- Poll: How reliable are ChatGPT and Bing Chat? - Tue, May 23 2023
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
The Microsoft Safety Scanner was just released a few days ago. The free portable antivirus tool only comes as a simple EXE file and is available as a 32-bit and 64-bit version. The EXE file contains all the virus signatures.
A portable antivirus program is useful whenever you want to scan a PC that lacks antivirus software. If you don't have a Microsoft antivirus scan engine installed (Microsoft Security Essentials or Forefront), you can use the Safety Scanner if you need a second opinion.
Safety Scanner offers three scanning options: quick, full, and customized. Quick scan searches in "areas of the system most likely to contain viruses, spyware, and other potentially unwanted software." It is unclear where these "areas" are. Therefore, I wouldn't use this option because an antivirus scan only makes sense if you are more or less certain afterwards that the system is clean. The customized option is useful if you already suspect that a virus has infected a certain folder. In most cases, a full scan is the best option.
Safety Scanner has three major downsides. The antivirus patterns can't be updated, the tool can only be used for 10 days after the download, and it doesn't run on Windows PE.
I have been searching for quite a while for a portable antivirus program that runs on Windows PE. When I tried to start Safety Scanner on Windows PE 3.0, the anti-malware tool quit with an enlightening message "An error has occurred." Some viruses can only be removed in offline mode. Thus, it is somewhat disappointing that Safety Scanner does not run on Windows PE.
Online updates are probably not supported because the Safety Scanner only consists of a single EXE file. However, technically, it would be possible to modify those parts of the EXE. Thus I hope that Microsoft adds this feature in a future version.
The 10-day restriction is probably related to the fact that Safety Scanner can't be updated. This makes sense from a security point of view, but this means that you have to download the 70MB file every time you want to use the tool. This reduces the usability of Safety Scanner significantly.
Please let me know if you know of a portable antivirus program that works on Windows PE.
Microsoft Safety Scanner
Want to write for 4sysops? We are looking for new authors.
I don’t like this portable Safty Scanner from Microsoft.
You told a lot of things why it is not the best choice, my main problem with this scanner is, that it isn’t for offline use available. (For example on WinPE.)
You asked for tools working on WinPE. May be you can use ClamAV from portableapps.com: http://portableapps.com/apps/security/
In my opininon this is the only way to include an AV-product into a WinPE.
My favourite is the rescue Disk from Kaspersky it’s a bootable CD (or you can save it on USB-Stick) which runs linux. But its gui is realy good, so every Windowsuser can use this tool without a lot of explanation.
You can get it from there: http://support.kaspersky.com/faq/?qid=208282173
There are a lot more AV-Companies giving free Rescue Disk to everybody. I haven’t one yet which you can’t download new updates. So you could burn the CD ones, boot your PC and download the rest of the Updates via Internet, sometimes you could also place them on stick and include it on your running AV.
I’ve used the AVG Rescue CD http://bit.ly/lOb1ei a few times with great results. It’s basically a Live Linux boot CD (can also go on a USB).
I’ve also used ClamWin portable before but have had issues with it not downloading updated signatures properly. I think it works in WinPE but not 100% sure
Thom, thanks for the tip about AVG Rescue CD. I will have a look at it. When I tried ClamWin a year a ago it didn’t work on Windows PE 3. Do you know if a new version has been released since then?
Scrapheap, thanks. I will also try Kaspersky Rescue Disk.
Increase the scratch-space of your PE image to 256MB. Doing that I was able to get Safety Scanner (32bit) to work in PE 3.1 almost perfectly (can’t do a partial scan since when I try to browse for a location it just gives me a blank box).
I think it just needs a temporary area to extract the virus definitions to before it can scan, and if you don’t change the default scratch space it runs out of room.
On MSERT – I changed the TEMP Vars to the usb-thumbdrive and it still doesn’t work – well: screw it….
I use the McAfee Command Line Scanner and Stinger.
Over 10 days ago I downloaded the microsoft saftey scanner.
Today it told me it was out of date. I deleted it and downloaded it again. When I tried the run the software, a message came up saying that a “side by side” portion was missing. I deleted it and went back to the site to make sure I had downloaded the 32 bit version. When I tried to run it, I got the same error. I don’t understand why it will not run after downloading it. Any suggestions?
Tom, did you try to download it a second time?
i still not use this.