Windows Update no longer allows us to skip MRT.exe

When performing monthly updates, my Windows 7 computer ‘Mithral’, and my Windows 8.1 laptop ‘Maverick’, are also programmed by Microsoft, as usual, to run the “Malicious Software Removal Tool”, aka ‘MRT.exe’ . On ‘Mithral’, this scan takes more than 40 minutes, while on ‘Maverick’, this only takes less than 10 minutes. So what I used to do on ‘Mithral’, was to kill the actual process, ‘MRT.exe’, in the Task Manager, in order to speed along the update, while not doing so on ‘Maverick’, where I allowed the scan to complete.

I do not really need to be told once per month, that my computers are free of malware.

But starting with the most recent update, Microsoft no longer allows us to do this. When I killed the process ‘MRT.exe’ on ‘Mithral’ today, as part of an update that was a few weeks past due, my doing so was logged as an official Failure, of one of the components, in the Update History Log. This does not yet hinder operation of the computer, and we are allowed to run ‘MRT.exe’ ourselves whenever we feel like doing so. Thus, in order to make it up to the updater, for having killed the process prior to the restart, I ran ‘MRT.exe’ as an administrative user.

AFAIK, This move by Microsoft is part of an honest effort, to make our computers more secure.

But when I ran ‘MRT.exe’ manually, I discovered why the scan took 45 minutes on ‘Mithral’, that only takes 10 minutes on ‘Maverick’.

Apparently, when ‘MRT.exe’ does its Fast Scan, it finds issue with a software installation on ‘Mithral’, that is named “Crystal Space”. Crystal Space is an Open-Source 3D Game Development SDK, which should not contain any malware, and which I do not make active use of in practice. I custom-compiled it. But for some reason it triggers ‘MRT.exe’ into an alarm. In response to this alarm, ‘MRT.exe’ next proceeds to do an In-Depth Scan of the Crystal Space folder, which is what takes so long.

And then as a result of the In-Depth Scan, ‘MRT.exe’ actually determines that no threat was found. I know this because when we run ‘MRT.exe’ manually, it displays a nice little GUI, in which we can see its progress. It first thinks it finds infected files, but after the In-Depth Scan it displays that “No Malicious Threats (sic) Were Found.”

I have an observation about this behavior. The Crystal Space version I have installed on ‘Mithral’ is an old, archaic coding example. And sometimes, the way old code is compiled and linked can set off anti-malware software, without being malware.

In any case the GUI has answered a long-standing question to me, as to why this scan was always taking so long. Apparently, ‘MRT.exe’ was doing exactly the same thing, in past cases when I allowed it to complete.

And I do not have Crystal Space installed on ‘Maverick’.

Dirk

 

Print Friendly, PDF & Email

Why I Am Happy, that my Computers Are Working Again

The recent power failures left me in quite a state of distress, not knowing what the fate of my computers would be.

The computer acting as my Web server, ‘Phoenix’ is a Linux computer, running a “Debian” version of Linux, and a flavor of that, which is “Kanotix / Spitfire” . After the second power interruption this morning, ‘Phoenix’ was actually easier to restart fully, than my Windows 7 machine ‘Mithral’ was. This was somewhat reassuring, since ‘Mithral’ has stronger hardware, and since If the software on ‘Mithral’ was ever permanently messed up, I could in fact try to resurrect it by installing Linux on it. It seems that Linux was after all more stable than Windows.

But what happened to ‘Phoenix’ was also better than a scenario would have been, which I had running through my head between 7h30 this morning and 12h00, the time at which I got ‘Phoenix’ running again.

I had had the scenario in my head, that ‘Phoenix’ could have started to perform an ‘unattended upgrade’, at the moment the power went off, a coincidence which I would have been unaware of.

Luckily, this was not what happened.

But had this happened, my own version of what would have gone wrong differs slightly from the official version, according to which the package manager would simply have gotten jammed in some locked state.

There happen to be other power-users, who complain on the Kanotix user forum, that they had been running a lengthy upgrade while their power was strangely cut. Those people ask for Expert support in unjamming their package manager, which more detached people on the forum give advice on how to do.

According to me, they had such a hard time unjamming their package manager, because this is not all that was wrong with their computers. According to me, those users suffered from two problems at once: A jammed package manager, plus A corrupted file system.

I had a vision of having to approach the Kanotix user forum with the familiar line, ‘An upgrade was running, when the plug was pulled.’ But luckily, no upgrade was running at that time…

…And, there is a specific reason why No Unattended Upgrades Were Running. After I rebooted ‘Phoenix’ successfully, I performed the upgrades manually, which were to have run, just to confirm that my package manager still works 100% .

Link To Previous Posting

Dirk

 

Print Friendly, PDF & Email

Again, my blog went down due to a power failure.

Yesterday, on the Island Of Montreal, we were experiencing some extreme weather. And, I host my blog on my own, private computer, acting as server. Due to the power failure which already took place last night, my blog went down then. And I wrote about this in this previous blog posting.

That event left many tree branches hanging in the power lines, which stayed there overnight. But alas, this morning, my power failed again around 6h45. And then, to aggravate my nerves, the power came on again for two seconds around 7h00, after which it promptly went off again. And the power came on for another two seconds, around 7h15, after which it went off again.

Naturally, in this situation I could not assume, that even if the power would have come on again at let us say 7h30, it would have stayed on. And so I did not restart my server this morning.

Presumably, the Hydro-Quebec crews have cleared the branches from the power lines by now, without electrocuting their workers.

But this blog would only have started to become visible again, around 12h00 or so today.

I apologize for any confusion this might have caused.

Dirk

 

Print Friendly, PDF & Email

My blog was down tonight due to a power failure.

This blog is being hosted privately, on my own computer, acting as server. And for this reason, it is sensitive to such factors as power failures. I do not have a backup server, nor a UPS, the way hosting services would have.

In Montreal, we have been having difficult weather, with sleet turning into genuine freezing rain. As a result, a power failure did hit me at 22h40 this evening. The blog should have started to become accessible again after 23h40.

The actual power failure only lasted for 10 minutes, from 22h40 to 22h50. But I only restart my computers after I am convinced that consecutive p0ower failures are unlikely. And during the coming day, on February 25, additional power failures are possible, because while the freezing rain is officially over, wind gusts up to 60 km/H are forecast.

Thank you for understanding.

Dirk

 

Print Friendly, PDF & Email