This article in our series focused on Microsoft’s free security tools is on a tool called the Microsoft Safety Scanner.  The Microsoft Safety Scanner is a free stand-alone virus scanner that is used to remove malware or potentially unwanted software from a system. The tool is easy to use and packaged with the latest signatures, updated multiple times daily.  The application is not designed to replace your existing antimalware software, but rather act as an on demand virus removal tool in situations where you suspect your real time antimalware software might not be working correctly.  If the antimalware program you are running regularly becomes disabled without your knowledge you may have malware or rogue security software on your system.  Running the Microsoft Safety Scanner can help detect and remove malware or potentially unwanted software that may be disabling your real time antimalware software. 

There are a number of benefits to the Microsoft Safety Scanner including its ability to run on non-networked systems such as those behind an air-gap network, those within an ISP’s walled garden and those where the infection has impaired internet connectivity.  This tool is also portable and can easily be copied from one computer and run on another. This is especially useful when your access to security websites is blocked by malware on the infected machine.  This tool differs from Windows Defender Offline in that a reboot is typically not required.

Installing the Microsoft Safety Scanner does not require you to uninstall your existing antimalware software.  The program can be started right after downloading or transferring it to a PC.  The tool is approximately 70 megabytes in size and includes all the latest definition/signature files provided by the Microsoft Malware Protection Center.

Upon downloading the tool, users are prompted with three different scan options: quick scan, full scan or customized scan.  A quick scan will scan the memory, registry and areas on the system most likely to have malicious code like viruses, spyware or computer worms. A full scan on the other hand includes all the items scanned in a quick scan plus a scan of all your files in your fixed drives.  A custom scan runs a quick scan and includes any additional files specified.

Figure (below) Screen capture of the Microsoft Safety Scanner Wizard

While it is not a replacement for a full antimalware solution with real-time protection, the Microsoft Safety Scanner does offer detection and cleaning using the same set of signatures and technology utilized by Microsoft Security Essentials. It is important to note that because the Microsoft Safety Scanner is a stand-alone tool, the signatures will expire ten (10) days after downloading. After the 10 day period has expired, we recommend downloading a new version of the tool in order to get the latest anti-malware definitions.

If you think your system has been infected with malware but your real time antimalware software isn’t detecting anything, we suggest downloading and running the Microsoft Safety Scanner.

For more information, check out these helpful resources:

Tim Rains
Trustworthy Computing