FREE: Microsoft Safety Scanner - Portable antivirus program
#1
Posted 10 May 2011 - 10:24 PM
The Microsoft Safety Scanner was just released a few days ago. The free portable antivirus tool only comes as a simple EXE file and is available as a 32-bit and 64-bit version. The EXE file contains all the virus signatures.
A portable antivirus program is useful whenever you want to scan a PC that lacks antivirus software. If you don't have a Microsoft antivirus scan engine installed (Microsoft Security Essentials or Forefront), you can use the Safety Scanner if you need a second opinion.
… read more of FREE: Microsoft Safety Scanner - Portable antivirus program
Author: Michael Pietroforte
Copyright © 2006-2011, 4sysops, Digital fingerprint: 3db371642e7c3f4fe3ee9d5cf7666eb0
View the full article
#2
Posted 03 June 2011 - 07:20 PM
#3
Posted 03 June 2011 - 07:51 PM
Message is:
Standalone System Sweeper Tool cannot be used on your operating system.
Error code:0000-8004FF04
Quite obviously this error message is NOT among the "help" page topics:
https://connect.micr...24894&mkt=en-us
Naah, it's Service Pack 3 required , found it :
https://connect.micr...24884&mkt=en-us
@steve6375
Maybe you should add a little note to your nice page:
https://sites.google...prepusb/sweeper
Wonko
#4
Posted 03 June 2011 - 08:05 PM
#5
Posted 03 June 2011 - 08:23 PM
Maybe that's it.Works on my XP Atom EeePC (1GB ram) but I had to download Imapi v2.0 KB932716 first and reboot...
I cannot reboot right now, I ran the IMAPI 2.0 installer but it didn't prompt me to reboot.
I'll see if I will be able to try again in a couple of days.
Wonko
#6
Posted 04 June 2011 - 05:24 PM
Is this "thing" trying to burn a CD or something?
#7
Posted 05 June 2011 - 12:10 AM
Yes, since it wants to create a stand-alone, bootable version of their scanner tool...Why is IMAPI required in the first place?
Is this "thing" trying to burn a CD or something?
#8
Posted 05 June 2011 - 11:29 AM
Where does it grab the bootable files from? This is getting interesting..
#9
Posted 05 June 2011 - 12:37 PM
Went to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows" and changed "CSDVersion" from "0x00000200" (SP2) to "0x00000300" (SP3) and rebooted.
Downloading now.
Created the .iso (Advanced ).
It seems like a "normal" PE 3.x (only "dumbed down")
Relevant files should be:
http://download.micr...gepackage32.exe
http://download.micr...tes/mpam-fe.exe
http://download.micr...gepackage64.exe
http://download.micr.../mpam-fex64.exe
Wonko
#10
Posted 05 June 2011 - 01:08 PM
I have updated the page on my website now to show how you can update your USB drive with the latest updates using the MSSE update download (same files!).
https://sites.google...prepusb/sweeper
#11
Posted 05 June 2011 - 01:45 PM
Yep - shift+F10 does not work - so cannot load network drivers and get latest updates.
I have updated the page on my website now to show how you can update your USB drive with the latest updates using the MSSE update download (same files!).
https://sites.google...prepusb/sweeper
Yep, it would be interesting to understand HOW the SHIFT+F10 was disabled, though I think that it's the actual "shell" that is built like that, check the WINPESHL.INI:
[LaunchApp] AppPath = "%ProgramFiles%\OfflineScannerShell\OfflineScannerShell.exe"
https://sites.google...prepusb/sweeper
If using Windows XP, you will need SP3 and you also need to install the Imapiv2.0 Image Mastering tool (KB932716).
Of course it's your page , but that - as just seen - is plain misinformation .
Though NOT for the faint of heart, SP3 is NOT *needed*, all it is needed is to change the relevant key in the Registry, or more simply download directly the files without using the stoopid downloader. (and later create a .iso from the files or make a bootable USB stick out of them)
AT LEAST, you should point out how that is what MS says. (which not always - please read as NEVER - is the "true story" or the "whole story" ).
Wonko
#12
Posted 05 June 2011 - 02:06 PM
#13
Posted 05 June 2011 - 02:57 PM
I guess it's still better than my Porsche :OK, FYI - I drive a Ferrari (actually it's a 2CV but I have stuck a Ferrari badge on the radiator grill, so it is a Ferrari really!).
Wonko
#14
Posted 05 June 2011 - 02:59 PM
#15
Posted 05 June 2011 - 04:40 PM
Deep links may change in future.It seems like a "normal" PE 3.x (only "dumbed down")
Relevant files should be:
Some strings from mssswizard.exe:
How do I restart my computer after using the bootable media
http://go.microsoft..../?LinkID=210165
Help & How-To
http://go.microsoft..../?LinkID=215991
System Requirements
http://go.microsoft..../?LinkID=215992
PE32 imagepackage32.exe
http://go.microsoft....550&clcid=0x409
32 mpam-fe.exe
http://go.microsoft....593&clcid=0x409
PE64 imagepackage64.exe
http://go.microsoft....551&clcid=0x409
mpam-fe.exe
http://go.microsoft....552&clcid=0x409
In adddition read strings from final mssswizard.exe, if a final version is released.
#16
Posted 05 June 2011 - 04:52 PM
Sure.Deep links may change in future.
That will be the future.
The "hardcoded" links seem anyway like "dynamic ones" (unlike the ones I posted earlier which are "direct links" to current files).
It is likely that these "dynamic links" won't be changed anytime soon, otherwise there would have been no reasons to use them instead of the "direct links", but you know, it's still MS, so you can never say.
For the record (missing info in this thread, here for the benefit of the less expert peeps ) the mssstool32.exe (which is the downloader you get) is a SFX that can be opened allright with 7-zip and that contains a few files, including the actual mssswizard.exe file cdob is refeering to.
A suitable tool to get the actual TEXT inside *any* file is BINTEXT:
http://www.mcafee.co...ls/bintext.aspx
Wonko
#17
Posted 05 June 2011 - 05:49 PM
I'm thinking to isolate this ms-ware from doing damage. The last time I ran a similar cleaner, it found something abnormal in my 'nasty' files and auto deleted small ones (100 - 500 KB ones *.exe) even though other normal AVs never reported Trojans.
#18
Posted 05 June 2011 - 06:28 PM
Are you 100% sure you connected properly brain to fingers BEFORE typing the above?If beta Microsoft Standalone System Sweeper tool creates it's own boot files,... basically it gets root access
The result is a bootable PE 3.x, either from CD/DVD or from USB stick, nothing particularly different from *any* other PE around, and there is NO such thing as "root access" on Windows, there is "System" account (what any PE will use).
More generally, you shouldn't have "nasty" files at all , or, should you have them, you should know how to manage them (or NOT run any "similar cleaners", you do understand that the very purpose of a cleaner is to clean, don't you?).
Wonko
#19
Posted 07 June 2011 - 12:48 PM
Not this time around... I'm multi-tasking too much...Are you 100% sure you connected properly brain to fingers BEFORE typing the above?
i meant root in the sense, complete control of hardware (spying ability to report back home for statistics, no firewall to stop them, modifying their OS etc). Its like clicking YES to a license which says "we'll delete whatever we want, we'll open your OSes so our authorized spies can shag you whenever they want. Continue or don't use".The result is a bootable PE 3.x, either from CD/DVD or from USB stick, nothing particularly different from *any* other PE around, and there is NO such thing as "root access" on Windows, there is "System" account (what any PE will use).
More generally, you shouldn't have "nasty" files at all , or, should you have them, you should know how to manage them (or NOT run any "similar cleaners", you do understand that the very purpose of a cleaner is to clean, don't you?).
Wonko
Home users tend to keep too many nasty because they're not business users. I do create back ups and put them on NAS but just to use this app if i'm forced to make a backup... my mind says, better look for "Wonko or reboot approval in posts then driving blind"
#20
Posted 07 June 2011 - 03:46 PM
Any PE will have system privileges.i meant root in the sense, complete control of hardware (spying ability to report back home for statistics, no firewall to stop them, modifying their OS etc). Its like clicking YES to a license which says "we'll delete whatever we want, we'll open your OSes so our authorized spies can shag you whenever they want. Continue or don't use".
Theat's one of the reason why people should build thier own PE and know what he/she puts in it.
The usual way to avoid problems of "spying", "phoning home", etc. is to simply DISCONNECT the PC from network (or dial up telephone or wi-fi card etc.) and work on the offline system.
Sure, a malicious PE could always plant a rootkit or some other nasties, but life is tough, if you don't trust something, don't use it or build your own trusted solution or pay for a solution some professional that you do trust.
I don't see the point , noone has a gun at your head forcing you to use or not use *any* tool.Home users tend to keep too many nasty because they're not business users. I do create back ups and put them on NAS but just to use this app if i'm forced to make a backup... my mind says, better look for "Wonko or reboot approval in posts then driving blind"
This is freedom.
Doing things makes some risks needed to be taken.
Doing nothing makes some other risks needed to be taken.
Decisions, always decisions....
Wonko
#21
Posted 20 June 2011 - 04:18 AM
#22
Posted 06 January 2012 - 04:42 PM
http://reboot.pro/16145/
The new name is seemingly "Windows Defender Offline Beta".
Wonko
#23 Guest_Boot_Monkey_*
Posted 05 October 2012 - 03:09 AM
I have a very tricky environment to run it on, so it's going to be a lot harder for me to get working.
I need to know where people are at with getting it running on their existing disc, and it so, how are they handling the updating?
I'm not sure wether I should edit the MS disc, or edit my own image to contain it within my image.
Any thought? I'm trying not to re-invent the wheel.
Cheers!
#24
Posted 05 October 2012 - 08:24 AM
#25 Guest_Boot_Monkey_*
Posted 11 October 2012 - 12:29 AM
I've noticed that SIW2, has created something. Don't know the details though. He/she has made a niffty little program menu with a button to start the app.
What I need to know, is does WDO have any weird requirements for it to run. I don't mean min specs, but more to do with deps. There are quite a few drivers in it, and not sure if I'll need to copy those.
Anyway, I'll try various things and see how I go.
Update: Here is a log that gets generated when I try to run it from my usual WinPE disc
Info No unattend file was found; WPEINIT is using default settings to initialize WinPE Info ==== Initializing Display Settings ==== Info No display settings specified Info STATUS: SUCCESS (0x00000001) Info ==== Initializing Computer Name ==== Info Generating a random computer name Info No computer name specified, generating a random name. Info Renaming computer to MININT-55K36VR. Info Acquired profiling mutex Info Service winmgmt disable: 0x00000000 Info Service winmgmt stop: 0x00000000 Info Service winmgmt enable: 0x00000000 Info Released profiling mutex Info STATUS: SUCCESS (0x00000000) Info ==== Initializing Virtual Memory Paging File ==== Info No WinPE page file setting specified Info STATUS: SUCCESS (0x00000001) Info ==== Initializing Optional Components ==== Info WinPE optional component 'Microsoft-WinPE-Setup' is present Info WinPE optional component 'Microsoft-WinPE-Setup-Client' is present Info WinPE optional component 'Microsoft-WinPE-WMI' is present Info WinPE optional component 'Microsoft-WinPE-WSH' is present Info STATUS: SUCCESS (0x00000000) Info ==== Initializing Network Access and Applying Configuration ==== Info No EnableNetwork unattend setting was specified; the default action for this context is to enable networking support. Info Acquired profiling mutex Info Install MS_MSCLIENT: 0x0004a020 Info Install MS_NETBIOS: 0x0004a020 Info Install MS_SMB: 0x0004a020 Info Install MS_TCPIP6: 0x0004a020 Info Install MS_TCPIP: 0x0004a020 Info Service dhcp start: 0x00000000 Info Service lmhosts start: 0x00000000 Info Service ikeext start: 0x00000000 Error Service mpssvc start: 0x00000422 Info Released profiling mutex Info Spent 1186ms installing network components Info Spent 0ms installing network drivers Info STATUS: FAILURE (0x80070422) Info ==== Applying Firewall Settings ==== Info STATUS: SUCCESS (0x00000001) Info ==== Executing Synchronous User-Provided Commands ==== Info STATUS: SUCCESS (0x00000001) Info ==== Executing Asynchronous User-Provided Commands ==== Info STATUS: SUCCESS (0x00000001) Info ==== Applying Shutdown Settings ==== Info No shutdown setting was specified Info STATUS: SUCCESS (0x00000001) Warning Applying WinPE unattend settings failed with status 0x80070422; ignoring shutdown settings
Another quick Google shows that 0x80000422 means.........
Error Code 0x00000422
by RegMender Editorial Team, under Win32 Error Codes
Code(DEC): 1058 Code(HEX): 0x00000422 Type: win32 Name: ERROR_SERVICE_DISABLED Description: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users