Jump to content


windows defender ===offline=== !!!


  • Please log in to reply
20 replies to this topic

#1 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 11,863 posts

Posted 05 January 2012 - 12:49 AM

greets!

and wow, ms finally gave us a win pe environment with windows defender!!!

this means, yo pc is too trashed to run, boot the win def cd and it scans and removes the viral carp!

i yam most x-cited about this!

because i have been using linux based utilities, such as kaspersky's bootable av solution.  which is, by the way cool, and even works.

o, linkies --- http://windows.microsoft.com/en-US/windows...efender-offline

u herd it hear first!


you're thoughts?
Posted Image

#2 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 21,521 posts

Posted 05 January 2012 - 09:43 AM

That is great news. At least for known malware. wink.gif

Windows Defender doesn't get everything. But it's an excellent start.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#3 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 11,863 posts

Posted 05 January 2012 - 10:11 AM

my point is that it boots from a clean cd, which bypasses the infected hd.  i used it 2 days ago on a machine that had 5 virus/worm/whatevers that would not stop rebooting itself.
Posted Image

#4 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 21,521 posts

Posted 05 January 2012 - 10:46 AM

Absolutely! Great that they finally allowing it to run on liveCD to bypass hard drive.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#5 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 6,414 posts

Posted 05 January 2012 - 11:59 AM

Fran, Windows Defender Offline (this bootable CD or USB stick) is NOT Windows Defender. Again, MS confuses everyone by naming a different tool with some of the same words!
Will someone please hand the folks a Microsoft a dictionary and thesaurus so they can come up with new words. hysterical.gif
Liz
Registered Linux User # 401459
Posted Image

#6 OFFLINE   frapper

frapper

    Thread Head

  • Members
  • PipPipPipPipPipPip
  • 729 posts

Posted 05 January 2012 - 12:07 PM

This is discussed in this week's Windows Secrets newsletter.  WDO Article
Posted Image
Norm
Windows 7 Home Premium SP1 x3
USAF - '67-'71
Posted Image

#7 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,520 posts

Posted 05 January 2012 - 09:32 PM

QUOTE (frapper @ Jan 5 2012, 11:07 AM) <{POST_SNAPBACK}>
This is discussed in this week's Windows Secrets newsletter.  WDO Article


And in my blog post last month:  Windows Defender Offline Beta, formerly Standalone System Sweeper (Which points to Setting Up the Microsoft Standalone System Sweeper... that Susan Bradley linked to in her Windows Secrets article on the Standalone System Sweeper and is my most read article with over 12,500 views!)

Even the Standalone System Sweeper is not actually a new tool.  It has long been a part of the Microsoft Diagnostics and Recovery Toolset (DaRT) for Microsoft Enterprise customers.

The important thing to realize is that, regardless of the name, it uses the same definitions as Microsoft Security Essentials and Microsoft Forefront, the difference being that it provides the capability of scanning at start up.

Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#8 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 21,521 posts

Posted 05 January 2012 - 09:36 PM

Thanks for the further explanation, Corrine!

It is amazing why Microsoft doesn't try to make it easier to differentiate their tools. Liz is right. They need a bigger dictionary wink.gif
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#9 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,520 posts

Posted 05 January 2012 - 09:44 PM

This should help:  Understanding Microsoft Anti-Malware Software.  wink.gif
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#10 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 21,521 posts

Posted 05 January 2012 - 10:12 PM

Thanks smile.gif That's a very good article btw. As are all your articles.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#11 OFFLINE   Tushman

Tushman

    Forum Fiend

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 1,804 posts

Posted 05 January 2012 - 10:13 PM

Antivirus companies have offered rescue CDs on their website long before this.  You can download rescue discs from companies like Fprot & Kasperksy for no charge.  A more comprehensive list can be found here.

As an alternative, you can even make customized WinPE USBs and load programs like Spybot S & D so that you can the infected PC in a preboot environment.  It takes a few steps but it is not difficult.

I'm not complaining and it's certainly nice to have choices.  But MS is late to the party on this.  I really see no reason to get excited about it.

Edited by Tushman, 05 January 2012 - 10:20 PM.


#12 OFFLINE   LilBambi

LilBambi

    Australisches Googler

  • Forum Admins
  • 21,521 posts

Posted 05 January 2012 - 11:23 PM

True. Nice that they finally got on the bandwagon. It has been great to have many bootable CDs for this purpose previously from other companies, who were truly forerunners in the field.
Bambi
AKA Fran

Posted Image
My Public Key for Email :: BambisMusings Blog :: Fran's Computer Services Blog :: MyPassionIsBooks Blog :: 5BuckReview :: CNIRadio
"The Net interprets censorship as damage and routes around it." ~John Gilmore (Time Magazine, Dec 6, 1993)

#13 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 11,863 posts

Posted 06 January 2012 - 11:05 AM

QUOTE (Corrine @ Jan 5 2012, 07:44 PM) <{POST_SNAPBACK}>
...Understanding Microsoft Anti-Malware Software... wink.gif


laugh.gif  wow!  one can understand microsoft?! biggrin.gif


QUOTE (Tushman @ Jan 5 2012, 08:13 PM) <{POST_SNAPBACK}>
Antivirus companies have offered rescue CDs on their website long before this.  You can download rescue discs from companies like Fprot & Kasperksy ....I really see no reason to get excited about it.


(1) i pointed that out in the original post.  
(2) i'm "excited" that microsoft is actually giving something away at no charge, free and clear of its usual obfuscation.  which of you (on your own) can create a windows pe boot disk, and load it up with working and useful utilities? i laugh. ms attempts to make its products profitable, not free, so again, the freeness of it is the excitement.

ps,
apologies to corrine in particular for not having read it first on her excellent "security garden" blog!

Edited by Temmu, 06 January 2012 - 11:11 AM.

Posted Image

#14 OFFLINE   Tushman

Tushman

    Forum Fiend

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 1,804 posts

Posted 06 January 2012 - 03:36 PM

QUOTE (Temmu @ Jan 6 2012, 09:05 AM) <{POST_SNAPBACK}>
(1) i pointed that out in the original post.  
(2) i'm "excited" that microsoft is actually giving something away at no charge, free and clear of its usual obfuscation.  which of you (on your own) can create a windows pe boot disk, and load it up with working and useful utilities? i laugh. ms attempts to make its products profitable, not free, so again, the freeness of it is the excitement.

ps,
apologies to corrine in particular for not having read it first on her excellent "security garden" blog!


The fact that it's offered as a free download from Microsoft may be enticing to some - doesn't do anything for me.   To each his own.  Perhaps if they were the first to market/offer this type of solution on the web, then yes I could see how you would be excited.  Secondly, there's plenty of good products out there already (Kaspersky/Fprot/etc.) and I see no clear significant benefit this has over the others, do you?

Creating a bootable WinPE USB is simple enough.  Do a google search and there are plenty of links that show you how to do it step by step.  All the required software is also free including the Windows AIK.  Nothing hard about it.

#15 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 6,414 posts

Posted 06 January 2012 - 06:39 PM

QUOTE
Creating a bootable WinPE USB is simple enough.
Not to be smart but I think you are over estimating most computer users abilities.
Liz
Registered Linux User # 401459
Posted Image

#16 OFFLINE   Tushman

Tushman

    Forum Fiend

  • Members
  • PipPipPipPipPipPipPipPipPip
  • 1,804 posts

Posted 06 January 2012 - 06:46 PM

QUOTE (zlim @ Jan 6 2012, 04:39 PM) <{POST_SNAPBACK}>
Not to be smart but I think you are over estimating most computer users abilities.


Of course your usual 'ma & pa' users wouldn't feel comfortable trying it.  That type of user is not likely to download and use a offline scanner (utility) and attempt "fixing" their own PCs.  The vast majority of those users take their PCs to geek squad or a computer shop and pay for it.  I was referring more to the people that participate on forums such as this. And that is not to say that I believe all forum members are competent enough to do it on their own.  But most of the regular members that participate on forums are your computer hobbyists who don't mind trying something new or learn how to fix their own PC.

Edited by Tushman, 06 January 2012 - 06:52 PM.


#17 OFFLINE   Temmu

Temmu

    The Assimilator

  • Forum MVP
  • 11,863 posts

Posted 09 January 2012 - 02:02 AM

and speaking of kaspersky,
am scanning a pc now, kaspersky said, " your definitions are 15,347 days out of date, do you want to update now?" laugh.gif

um... you think i should?
Posted Image

#18 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,520 posts

Posted 09 January 2012 - 09:58 PM

Nah, Temmu.  Just go with what you have.   laugh.gif
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#19 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 6,414 posts

Posted 10 January 2012 - 12:43 PM

I used WDO on two computers. A quick on mine and a full on a computer I brought home. I was getting worried when it said it found something suspicious on the one I brought home. That computer was one I resurrected from the dead. Since I had no Dell disk, I didn't wipe it and do a clean install, I simply cleaned it the best I could using software and manually searching for things.
Well, I breathed a sigh of relief when all it found were two things: some adware (I've never seen ads on it) and something to do with Sonic's Record Now program (on the computer from new) having to do with some sort of scheduled registration.
I quarantined both items just to be sure I didn't break anything before I kill them but the problem is, I have no idea how to find what it has quarantined without running the CD again.
Does anyone know where WDO stores the quarantined items?
Liz
Registered Linux User # 401459
Posted Image

#20 OFFLINE   Corrine

Corrine

    The Mystical Rose

  • Forum Admins
  • 3,520 posts

Posted 10 January 2012 - 03:10 PM

The log files for Windows Defender Offline are stored in a C:\Windows\Windows Defender Offline\Support as a text file:  MPLog-MM/DD/YYYY-HH/MM/SS.txt

There's always System Restore. smile.gif
Posted Image

Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

#21 OFFLINE   zlim

zlim

    It's me, plodr

  • Forum MVP
  • 6,414 posts

Posted 10 January 2012 - 07:45 PM

Thanks. I'll have a look in there.
Liz
Registered Linux User # 401459
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users