Microsoft System Sweeper Review and How To Video

Last night I uploaded my review of the bootable anti-virus solution from Microsoft called Microsoft System Sweeper.  This is basically Microsoft’s answer to removing hard to delete malware (like Rootkits).  System Sweeper is being used by Microsoft support to drastically shorten support calls/cases involving hard to remove malware.

Here are a few important facts about Microsoft System Sweeper:

  • System Sweeper comes in 2 “flavors”.  One for 32-bit versions of Windows and one for 64-bit Versions of Windows.
  • It requires an internet connection.  I prefer using a wired connection.
  • You can update the definitions from within the bootable environment, so there is no need to recreate the USB or CD everyday.
  • It does require a blank CD or DVD or you can use a flash drive (if your computer support booting from a flash drive).
  • I suggest doing a custom scan and then selecting C: (or whatever drive contains your OS)

I used Microsoft System Sweeper against a pc so infected it wouldn’t even login, here are the results.

, , ,

24 Responses to Microsoft System Sweeper Review and How To Video

  1. F. Ofneff July 6, 2011 at 5:28 pm #

    I worked on a Gateway w/ Vista (new) Customer hated it, so he bought a new hard drive and I set up Linux for him. In return he gave me his hard drive w/ vista along w/ the OEM Sticker and the System Discs. (Since; my office was broken into & ALL my OS disks have been stolen. Which I have contacted M$ legal department about.) I used the hard drive w/ Vista in my Dell for about a month then I got the desktop message: “This copy of Windows is not genuine.” Entering the original product code doesn’t not solve the problem. I tried to contact Gateway to no avail. I still have the “Windows Vista Home Premium OEMAct Gateway sticker w/ product code. When I couldn’t contact Gateway, I contacted M$ they claimed there was nothing they could do & tried to sell me Win7 for $109. I have been putting up w/ this for months any Ideas on how to get a live person @ Gateway to solve this problem? Matt, thank you for any help you may have. Your vids on YT are great. Keep up the good work. I can just imagine how busy you are. I see all the requests! There is only so much time in a lifetime. 🙂

  2. malwarekilla July 6, 2011 at 5:42 pm #

    F. Ofneff – I feel for ya on those activations, that system is so easily broken and flawed. Thanks for watching the vids and I’ll be crankin some more out this week.

  3. Reyes July 6, 2011 at 9:36 pm #

    Matt,
    What a good video! what I did not understood is why or what happened that your computer lost the activation key for windows?

    Was it because of Microsoft system sweeper or was it something else?

    Advise..rm

  4. Malcontent July 6, 2011 at 9:36 pm #

    My go to AV boot disk is Bitdefender’s. It works very well for me.

    Thanks for doing this review.

  5. Warwagon July 7, 2011 at 12:10 am #

    Great Video, just one word of advice. I would recommend you go into the performance section of windows and turn off all the Animations and all the fades but leave desktop composition(transparency turned on). It will make the machine on the video seem MUCH snappier. Aero animations and fades AWAYS make the machine seem slower than what it is.Even more so when screen is being recorded.

    Other than that, it looks? great!

  6. Casey July 7, 2011 at 6:10 am #

    $135 ?!!!
    Kinda makes you wanna get a cracked version of Windows 😛

    ps: I envy your download speed. my speed drags me though a 15 min wait for a download for a file like MSE installer.

  7. Reggie July 7, 2011 at 9:25 am #

    It’s been hit and miss so far in my experience with Microsoft System Sweeper. On a couple of client PCs it did a great job getting rid of fake AV and on a Win7 64 machine it wouldn’t run. Yes I had the 64 bit version. I also told a co worker to use it on an infected machine and he said it didn’t find anything. Overall it’s definitely a tool I’m going to keep in my arsenal.

  8. malwarekilla July 7, 2011 at 1:12 pm #

    @Reyes – I’m -pretty sure the activation problems are related to me copying the VM from my old physical PC to my new one, but it could also be the malware breaking it. Not sure.

