Top Nav

Microsoft Standalone System Sweeper is a Rootkit Analyzer for Windows

Rootkits are applications that are stored in hidden directories or volumes on your computer. They’re an effective way for virus writers to hide their weapons, since most antivirus software typically miss them. The disk must be analyzed from outside the OS. Microsoft’s solution is to boot to Windows PE (Pre-installation Environment) a lightweight version of Windows to perform the scan. It installs on a thumb drive or DVD and loads into memory.

Before you start make sure you have a blank CD/DVD or a minimum 250MB thumb drive. Then download the 32 or 64 bit version of MS Standalone System Sweeper.

sshot-2011-11-08-[22-25-39]

Save the file to your desktop.

sshot-2011-11-08-[22-30-31]

Double-click and run it.

sshot-2011-11-08-[22-31-44]

Microsoft says you’ll need 250 MB of free space on your thumb drive. Click Next.

sshot-2011-11-08-[22-57-47]

You can burn the image to a CD, DVD, USB or create and burn an ISO file.  I chose USB. Click Next.

sshot-2011-11-08-[23-05-00]

Select the drive letter for your USB file. Or the correct drive if you’re burning it to disc.

sshot-2011-11-08-[23-05-45]

Remember MS Standalone System Sweeper Tool will format the USB drive. Make sure you back up anything you need before using it.

sshot-2011-11-08-[23-07-36]

It takes several minutes to build the bootable USB. This is a good time to beat the next level on Angry Birds!
sshot-2011-11-08-[23-09-47]

Click Finish and leave the thumb drive plugged in. Then restart your system.

sshot-2011-11-08-[23-15-17]

You’ll want to modify the bios to boot from USB.  On Dell’s choose F12, on others it could be F2 or Del.  In the case below, I select to boot from USB Storage Device. Hit Enter.

sshot-2011-11-08-[23-25-08]

Looks like Windows 7, but it’s PE.

sshot-2011-11-08-[23-46-24]

sshot-2011-11-08-[23-48-25]

Standalone System Sweeper starts up.

sshot-2011-11-09-[00-04-04]

Next click Start Full Scan.

sshot-2011-11-09-[00-05-13]

Now MS Standalone System Sweeper will start scanning your system. The amount of time it takes will vary. I scanned three machines and each took about 45 minutes to an hour.

MS Standalone Security Sweeper

Luckily in my case, no rootkits were found. If your test finds a rootkit, send us a photo and leave a comment below.

sshot-2011-11-09-[00-47-05]

After the scan complete, close out of MS Standalone System Sweeper and restart your system.

Using this tool doesn’t damage your to your PC or OS. You may have a rootkit installed and not know it, so it’s worth the hour it takes to run.

More Reading:

,

4 Responses to Microsoft Standalone System Sweeper is a Rootkit Analyzer for Windows

  1. Robin November 11, 2011 at 12:26 am #

    Honestly do we really need to go through all this trouble to load a program just to remove a Rootkit? I think not.
    My Avast scans for everything so does my Advanced SystemCare 5.

    But I do have a question, I downloaded Windows Developer Preview-64bit-English-Developer and I wanted to put it on a dvd, but it is to big, I have a 16gb flash drive and want to put the iso on it, BUT… how do I get to make my flash drive bootable???
    I would like to try the new Windows 8 and see what all the fuss is about…
    Please helo me, Tell me what
    I have to do to make my Flash Drive bootable so I can boot from an iso image.

    Regards
    Robin

  2. Robin November 11, 2011 at 1:11 am #

    wintobootic

    Ok I came across this site below, It makes a USB flash Drive bootable, One can drop the ISO in the program and it will make the USB boot with an os on it.
    I hope it helps others out there.

    http://www.wintobootic.com/

  3. Robin November 16, 2011 at 8:30 am #

    Hey Alex,

    Thx for the advice and the link, i jst downloaded it, so I will give a try, Maybe you or some one can give me more advice…
    Ok, I have Windows 7 Ultimate(32bit)loaded on C: drive and i would like to in stall the new WindowsDeveloperPreview-64bit-English-Developer,
    I tried it through Oracle VM VirtualBox but it said I don’t have a 64bit cpu, I do have one, it is a Core 2 Deo E6500 2.33MHz why would it say I don’t have a 64bit cpu?
    I have 3 drives installed and Want to load the new windows on F:
    Will it in any way affect my c: drive as I do not feel like reloading windows 7, as it is running like a fine tuner car.
    And it i load the new windows is it east to uninstall if i don’t like it?

    Please any advice is welcome

    Kind regards
    Robin

  4. PXE Booting February 8, 2012 at 2:13 pm #

    I PXE Boot this from a WDS… CLEAN! no discs needed or USB needed unless i want to or have to deal with it.

Leave a Reply