The MASM Forum

General => The Workshop => Topic started by: hutch-- on March 20, 2023, 11:38:04 AM

Title: Microsoft on demand AV scanner
Post by: hutch-- on March 20, 2023, 11:38:04 AM
Best downloaded directly before doing a scan to get the latest data. Comes at the right price.  :biggrin:

https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/safety-scanner-download?view=o365-worldwide (https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/safety-scanner-download?view=o365-worldwide)

Have a look at this URL for more on demand AV scanner.
https://www.lifewire.com/free-on-demand-virus-scanners-1356635 (https://www.lifewire.com/free-on-demand-virus-scanners-1356635)
Title: Re: Microsoft on demand AV scanner
Post by: NoCforMe on March 20, 2023, 06:16:58 PM
Downloaded it (64-bit version), ran it, got this:
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 20, 2023, 06:35:21 PM
You may have the default Microsoft AV wound up too tight so it blocks its own on demand scanner. Works fine here.
Title: Re: Microsoft on demand AV scanner
Post by: NoCforMe on March 20, 2023, 06:47:01 PM
Nope, don't think so: I practically disabled Windows Defender, even explicitly excluded MSERT.exe. Still no go.

It looks like a certificate problem. BTW, this is the same reason I couldn't install AVG on this computah; no valid digital certificate found. Aaaargh.
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 20, 2023, 10:50:48 PM
Kaspersky didn't find any... :rolleyes:
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 21, 2023, 02:13:50 AM
Hi David,

If I remember correctly, you are running Win7 64 which may not support it. Try the Kaspersky KVRT.EXE, it may work on Win7.
Title: Re: Microsoft on demand AV scanner
Post by: TimoVJL on March 21, 2023, 03:04:16 AM
Works for me in Windows 7 64-bit
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 21, 2023, 03:59:41 AM
For me, too. It may take a while, and I am very curious to see the results :mrgreen:
Title: Re: Microsoft on demand AV scanner
Post by: TimoVJL on March 21, 2023, 05:38:58 AM
One laptop with Windows 7 64-bit started install updates and then canceled them.
Hopefully it recover from that episode.

EDIT: Kaspersky KVRT.EXE network connection as server was blocked by F-Secure firewall  :thup:
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 21, 2023, 06:03:13 AM
Warning: the full scan may take a while... right now I am at 8 hours, 13 Million files (about 43%), of which 213 "infected".
I am very curious whether they all sit in \Masm32 :biggrin:

P.S.: Yes, they do! And while a short while ago it had found "213 files", at the end it sees only a handful of files, all related to the clock produced by member PushPop (http://masm32.com/board/index.php?topic=8618.0) (caution with the exe, it does indeed have a virus!). No explanation what "detected, not removed" means, and which files were affected.

Did I mention it's a Micros*t product?
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 21, 2023, 01:30:52 PM
I thought it might be a good idea to share the results with the Micros*t "community" (https://answers.microsoft.com/it-it/windows/forum/windows_7-security-winsec/microsoft-safety-scanner/7f305a20-acfa-4a4d-b9ae-1da08e2bbdc8) :cool:
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 21, 2023, 06:46:03 PM
 :biggrin:

Do you now know why I run a squeaky clean version of Win 10  64 bit Pro.  :thumbsup:

The whole AV industry is a crapheap of financial desperates hussling for a buck$ by sprouking bullsh*t.
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 21, 2023, 07:44:17 PM
Quote from: hutch-- on March 21, 2023, 06:46:03 PMThe whole AV industry is a crapheap of financial desperates hussling for a buck$ by sprouking bullsh*t.

I wish I could explain the "performance" of the Micros*t scanner in terms of greed, but since it's free, I am afraid the only valid explanation is incompetence :cool:
Title: Re: Microsoft on demand AV scanner
Post by: TimoVJL on March 21, 2023, 10:11:40 PM
No free lunch.
KVRT.EXE wanted to be a server, who knows for what purbose ?
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 21, 2023, 10:42:00 PM
Simple solution, take their advice and delete it after use, next time you need it download it again.
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 21, 2023, 10:58:36 PM
I tried to download the ESET one but after a sequence of wanting lots of data about my computer, it locked up at 7% so after waiting some time, I shut the download down.
Title: Re: Microsoft on demand AV scanner
Post by: mineiro on March 22, 2023, 08:37:24 AM
Quote from: TimoVJL on March 21, 2023, 10:11:40 PM
KVRT.EXE wanted to be a server, who knows for what purbose ?
An antivirus is a virus of viruses.
Then there are virus specialists in antivirus.
...
Title: Re: Microsoft on demand AV scanner
Post by: zedd151 on March 22, 2023, 10:32:59 AM
Quote from: mineiro on March 22, 2023, 08:37:24 AM
An antivirus is a virus of viruses.
...
:biggrin: :biggrin:
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 22, 2023, 12:09:08 PM
Just tried another one, MAfee stinger64.

