark Silver badge

      Re: Translation: Coming soon, no side-loading.

      Yes, the certification stuff is supposed to make people play nice.

      1. malle-herbert

        Re: Translation: Coming soon, no side-loading.

        Yeah, as long as nobody leaks the certificates !

      2. adnim Silver badge
        Big Brother

        Re: Translation: Coming soon, no side-loading. - corrected

        Yes, the certification stuff is supposed to make people do what they want.

  9. Anonymous Coward
    Thumb Up

    Your Computer is Running Slow...

    The rules affecting this kind of popup will be of help to those who aren't tech savvy. Whatever the implications for making money off of other biz, normal users who are worried they have a slow PC because someone says they have will benefit.

    1. Woodgar

      Re: Your Computer is Running Slow...

      I once had to field a help desk call from a new PC user who had barely got his brand new computer on line before getting pop-ups telling him his machine was low on memory and he should buy some more.

      It took me ages to convince him it was just an advertisement, and that there was nothing wrong with what we'd just sold him.

    2. McHack

      Re: Your Computer is Running Slow...

      So you agree I need to dump Windoze and install Linux. Excellent!

      Time on WinXP partition after login (root) until I can do something other than click away notifications: 3 minutes.

      Time on Debian partition after login to Xfce desktop ready to go: 3 seconds.

  10. All names Taken
    IT Angle

    is it doable?

    filename something like: blahblah.123.exe.567

    Remove last 4 characters in name string

    activate the renamed attachment?

    1. Suricou Raven

      Re: is it doable?

      Malware makers are getting better than that. I recently received a file on Skype - something like image_2039847rcs.jpg.

      Harmless jpeg? Not quite. Because what you can't see is the unicode text direction control character inserted before the 'rcs' that makes everything following it display in right-to-left order. The real filename is image_2039847(UNI-WEIRD)gpj.scr. Windows screensaver, executable.

      The obvious partial solution would be for MS to release a patch that makes Explorer ignore unicode direction control characters in filenames, and refuse to load any executable that has one.

  11. Anonymous Coward
    Anonymous Coward

    Those 3 little letters


    It does amuse me how windows is blinded to file type if those 3 little letters are missing or screwed up.

  12. kmac499

    Thankyou MS

    At last an automatic way to remove BING desktop..

    1. cambsukguy

      Re: Thankyou MS

      It wasn't installed automatically, why should it uninstall automatically?

      It certainly will uninstall via the control panel app so why is this a problem?

  13. McHack

    Repeat in English, please.

    The provider of the software has to be clearly identified, you have to be able to close advertising windows, and the software has to be uninstallable “using the same name as shown in the ads [the software] produces”, Microsoft states.

    The software is the technically-free Fluffy Mice Dice game, it produces ads for the Fluffy Mice Dice game, and if the software is honestly named FluffyMiceDice.exe and labeled Fluffy Mice Dice, it must be impossible to install the software?

  14. Tree

    Foolbars for fools!

    Anything from CNet certainly fails. Microsoft would be good just to block that DOWNLOAD*COM website totally. To download freeware one needs an installer program. It is insane that MacAfee is installed with everything as well as other useless junk. Many of these freeware sites have turned into malware installers. Toolbars for tools and foolbars for fools!

  15. J.G.Harston Silver badge

    "out-of-context" is an adjective not a noun.

    The advertising is out of context.

    It is out-of-context advertising.

    Jeez, you're getting as bad as the Guardian.

  16. Anonymous Coward
    Anonymous Coward

    I switched OS because I didn't learn how to use it

    It cracks me up when I see all these guys with this story...

    " I used to have Windows but got so many pop ups I had to go running to Linux/Mac/another OS"

    Really? You don't know what a firewall is? You don't know how to install another browser? You are not familiar with ad blocking? Pop up blocking? You click on every advertisement, is that what you do? You go surfing for naughty bits on your main PC? Oh boy...Hahaha....

  17. Kwac

    Douglas Adams was right!

    Yet again Adams' comments about Bill Gates as the 'knight in shining armour' coming to rescue us are shown to be true.

    Which company was so lax that it allowed all this crud through in the first place?

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019