Malware Search Tool is used in manually seeking out malicious files and folders on the target partition, although it doesn’t itself detect malware (outside the optional hash definitions) it merely provides you with a smart inspection interface to assist in manually examining the file system. The target partition can be either the local/currently running operating system partition, or it can be an “offline” operating system partition (such as an OS partition from a drive attached to a tech bench computer, or when booted from a WinPE based boot disk.)
File System Inspection – Notes:
- Default file extensions included in all searches: exe,com,scr,cpl,pif,dll,sys,dat,ocx,cmd,bat,vbs,ax,bin,job and files without an extension (*all other file extensions are excluded.)
- *In addition, the Desktop, Start Menu, and Startup Folder scans include .lnk files (shortcuts) so you can examine the target file they point to. (Req. d7x v19.1.25 or better.)
- In some scans directories themselves are included, but not with every scan.
- To examine a file in the results list, double-click it for more detailed information, including signature verification and a VirusTotal result if possible. (Note that VirusTotal queries are limited.)
- When selecting an action such as “Delete” on shortcuts (lnk files) you will be prompted also to delete the target file (e.g. an .exe file) that the shortcut points to. Likewise, examining a shortcut (by double-click) will instead examine the target file.
- Any searches that include a user profile based folder will search that folder in ALL user profiles on the system.
- Suspicious Files scan searches the local/roaming application data folders for each user account, the application data\Microsoft folders for each user account, program data, and program files/program files (x86) if exist. No subdirectories are searched.
- Custom Smart Scan is a massive scan that searches the following locations: The local/roaming application data folders for each user account and subdirectories, program data and subdirectories, and the Windows and subdirectories. The only search that scans more areas is the Custom Partition Search which of course scans the entire partition.
- Other searches should be self-explanatory.
Registry Inspection – Notes:
- To be continued…
Latest News
-
d7x v21.1.16 Release Notes Update v21.1.16.3 – Fixed a recent issue with Deleting Temp...
Read More -
d7x v21.1.15.1 Release Notes Fixed a recent issue with Delete Temp Files routines (taking...
Read More -
CryptoPrevent Bulk Installer – .NET Error, Missing Chilkat dll If you’re receiving the following error while running your customized...
Read More -
New Video: d7xRDT (d7x Remote Deployment Tool) Quick Start If you aren’t already using the d7xRDT in your remote...
Read More -
d7x Release Notes (in Video) v20.12.x – v21.1.11 Recap If you hate reading, we occasionally produce a video version...
Read More -
d7x v21.1.11 Release Notes Improved “Extensions – Action\Command Prompt Here” shell extension (right-click on...
Read More -
d7x v21.1.9 Release Notes Performed a lot of work to improve deleting stubborn files/directories...
Read More -
KillEmAll Mini – Intro/Usage Video Introducing the newest KillEmAll Mini and detailing usage…
-
KillEmAll and KillEmAll Mini updated to v20.12.31 KillEmAll Mini Release Notes: Improved KillEmAll usage/flow of execution/feature set....
Read More -
d7x v20.12.31 Release Notes Updated KillEmAll to fix issues with not recognizing when it...
Read More