  9. malwarekilla July 7, 2011 at 1:27 pm #

    @Malcontent – I haven’t used BD’s boot disk. I’ll probably make a video on all of them eventually.

  10. H July 7, 2011 at 8:49 pm #

    Hello Matt, great vid as usual. I’ve been searching the net for a program that can be run in a pre installed environment, that will delete temporary files from the infected C drive to save time on scanning. I know there is EZPCFix on UBCD4WIN for XP, but can’t find anything for Vista or 7.

    Any help would be much appreciated.

  11. Reyes July 8, 2011 at 1:14 am #

    Matt
    It would be a good idea that it wasn’t Microsoft System Sweeper that one that lost or detected the key for windows used twice in your old and new computer…I am against pirated versions of Microsoft but many people everywhere has a pirated OS at home or laptops and if this program detects that and and blocks the desktop putting the mssge. there that Windows didn’t pass the validation key, many people knowing that won’t use this program to clean their computers.

  12. Reyes July 8, 2011 at 1:17 am #

    CORRECTED COPY
    Matt
    the question would be to know that it was or wasn’t Microsoft System Sweeper that one that lost or detected the key for windows used twice in your old and new computer?…I am against pirated versions of Microsoft but many people everywhere has a pirated OS at home or laptops and if this program detects that and and blocks the desktop putting the mssge. there that Windows didn’t pass the validation key, many people knowing that, won’t use this program to clean their computers.

  13. malwarekilla July 8, 2011 at 2:37 am #

    @Reyes – the “not genuine” message appears every time I restore that particular snapshot, no matter what anti-virus I used to clean it. So, it’s either the malware or the vmware snapshot that’s messing with the ms genuine stuff.

  14. Ben July 8, 2011 at 4:15 am #

    @malwarekilla – I always thought the activations were controlled by system changes when it’s first validated it makes a hardware snapshot. (Hardware IDs Only. No Software changes) and so when you make a VM – you aren’t actually using the same hardware when you first validated it (VMware is telling Windows something different in terms of Hardware being emulated)

    Unless you bought the copy for your VM just for creating the malware videos – which would make my comment moot 🙂

  15. Christos July 8, 2011 at 4:54 am #

    @malwarekilla My guess is on the VM, BUT what you can do is:
    1)Go to the snapshot
    2)Activate windows
    3)Take another snapshot which you are eventually going to use.
    Aprox. time needed: 5 minutes.

    It saved me one time!

  16. Henk (Greece) July 8, 2011 at 7:23 am #

    Matt,

    Thanks for the video.
    Looking forward to your videos on how to repair the OS after it’s been hit by malware and not allowing the OS to boot.

    Henk

  17. malwarekilla July 8, 2011 at 1:35 pm #

    @Ben – yeah, that was bought just for my demos

  18. Shaun Zhang July 9, 2011 at 10:08 pm #

    It is probably not Microsoft System Sweeper’s problem that made windows counterfeit, when Matt was doing the review on norton boot cd, he still gets the message that his copy of windows is not genuine when he has restarted his virtual machine after he have removed the threats using norton boot cd, I suspect it is the problem with malware.
    Will a repair upgrade fix the problem with windows activation?

  19. Dan July 10, 2011 at 9:01 pm #

    Great tool you have here, Matt. Thanks for the demonstration.

  20. Tom July 11, 2011 at 10:57 am #

    Nice review BTW…I really wasn’t expecting to do that much.

  21. Tom July 11, 2011 at 11:17 am #

    Pardon. I really wasn’t expecting it to do that much.

  22. ZOU July 12, 2011 at 12:00 am #

    @Malwarekilla:

    Thanks for putting in the time.

    • malwarekilla July 12, 2011 at 7:38 pm #

      @ZOU – no problem, thanks ZOU.

  23. enes July 13, 2011 at 1:31 pm #

    hi matt,
    you used to use avira antivir personal on your clients
    why did you switch to microsoft?
    does microsoft have a higher detection rate?

Leave a Reply