OSNews:

OSNews: http://www.osnews.com/story/24655/Microsoft_Makes_Portable_Anti-Virus_Tool_Available Exploring the Future of Computing en-us Copyright 2001-2013, David Adams adam+nospam@osnews.com Fri, 24 May 2013 08:58:10 GMT http://www.osnews.com/images/osnews.gif OSNews.com http://www.osnews.com Cleanup tools... http://www.osnews.com/thread?470731 http://www.osnews.com/thread?470731 Guess I'll add this one to my list next time I have to do major cleanup on a machine

Wed, 20 Apr 2011 23:16:00 GMT donotreply@osnews.com (umccullough) Comments Needs a LiveCD Option http://www.osnews.com/thread?470736 http://www.osnews.com/thread?470736 This needs a LiveCD option to be really useful. As long as the malware is running on the OS, then there's still a significant chance that it can re-infect the system after it's "removed" by the AV program. Booting into a separate OS is the only way to guarantee that the malware can't be running when it's removed.

I'm hoping this can be combined with BartPE to make that happen.

Thu, 21 Apr 2011 01:29:00 GMT donotreply@osnews.com (jasutton) Comments RE: Needs a LiveCD Option http://www.osnews.com/thread?470741 http://www.osnews.com/thread?470741

I'm hoping this can be combined with BartPE to make that happen.

I was thinking the exact same.

I ran it on my work computer earlier - it runs "in-place" without installation, so I'm guessing if you booted BartPE and then popped in a USB stick with this on it, you'd be set...

Remains to be tested I guess. Thu, 21 Apr 2011 03:41:00 GMT donotreply@osnews.com (umccullough) Comments RE: Needs a LiveCD Option http://www.osnews.com/thread?470762 http://www.osnews.com/thread?470762

This needs a LiveCD option to be really useful. As long as the malware is running on the OS, then there's still a significant chance that it can re-infect the system after it's "removed" by the AV program. Booting into a separate OS is the only way to guarantee that the malware can't be running when it's removed.

I'm hoping this can be combined with BartPE to make that happen.

That's no need for a live CD. When AV finds a nasty virus, it can reboot the OS in safe mode, without loading start-up programs, services, etc. Thu, 21 Apr 2011 14:23:00 GMT donotreply@osnews.com (twitterfire) Comments Microsoft does some nice things from time to time http://www.osnews.com/thread?470763 http://www.osnews.com/thread?470763 This is a nice move from MS. I hate bloated AV software which have 100+ megs, is always started when Windows boots up and slows and hinders the Os by scanning when it wants and what it wants. I like much more AVs which offer on demand scans. Thu, 21 Apr 2011 14:26:00 GMT donotreply@osnews.com (twitterfire) Comments RE[2]: Needs a LiveCD Option http://www.osnews.com/thread?470768 http://www.osnews.com/thread?470768 Yes, there is. Half the time, the malware is still active in safe mode and cannot be completely removed, (it reinfects the system).Edited 2011-04-21 15:17 UTC Thu, 21 Apr 2011 15:16:00 GMT donotreply@osnews.com (rr7.num7) Comments RE[2]: Needs a LiveCD Option http://www.osnews.com/thread?470782 http://www.osnews.com/thread?470782

That's no need for a live CD. When AV finds a nasty virus, it can reboot the OS in safe mode, without loading start-up programs, services, etc.

Wow, you've obviously never encountered a truly nasty infection.

Offline scan is the most assured way to find/remove rootkits, etc.

Even then, once a machine is infected, it's often impossible to know if it's clean, you just pray that the 3 or 4 different AV programs you used found everything (often times, one will miss something that the other finds). Thu, 21 Apr 2011 19:38:00 GMT donotreply@osnews.com (umccullough) Comments Comment by orestes http://www.osnews.com/thread?470785 http://www.osnews.com/thread?470785 Very nice choice from MS for those who may not have access to it's cousin in the MSDaRT toolset. Thu, 21 Apr 2011 20:26:00 GMT donotreply@osnews.com (orestes) Comments RE: Microsoft does some nice things from time to time http://www.osnews.com/thread?470821 http://www.osnews.com/thread?470821 I totally understand you: I ended up removing the AV from my Vista laptop.
However, unless I'm mistaken, I think most AV programs allow you to deactivate real-time scanning. I've mostly used Avira, it lets you choose between scans at read time, write time or both. Fri, 22 Apr 2011 06:59:00 GMT donotreply@osnews.com (vodoomoth) Comments RE: Needs a LiveCD Option http://www.osnews.com/thread?470870 http://www.osnews.com/thread?470870 Win 8 to the rescue. Fri, 22 Apr 2011 22:52:00 GMT donotreply@osnews.com (earksiinni) Comments RE[2]: Needs a LiveCD Option http://www.osnews.com/thread?470955 http://www.osnews.com/thread?470955 Actually it looks like a big FAIL to me, and I'm all for free tools. Not only does it have separate 32 and 64 bit versions (WTH? For a virus scanner?) but it expires after 10 days which means give it up putting it on any kind of tool, not unless you want to make three of them a month!

For those that want a REAL tool I'd suggest Malwarebytes along with Stinger and AVG portable, along with Comodo System Cleaner (for cleaning out all the borked reg entries left behind) and Chrome Portable or Firefox Portable (for doing an online scan, using something like Housecall) on a WinPE or bootbale USB key.

Having a 10 day limit is just bogus! I was looking forward to having another tool in my toolbox but making it have an expiration date instead of simply updating on first run is Lame with a capital L! Mon, 25 Apr 2011 02:14:00 GMT donotreply@osnews.com (bassbeast) Comments