MS System Sweeper! Is this a new tool?

Discussion in 'other anti-malware software' started by ratchet, May 30, 2011.

Thread Status:
Not open for further replies.
  1. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,906
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    -http://www.softpedia.com/progScreenshots/Microsoft-Standalone-System-Sweeper-Screenshot-188854.html

    It will allow you to create a rescue disk/usb. I must say I welcome this!

    It will download a small file and then you'll need an Internet connection to download the needed files. If you make use of an USB, then next time, it will update the malware definitions. (As shown in the images at Softpedia.)

    It's still in beta.
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  4. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Same as the tool included with the Microsoft Diagnostics and Recovery Toolset (MSDaRT).
     
  5. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    It would be interesting to know what the scan options are and how long scanning takes. I've only used the Norton Bootable Recovery Tool once. It did the job of removing the malware, but it only does a full scan and it took a long time - not the best tool in the field where time is a factor.
     
  6. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    MSDaRT has been very handy.
     
    Last edited: May 31, 2011
  7. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    Is MSDaRT free?
     
  8. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    This is much better than NBRT. Along with being free, it's standalone and leaves little traces. The signatures are downloaded right after execution, and before burning the files onto a removable media.
    It also uses Win PE 3, which detect my RAID with no problems. You can choose which system partitions to scan. You can do a quick, full, or custom scan. There are options to configure, including exclusions, scan archives/emails, scan removable drives, and use heuristics.

    Just finished a quick scan which took 9:27. Awesome tool to have.
     
  9. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    No, it isn't.
     
  10. cm1971

    cm1971 Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    727
    I just ran across it on a tech blog and looked for it here. How effective is it?

    -http://securitygarden.blogspot.com/2011/06/setting-up-microsoft-standalone-system.html

    -https://connect.microsoft.com/systemsweeper

    -https://connect.microsoft.com/systemsweeper/content/content.aspx?ContentID=24894

    -http://www.microsoft.com/security/portal/Definitions/ADL.aspx
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Probably a bit better than MSE, due to malware being dormant. The interface looks very similar, and signatures are most likely identical. I'll try checking engine version later.

    Client Version: 2.0.213.0
    Engine Version: 1.1.6903.0
    Antivirus definitions: 1.105.2325.0
    Antispyware definitions: 1.105.2325.0
     
    Last edited: Jun 20, 2011
  12. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Actually, the UI resembles the one from Windows Defender and not MSE. I wonder why not MSE, though... it's prettier. :D
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Somehow I forgot about the new MSE interface.
     
  14. Spooony

    Spooony Registered Member

    Joined:
    Apr 30, 2011
    Posts:
    514
    I got one request to the vendors out there. If you release products please keep the names under 1 tag with a different extension in the job it does. I mean there are hundreds of thousands of rogue malware out there using names like XP aNTIVIRUS etc etc. I mean Ms sweeper sounds like something you would name a rogue.
     
  15. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    My main questions would be:
    1. will this automatically repair system settings after one of those rogue apps (e.g. broken .exes);
    2. and will it replace infected system files?

    Can do all this manually, but it'd be nice (as a Microsoft tool) that it might automatically scan and detect for the common changes that you see with fake AVs and Fake.HDD utils.
     
    Last edited: Jun 28, 2011
  16. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    The program adds approximately 200 MB of files to the system partition.
     
  17. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    Odd considering the system partition is only 100mb.
     
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Yes true. I meant the partition where Windows is installed, which Microsoft calls the boot partition. Anyway, I wasn't sure if others were aware of this behavior. I believe the folder created is in \windows.
     
  19. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    For me, it added "6725ded7b3a703427269dc840a80325f" folder to my larger data partition.

    Has anyone seen it detect a file? What choices were given to the user?
     
  20. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Is that the folder containing roughly 200 MB?
     
  21. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It's currently empty. I found the other folder, and it's 1.07 GB :eek:, because of old definitions. Is it safe to delete it?
     
  22. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I did, with no ill effects. Can you report the exact folder location, for the benefit of others reading this who might want to delete it?
     
    Last edited: Oct 1, 2011
  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    C:\Windows\Standalone System Sweeper and E:\6725ded7b3a703427269dc840a80325f (D: is my DVD drive).

    Will add the custom rule on CCleaner.
     
  24. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    They have released a new version, now named Windows Defender Offline, and it looks exactly like MSE v4 beta.

    Images at Softpedia -http://www.softpedia.com/progScreenshots/Windows-Defender-Offline-Screenshot-202025.html
     
  25. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
    And MSE4 has restricted options as i read last days - due some complaints from
    other antimalware authors :rolleyes: Is same for "Windows Defender Offline"?

    (anyway - WD is disabled here i use MBAM/ondemand)
     
Loading...
Thread Status:
Not open for further replies.