How to Remove Trojans Using Windows Live Scanner

How to Remove Trojans Using Windows Live Scanner
Page content

About Windows Live Safety Scanner

Windows Live Safety scanner is a free Internet security software and service offered by Microsoft. You can use Windows Live scanner in XP, Vista and Windows 7 using Internet Explorer and Firefox browsers. If you are going to help a friend, colleague or family in cleaning an infected computer, you can also use the Windows Live scanner via Windows Live Messenger.

Can I Remove a Trojan Infection Using Windows Live Safety Scanner?

Removing Trojans, viruses, spyware, adware, or other types of malware using Windows Live Safety scanner requires an Internet connection. This allows the computer to download the scan engines and malware definitions that are needed in running an online scan. It’s easy to use Windows Live scan for Windows operating systems but you need to know that it depends which applications are affected by infections.

There are several types of Trojan horses, and if one of the Trojans adds a rootkit infection that redirects web-browsing search results to an unwanted website, you should not use Windows Live scan or any other online scanner that is using a browser. This is because the malware removal will not succeed when the affected application, which is in the browser, is opened or running.

The screenshot below (click to enlarge) is an example of failed removal of a TDSS Trojan infection that has rootkit capability using Windows Live scanner:

Any other Trojan or malware infection can be removed using Windows Live scan as long as the following are true:

  • The browser is not affected or not running during the malware removal process. This is why some antivirus vendors have enhanced their online virus scanners by providing a fast and standalone virus scan that does not install any software on machine. Examples of standalone online scanners are EmsiSoft MalAware, SUPERAntiSpyware Portable scanner, ESET Online Scanner, Trend Micro Housecall, or Norton Power Eraser.
  • The malware definitions in Windows Live scanner includes detection of a particular Trojan or malware infection in the affected PC.
  • The infection does not reside or is located in System Restore. No antivirus or anti-malware has the ability to removing malware or Trojans in System Restore because it is a protected folder in Windows. Users should disable System Restore when antivirus or anti-malware finds infections to prevent re-infection, if the System Restore feature is used. Turn-on the System Restore again after trashing the restore points that contain copies of the infected files.

How to Remove Trojans Using Windows Live Safety Scanner

With an active Internet connection and Firefox or Internet Explorer, you can remove Trojans using Windows Live scanner by visiting the links below for your operating system:

You can start scanning the computer for Trojans or other malware infections by clicking on “Protection," and then start using the free service by Microsoft to remove detected threats. Proceed by scanning the system, removing detected threats, and then restart the computer when prompted:

Restart prompt when removing Trojans using Windows Live Safety scanner

If Firefox or Internet Explorer displays an error and crashes the scanner window, you should reboot* the computer in safe mode with networking and then run a scan:

Browser crashed due to malware infection

*To reboot the computer in Safe Mode with networking, simply restart the computer and then press the F8 key on the keyboard before the Windows desktop loads. In Vista or Windows 7, you can also reboot to Safe Mode with networking by typing MSCONFIG in the start/run box in Windows, hit the enter key, and then click the Boot tab. Select Safe Boot under Boot options, and then select Network. Click OK, and then restart the computer.

Screenshots by author courtesy of Windows Live One.

Safe Mode with Networking Boot option for Vista and Windows 7