Linked by fran on Wed 20th Apr 2011 21:31 UTC
Microsoft "Microsoft has released its free Microsoft Safety Scanner. This scans for and removes malware from Windows systems without requiring prior installation. According to AV-Test's Andreas Marx, the on-demand anti-virus scanner appears to be based on the Malicious Software Removal Tool (MSRT), but with the addition of a complete signature database. MSRT used a mini database of widely distributed threats and is distributed monthly via the automatic update function."
Order by: Score:
Cleanup tools...
by umccullough on Wed 20th Apr 2011 23:16 UTC
umccullough
Member since:
2006-01-26

Guess I'll add this one to my list next time I have to do major cleanup on a machine ;)

Reply Score: 2

Needs a LiveCD Option
by jasutton on Thu 21st Apr 2011 01:29 UTC
jasutton
Member since:
2006-03-28

This needs a LiveCD option to be really useful. As long as the malware is running on the OS, then there's still a significant chance that it can re-infect the system after it's "removed" by the AV program. Booting into a separate OS is the only way to guarantee that the malware can't be running when it's removed.

I'm hoping this can be combined with BartPE to make that happen. ;)

Reply Score: 2

RE: Needs a LiveCD Option
by umccullough on Thu 21st Apr 2011 03:41 UTC in reply to "Needs a LiveCD Option"
umccullough Member since:
2006-01-26

I'm hoping this can be combined with BartPE to make that happen. ;)


I was thinking the exact same.

I ran it on my work computer earlier - it runs "in-place" without installation, so I'm guessing if you booted BartPE and then popped in a USB stick with this on it, you'd be set...

Remains to be tested I guess.

Reply Score: 2

RE[2]: Needs a LiveCD Option
by bassbeast on Mon 25th Apr 2011 02:14 UTC in reply to "RE: Needs a LiveCD Option"
bassbeast Member since:
2007-11-11

Actually it looks like a big FAIL to me, and I'm all for free tools. Not only does it have separate 32 and 64 bit versions (WTH? For a virus scanner?) but it expires after 10 days which means give it up putting it on any kind of tool, not unless you want to make three of them a month!

For those that want a REAL tool I'd suggest Malwarebytes along with Stinger and AVG portable, along with Comodo System Cleaner (for cleaning out all the borked reg entries left behind) and Chrome Portable or Firefox Portable (for doing an online scan, using something like Housecall) on a WinPE or bootbale USB key.

Having a 10 day limit is just bogus! I was looking forward to having another tool in my toolbox but making it have an expiration date instead of simply updating on first run is Lame with a capital L!

Reply Score: 1

RE: Needs a LiveCD Option
by twitterfire on Thu 21st Apr 2011 14:23 UTC in reply to "Needs a LiveCD Option"
twitterfire Member since:
2008-09-11

This needs a LiveCD option to be really useful. As long as the malware is running on the OS, then there's still a significant chance that it can re-infect the system after it's "removed" by the AV program. Booting into a separate OS is the only way to guarantee that the malware can't be running when it's removed.

I'm hoping this can be combined with BartPE to make that happen. ;)


That's no need for a live CD. When AV finds a nasty virus, it can reboot the OS in safe mode, without loading start-up programs, services, etc.

Reply Score: 2

RE[2]: Needs a LiveCD Option
by rr7.num7 on Thu 21st Apr 2011 15:16 UTC in reply to "RE: Needs a LiveCD Option"
rr7.num7 Member since:
2010-04-30

Yes, there is. Half the time, the malware is still active in safe mode and cannot be completely removed, (it reinfects the system).

Edited 2011-04-21 15:17 UTC

Reply Score: 1

RE[2]: Needs a LiveCD Option
by umccullough on Thu 21st Apr 2011 19:38 UTC in reply to "RE: Needs a LiveCD Option"
umccullough Member since:
2006-01-26

That's no need for a live CD. When AV finds a nasty virus, it can reboot the OS in safe mode, without loading start-up programs, services, etc.


Wow, you've obviously never encountered a truly nasty infection.

Offline scan is the most assured way to find/remove rootkits, etc.

Even then, once a machine is infected, it's often impossible to know if it's clean, you just pray that the 3 or 4 different AV programs you used found everything (often times, one will miss something that the other finds).

Reply Score: 2

RE: Needs a LiveCD Option
by earksiinni on Fri 22nd Apr 2011 22:52 UTC in reply to "Needs a LiveCD Option"
earksiinni Member since:
2009-03-27

Win 8 to the rescue.

Reply Score: 1

twitterfire
Member since:
2008-09-11

This is a nice move from MS. I hate bloated AV software which have 100+ megs, is always started when Windows boots up and slows and hinders the Os by scanning when it wants and what it wants. I like much more AVs which offer on demand scans.

Reply Score: 2

vodoomoth Member since:
2010-03-30

I totally understand you: I ended up removing the AV from my Vista laptop.
However, unless I'm mistaken, I think most AV programs allow you to deactivate real-time scanning. I've mostly used Avira, it lets you choose between scans at read time, write time or both.

Reply Score: 2

Comment by orestes
by orestes on Thu 21st Apr 2011 20:26 UTC
orestes
Member since:
2005-07-06

Very nice choice from MS for those who may not have access to it's cousin in the MSDaRT toolset.

Reply Score: 2