+ Post New Thread
Results 1 to 9 of 9
Internet Related/Filtering/Firewall Thread, New Microsoft Malware Scan and Removal Tool in Technical; Microsoft Safety Scanner - Free online tool for PC health and safety A nice little tool from Microsoft that scans ...
  1. #1

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    10,683
    Thank Post
    823
    Thanked 2,569 Times in 2,186 Posts
    Blog Entries
    9
    Rep Power
    731

    New Microsoft Malware Scan and Removal Tool

    Microsoft Safety Scanner - Free online tool for PC health and safety

    A nice little tool from Microsoft that scans for and removes Malware, apparently in its initlal run it found 5% infected in the wild mostly through java (big suprise).

    New malware scanner finds 5% of Windows PCs infected - Computerworld

    If it is anywhere near as good as MSE it should be good and as its prepackaged (63MB expires 10 days after download - as defs are out of date) and should hopefully run under the radar of a whole bunch of the task killers.

    Could be useful.

  2. 7 Thanks to SYNACK:

    ChrisH (29th May 2011), Dos_Box (30th May 2011), elsiegee40 (29th May 2011), jamesfed (30th May 2011), PeterW (29th May 2011), PICNIC (30th May 2011), ZeroHour (29th May 2011)

  3. #2

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,034
    Thank Post
    1,680
    Thanked 2,018 Times in 1,492 Posts
    Rep Power
    673
    Thanks for this... just used this to have a go at son's laptop overnight and remove Java exploits not traced by MSE/MBAM/A squared. It's running much faster so hopefully, got everything now. I shall give the other machines in the house a once-over tonight!

  4. #3

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,211
    Thank Post
    2,765
    Thanked 935 Times in 875 Posts
    Rep Power
    343
    I think the one thing I find annoying is when any anti malware / anti virus tools find items in the system volume information ( presumably the system restore directory ) it prompts and states it requires a reboot to remove the said items, you then run a second scan and it still finds the same items in the same directory and I understand its down to permissions as the system account is the only one by default on the directory that has full access rights but then

    1. how did they get there if only the system has access rights yet when you want to remove it you cant
    2. How come they havent taken this into consideration for the anti malware tools so that it adds the currently logged on user to have full access rights, remove the infected items and then remove the user from the same list so that it goes back to default or something along those lines so that they can at least remove the infected items instead of requesting a reboot and no changes are made leading the user(s) to a false pre-tense that the viruses will be removed when they are not.

  5. #4

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,034
    Thank Post
    1,680
    Thanked 2,018 Times in 1,492 Posts
    Rep Power
    673
    I often run these things in Safe Mode which appears to be more effective when it comes to both detection and removal.

  6. #5

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,211
    Thank Post
    2,765
    Thanked 935 Times in 875 Posts
    Rep Power
    343
    Quote Originally Posted by elsiegee40 View Post
    I often run these things in Safe Mode which appears to be more effective when it comes to both detection and removal.
    I sometimes do run them in safe mode but not paid attention to if it removes the items from system restore in safe mode or not, will test this next time

  7. #6

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    10,683
    Thank Post
    823
    Thanked 2,569 Times in 2,186 Posts
    Blog Entries
    9
    Rep Power
    731
    @mac_shinobi - The other thing that can cause stuff like this is a rootkit which are really nasty business and many have payloads that stuff the machine with comparitivly harmless malware along with their real payload. By stuffing the machine with so much distracting confettii it makes it very difficult to trace an/or remove the actual root infection. To be frank, if your machine gets rootkitted you need to reinstall it from scrath with at least a full format because you simply can't trust it anymore. Rootkits are tricky and incidious.

    As elsiegee40 says, safe mode it a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.

    Back when I dealt with more viruses by cleaning them rather than just running over the whole machine with a new image I used to have a USB key with UBCD4Win which I could then just add in portable AV/Rootkit/Malware scanners onto it and update them often. The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.

  8. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,211
    Thank Post
    2,765
    Thanked 935 Times in 875 Posts
    Rep Power
    343
    Quote Originally Posted by SYNACK View Post
    @mac_shinobi - The other thing that can cause stuff like this is a rootkit which are really nasty business and many have payloads that stuff the machine with comparitivly harmless malware along with their real payload. By stuffing the machine with so much distracting confettii it makes it very difficult to trace an/or remove the actual root infection. To be frank, if your machine gets rootkitted you need to reinstall it from scrath with at least a full format because you simply can't trust it anymore. Rootkits are tricky and incidious.

    As elsiegee40 says, safe mode it a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.

    Back when I dealt with more viruses by cleaning them rather than just running over the whole machine with a new image I used to have a USB key with UBCD4Win which I could then just add in portable AV/Rootkit/Malware scanners onto it and update them often. The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.
    Normally backup as much data as I can after its been scanned and then re image the machine and by the companies policy use sophos 9.5 with latest av defs

  9. #8


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,098
    Thank Post
    203
    Thanked 2,383 Times in 1,763 Posts
    Rep Power
    703
    Quote Originally Posted by SYNACK View Post
    The trick is to get one with a read-only switch to protect it from infection itself which are quite hard to come by now.
    There's another trick you can use if you can't find a flash drive with a write-protect switch...

    http://www.ghacks.net/2011/05/13/usb...block-viruses/

  10. #9


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,098
    Thank Post
    203
    Thanked 2,383 Times in 1,763 Posts
    Rep Power
    703
    Quote Originally Posted by SYNACK View Post
    safe mode is a good solution, the other is booting from a live CD like UBCD for Win and running it from that which is likely to get a very large ammount of the stuff out as all the protected system stuff is no longer protected at all and can be propperly cleaned.
    Since rootkits and trojan's can still run in safe mode, the first thing I always do is scan the computer using Linux anti-virus disc or UBCD4Win. Saves a lot of time.

SHARE:
+ Post New Thread

Similar Threads

  1. MS Malicious Software Removal Tool
    By Jobos in forum How do you do....it?
    Replies: 2
    Last Post: 22nd June 2010, 12:29 PM
  2. Microsoft Corporate Error Reporting Tool
    By ZeroHour in forum How do you do....it?
    Replies: 3
    Last Post: 23rd February 2007, 09:06 AM
  3. Microsoft tool for schools
    By russdev in forum Windows
    Replies: 8
    Last Post: 28th July 2005, 06:15 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •