I ran msert, the Microsoft Safter Scanner. In "quick" mode it
scanned about 75000 files and reported finding 4 infected files.
Yet, when I look at the logfile it creates, it says that nothing
susicious was found. Huh?

Jason wrote:

> I ran msert, the Microsoft Safter Scanner. In "quick" mode it
> scanned about 75000 files and reported finding 4 infected files.
> Yet, when I look at the logfile it creates, it says that nothing
> susicious was found. Huh?

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

has links to:

https://support.microsoft.com/en-us/topic/how-to-troubleshoot-an-error-when-you-run-the-microsoft-safety-scanner-6cd5faa1-f7b4-afd2-85c7-9bed02860f1c
https://www.thewindowsclub.com/troubleshoot-microsoft-safety-scanner-errors-in-windows-10

which mentions error codes start with 0x (zero hex which means the error
code is a hexadecimal value). There were none in the msert.log logfile?
If not, maybe the reported infections were PUPs (Probably Unwanted
Programs) that were found but are not themselves malicious, but could be
used by scripts to perform malicious behavior.

When msert reports errors or infections, it provides no details on what
it found, or where? When you looked in the msert.log file, on what did
you search? Did you search the msert.log file on "threat detected" as
shown below?

https://www.bleepstatic.com/images/news/security/microsoft/exchange/microsoft-safety-scanner/msert-webshell-detected.jpg

When you ran the scanner, and it claimed there was malware, you didn't
get a list, like that shown below?

https://i0.wp.com/howtofix.guide/wp-content/uploads/2021/10/msert-after-scan-report.jpg?resize=750%2C685&ssl=1

In article <14pcyv5uke1ia$.dlg@v.nguard.lh>, V@nguard.LH says...
>
> Jason wrote:
>
> > I ran msert, the Microsoft Safter Scanner. In "quick" mode it
> > scanned about 75000 files and reported finding 4 infected files.
> > Yet, when I look at the logfile it creates, it says that nothing
> > susicious was found. Huh?
>
> https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
>
> has links to:
>
> https://support.microsoft.com/en-us/topic/how-to-troubleshoot-an-error-when-you-run-the-microsoft-safety-scanner-6cd5faa1-f7b4-afd2-85c7-9bed02860f1c
> https://www.thewindowsclub.com/troubleshoot-microsoft-safety-scanner-errors-in-windows-10
>
> which mentions error codes start with 0x (zero hex which means the error
> code is a hexadecimal value). There were none in the msert.log logfile?
> If not, maybe the reported infections were PUPs (Probably Unwanted
> Programs) that were found but are not themselves malicious, but could be
> used by scripts to perform malicious behavior.
>
> When msert reports errors or infections, it provides no details on what
> it found, or where? When you looked in the msert.log file, on what did
> you search? Did you search the msert.log file on "threat detected" as
> shown below?
>
> https://www.bleepstatic.com/images/news/security/microsoft/exchange/microsoft-safety-scanner/msert-webshell-detected.jpg
>
> When you ran the scanner, and it claimed there was malware, you didn't
> get a list, like that shown below?
>
> https://i0.wp.com/howtofix.guide/wp-content/uploads/2021/10/msert-after-scan-report.jpg?resize=750%2C685&ssl=1

Here's the entire log file.....

------------------------------------------------------------------------
---------------
Microsoft Safety Scanner v1.359, (build 1.359.1703.0)
Started On Thu Mar 10 16:42:10 2022

Engine: 1.1.19000.8
Signatures: 1.359.1703.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Thu Mar 10 16:58:35 2022

Return code: 0 (0x0)

I'm guessing you speculation about PUPS is correct. Other scanning
programs (i.e., mbam) have spotted those in the past also.

Jason wrote:

> I'm guessing you speculation about PUPS is correct. Other scanning
> programs (i.e., mbam) have spotted those in the past also.

I left my laptop doing a full scan yesterday (8 million files) during the scan
it claimed to have found 17 "infected" files, after it had done the report aid
there was 1 threat found, and it was a password-revealer tool that I had
deliberately installed, but MS don;t like the idea of, no doubt they would flag
magic jelly bean and psexec etc the same way.

Jason wrote:

> In article <14pcyv5uke1ia$.dlg@v.nguard.lh>, V@nguard.LH says...
>>
>> Jason wrote:
>>
>>> I ran msert, the Microsoft Safter Scanner. In "quick" mode it
>>> scanned about 75000 files and reported finding 4 infected files.
>>> Yet, when I look at the logfile it creates, it says that nothing
>>> susicious was found. Huh?
>>
>> https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
>>
>> has links to:
>>
>> https://support.microsoft.com/en-us/topic/how-to-troubleshoot-an-error-when-you-run-the-microsoft-safety-scanner-6cd5faa1-f7b4-afd2-85c7-9bed02860f1c
>> https://www.thewindowsclub.com/troubleshoot-microsoft-safety-scanner-errors-in-windows-10
>>
>> which mentions error codes start with 0x (zero hex which means the error
>> code is a hexadecimal value). There were none in the msert.log logfile?
>> If not, maybe the reported infections were PUPs (Probably Unwanted
>> Programs) that were found but are not themselves malicious, but could be
>> used by scripts to perform malicious behavior.
>>
>> When msert reports errors or infections, it provides no details on what
>> it found, or where? When you looked in the msert.log file, on what did
>> you search? Did you search the msert.log file on "threat detected" as
>> shown below?
>>
>> https://www.bleepstatic.com/images/news/security/microsoft/exchange/microsoft-safety-scanner/msert-webshell-detected.jpg
>>
>> When you ran the scanner, and it claimed there was malware, you didn't
>> get a list, like that shown below?
>>
>> https://i0.wp.com/howtofix.guide/wp-content/uploads/2021/10/msert-after-scan-report.jpg?resize=750%2C685&ssl=1
>
> Here's the entire log file.....
>
> ------------------------------------------------------------------------
> ---------------
> Microsoft Safety Scanner v1.359, (build 1.359.1703.0)
> Started On Thu Mar 10 16:42:10 2022
>
> Engine: 1.1.19000.8
> Signatures: 1.359.1703.0
> MpGear: 1.1.16330.1
> Run Mode: Interactive Graphical Mode
>
> Results Summary:
> ----------------
> No infection found.
> Successfully Submitted MAPS Report
> Successfully Submitted Heartbeat Report
> Microsoft Safety Scanner Finished On Thu Mar 10 16:58:35 2022
>
> Return code: 0 (0x0)
>
> I'm guessing you speculation about PUPS is correct. Other scanning
> programs (i.e., mbam) have spotted those in the past also.

That log is dated after (Mar 10) when you posted here (Mar 9) about a
log dated prior to when you posted here. If the infections got cleaned
up, another scan wouldn't find any problems. Anti-malware gets updated,
especially regarding false positives. The prior scan might've reported
infections, but false positives got addressed, so they wouldn't be
reported in later scans. PUPs should not be eradicated without your
permission. PUPs are /probably/ unwanted programs, but many so-called
PUPs are tools that you choose to install. At one time, all the Nirsoft
tools were flagged as PUPs. You didn't say you were prompted and
allowed any changes.