McAfee® Labs Stinger Version 12.2.0.565 built on Mar 20 2023 at 02:48:39
Copyright© 2013-2023, McAfee, LLC. All Rights Reserved.

AV Engine version v6600.9919 for Windows.
Virus data file v9999.0 created on Mar 20, 2023
Ready to scan for 9761 viruses, trojans and variants.

Scan initiated on Wednesday, March 22, 2023 12:00:02


Summary Report on Smart Scan
File(s)
   TotalFiles:............   3416
   Clean:.................   3416
   Not Scanned:........... 0
   Possibly Infected:.....   0

Time: 00:04:10

Scan completed on Wednesday, March 22, 2023 12:04:12

Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 22, 2023, 12:14:34 PM
Quote from: hutch-- on March 22, 2023, 12:09:08 PM

   TotalFiles:............   3416

My scan took 10 hours for around 20 Million files :biggrin:
Title: Re: Microsoft on demand AV scanner
Post by: hutch-- on March 22, 2023, 12:22:15 PM
I just tried the ESET one again, locked up on 7% again and it was difficult to delete. Shame as they used to be one of the good ones.

jj,

You must have some time to waste.  :tongue:
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 22, 2023, 12:31:15 PM
Quote from: hutch-- on March 22, 2023, 12:22:15 PMYou must have some time to waste.  :tongue:

At 2:30 AM, I waste it on walking catfish (https://www.youtube.com/watch?v=OeB7sqwoNGY) :biggrin:

Quote from: hutch-- on March 20, 2023, 11:38:04 AM
Best downloaded directly before doing a scan to get the latest data. Comes at the right price.  :biggrin:

https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/safety-scanner-download?view=o365-worldwide (https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/safety-scanner-download?view=o365-worldwide)

I trusted an old friend and launched the scammer, oops: scanner. When it told me about "213 infected files", there was no way to interrupt it without losing the results, so I let it continue. At 100% cpu = all 4 cores fully used, btw, but still responsive for other simple tasks such as reading the Masm32 forum :cool:
Title: Re: Microsoft on demand AV scanner
Post by: NoCforMe on March 22, 2023, 03:40:47 PM
Quote from: jj2007 on March 22, 2023, 12:31:15 PM
At 2:30 AM, I waste it on walking catfish (https://www.youtube.com/watch?v=OeB7sqwoNGY) :biggrin:

Heh; some decades ago I had some friends who had a band called "Joaquin Catfish". (Good band, too.)
Title: Re: Microsoft on demand AV scanner
Post by: greenozon on March 22, 2023, 07:43:16 PM
Quote from: TimoVJL on March 21, 2023, 03:04:16 AM
Works for me in Windows 7 64-bit

think twice before using russian spyware :)
full of backdoors and Kremlin stuff
Title: Re: Microsoft on demand AV scanner
Post by: jj2007 on March 22, 2023, 09:56:59 PM
Fun with Micros*t (https://answers.microsoft.com/en-us/windows/forum/windows_7-security-winsec/microsoft-safety-scanner/7f305a20-acfa-4a4d-b9ae-1da08e2bbdc8?messageId=8435fc33-f466-437c-8429-f4d1428d4a2f)

QuoteRob Koch: To truly answer your question, you need to understand how the Microsoft security apps actually operate, since that's part of why this sort of situation can be confusing to those who don't.

In other words, I am a dumb user who doesn't understand that 213 infected actually means 213 potentially infected, we'll verify that at the end.

So that answers part 1 of my question. Part 2 concerns the threats detected shown in the second dialog. It would be helpful if the tool told the user where these threats were lying around. I am a dumb user, of course, but even then, if I was told that Win32/Ekstak sat around in C:\Program Files (x86)\Microsoft Visual Studio (just an example, don't worry), I would have a chance to find out (looking at the offending file's time stamp) how I caught this beast, right?

Thanks anyway for the link. At least I found there the location of the log file: C:\Windows\debug\msert.log

Keep up the good work!
Title: Re: Microsoft on demand AV scanner
Post by: NoCforMe on March 23, 2023, 08:22:51 AM
Quote from: jj2007 on March 21, 2023, 01:30:52 PM
I thought it might be a good idea to share the results with the Micros*t "community" (https://answers.microsoft.com/it-it/windows/forum/windows_7-security-winsec/microsoft-safety-scanner/7f305a20-acfa-4a4d-b9ae-1da08e2bbdc8) :cool:

One thing's crystal clear from reading that thread, and the ensuing ones (like the one titled "What is wrong with the Microsoft Safety Scanner status information and logging? (https://answers.microsoft.com/en-us/windows/forum/all/what-is-wrong-with-the-microsoft-safety-scanner/27c95df9-7d49-4d02-b734-bcb16495cfc3)"): The Micro$oft apologist, Rob Koch, is an asshole.