+ Post New Thread
Results 1 to 9 of 9
Internet Related/Filtering/Firewall Thread, New Microsoft Malware Scan and Removal Tool in Technical; Microsoft Safety Scanner - Free online tool for PC health and safety A nice little tool from Microsoft that scans ...
  1. #1

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772

    New Microsoft Malware Scan and Removal Tool

    Microsoft Safety Scanner - Free online tool for PC health and safety

    A nice little tool from Microsoft that scans for and removes Malware, apparently in its initlal run it found 5% infected in the wild mostly through java (big suprise).

    New malware scanner finds 5% of Windows PCs infected - Computerworld

    If it is anywhere near as good as MSE it should be good and as its prepackaged (63MB expires 10 days after download - as defs are out of date) and should hopefully run under the radar of a whole bunch of the task killers.

    Could be useful.

  2. 7 Thanks to SYNACK:

    ChrisH (29th May 2011), Dos_Box (30th May 2011), elsiegee40 (29th May 2011), jamesfed (30th May 2011), PeterW (29th May 2011), PICNIC (30th May 2011), ZeroHour (29th May 2011)

  3. #2

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,793
    Thank Post
    1,789
    Thanked 2,181 Times in 1,616 Posts
    Rep Power
    771
    Thanks for this... just used this to have a go at son's laptop overnight and remove Java exploits not traced by MSE/MBAM/A squared. It's running much faster so hopefully, got everything now. I shall give the other machines in the house a once-over tonight!

  4. #3

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,756
    Thank Post
    3,265
    Thanked 1,052 Times in 973 Posts
    Rep Power
    365
    I think the one thing I find annoying is when any anti malware / anti virus tools find items in the system volume information ( presumably the system restore directory ) it prompts and states it requires a reboot to remove the said items, you then run a second scan and it still finds the same items in the same directory and I understand its down to permissions as the system account is the only one by default on the directory that has full access rights but then

    1. how did they get there if only the system has access rights yet when you want to remove it you cant
    2. How come they havent taken this into consideration for the anti malware tools so that it adds the currently logged on user to have full access rights, remove the infected items and then remove the user from the same list so that it goes back to default or something along those lines so that they can at least remove the infected items instead of requesting a reboot and no changes are made leading the user(s) to a false pre-tense that the viruses will be removed when they are not.

  5. #4

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,793
    Thank Post
    1,789
    Thanked 2,181 Times in 1,616 Posts
    Rep Power
    771
    I often run these things in Safe Mode which appears to be more effective when it comes to both detection and removal.

  6. #5

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,756
    Thank Post
    3,265
    Thanked 1,052 Times in 973 Posts
    Rep Power
    365
    Quote Originally Posted by elsiegee40 View Post
    I often run these things in Safe Mode which appears to be more effective when it comes to both detection and removal.
    I sometimes do run them in safe mode but not paid attention to if it removes the items from system restore in safe mode or not, will test this next time

  7. #6

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,143
    Thank Post
    863
    Thanked 2,695 Times in 2,285 Posts
    Blog Entries
    9
    Rep Power
    772
    @mac_shinobi - The other thing that can cause stuff like this is a rootkit which are really nasty business and many have payloads that stuff the machine with comparitivly harmless malware along with their real payload. By stuffing the machine with so much distracting confettii it makes it very difficult to trace an/or remove the actual root infection. To be frank, if your machine gets rootkitted you need to reinstall it from scrath with at least a full format because you simply can't trust it anymore. Rootkits are tricky and incidious.

    As elsiegee40 says, safe mode it a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.

    Back when I dealt with more viruses by cleaning them rather than just running over the whole machine with a new image I used to have a USB key with UBCD4Win which I could then just add in portable AV/Rootkit/Malware scanners onto it and update them often. The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.

  8. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,756
    Thank Post
    3,265
    Thanked 1,052 Times in 973 Posts
    Rep Power
    365
    Quote Originally Posted by SYNACK View Post
    @mac_shinobi - The other thing that can cause stuff like this is a rootkit which are really nasty business and many have payloads that stuff the machine with comparitivly harmless malware along with their real payload. By stuffing the machine with so much distracting confettii it makes it very difficult to trace an/or remove the actual root infection. To be frank, if your machine gets rootkitted you need to reinstall it from scrath with at least a full format because you simply can't trust it anymore. Rootkits are tricky and incidious.

    As elsiegee40 says, safe mode it a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.

    Back when I dealt with more viruses by cleaning them rather than just running over the whole machine with a new image I used to have a USB key with UBCD4Win which I could then just add in portable AV/Rootkit/Malware scanners onto it and update them often. The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.
    Normally backup as much data as I can after its been scanned and then re image the machine and by the companies policy use sophos 9.5 with latest av defs

  9. #8


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,877
    Thank Post
    226
    Thanked 2,669 Times in 1,968 Posts
    Rep Power
    786
    Quote Originally Posted by SYNACK View Post
    The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.
    There's another trick you can use if you can't find a flash drive with a write-protect switch...

    http://www.ghacks.net/2011/05/13/usb...block-viruses/

  10. #9


    Join Date
    Feb 2007
    Location
    51.403651, -0.515458
    Posts
    8,877
    Thank Post
    226
    Thanked 2,669 Times in 1,968 Posts
    Rep Power
    786
    Quote Originally Posted by SYNACK View Post
    safe mode is a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.
    Since rootkits and trojan's can still run in safe mode, the first thing I always do is scan the computer using Linux anti-virus disc or UBCD4Win. Saves a lot of time.

SHARE:
+ Post New Thread

Similar Threads

  1. MS Malicious Software Removal Tool
    By Jobos in forum How do you do....it?
    Replies: 2
    Last Post: 22nd June 2010, 12:29 PM
  2. Microsoft Corporate Error Reporting Tool
    By ZeroHour in forum How do you do....it?
    Replies: 3
    Last Post: 23rd February 2007, 09:06 AM
  3. Microsoft tool for schools
    By russdev in forum Windows
    Replies: 8
    Last Post: 28th July 2005, 06:15 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •