Articles & Presentations

Monday, June 6, 2011

(U) Microsoft release MS Standalone System Sweeper




Microsoft has just released a bootable malware detection tool that you create two Bootable media (USB or CD/DVD), one for 32bit and another for 64bit systems. You boot these CD's or thumb drives and they will scan your system for known malware, viruses, root-kits, etc.

Why is this good? In order to get a good idea if you are infected, you should not trust your own system that could be compromised and thus the results from local scans compromised or affected by potential malware, which they are masters of BTW.

You should first start from a known clean system and this is where the bootable CD's/USB come into play. Being a CD, it can't be written to once burned and thus gives you a clean look at a system that you might have that is behaving oddly.

I like these bootable media options better than using your installed AV or Malware protection to scan for malware since the bootable devices you created hopefully were created from known clean machines.

MS also let's you build a USB thumb drive device as well. You will need to have the latest IMAPI2 drivers loaded for the CD or USB creation to work, or you can create an ISO and burn it from your favorite burning software.

Of course if your system is acting oddly, you can just do what I usually recommend... Format your drive and reinstall Windows... Now you know you are clean. Of course follow my Top 10 items to do when rebuilding from my 'Don't Click on That', presentation.

Download MS System Sweeper from here

#InfoSec #DontClickOnThat