It is currently 28 Mar 2024 23:30




 Page 1 of 1 [ 10 posts ] 
Author Message
 Post subject: Windows Defender Offline
PostPosted: 13 Dec 2011 11:46 
User avatar

Joined: 15 Dec 2008 11:03
Posts: 1563
Location: Darlington, County Durham
I've used pretty much every anti-virus/anti-malware product on the market over the years and although they all have their different strengths and weaknesses they all have one common vulnerability - rootkit detection. How can you be sure that your av software has really cleaned your PC when the host operating system has been compromised at the lowest possible level? You can't. Even the mighty ComboFix and GMER (Google it noob) have failed to clean some rootkits that I've come across, leaving me to fart around with re-writing boot sectors and other manual grief that I can't be bothered with. A few people make offline scanners (McAfee, Symantec etc) but they generally need you to mess about creating a boot environment (using Windows PE or some such).

Came across Windows Defender Offline yesterday and have tried it on a few test machines that I had infected with various nasties. Looks like a great piece of software and will now be one of the primary tools in my arsenal against malware.

Here's the link, in Beta at the moment and comes in x32 and x64 flavours (dependant upon the version of Windows installed not your hardware), can be burned to CD or you can make a bootable USB stick (which is updateable via the setup software) straight from the downloader. Very easy to use and quick.

http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

:ugeek:



_________________
Image[url=http://ssd.hlstatsx.com/playerinfo/1973]
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 15:52 
SSDi One Man Army
User avatar

Joined: 13 Dec 2008 21:11
Posts: 1434
Location: Cognac, FR
u sound like a salesman :P



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 16:06 
User avatar

Joined: 15 Dec 2008 11:03
Posts: 1563
Location: Darlington, County Durham
lol!

By the way, for scanning and cleaning machines I use the following:

Super Anti Spyware - http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
MalwareBytes - http://www.malwarebytes.org/products/malwarebytes_free
McAfee Viruscan Enterprise - Yeah I cheat, got a corporate account for that one :p
COMBOFix - Can seriously mess your machine!! http://www.bleepingcomputer.com/combofix/
GMER - http://www.gmer.net/
RootkitRevealer - For Windows XP and 2003, Vista and Win7 not supported - http://technet.microsoft.com/en-us/sysinternals/bb897445
Autoruns - http://technet.microsoft.com/en-us/sysinternals/bb963902
HijackThis - http://download.cnet.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html
Windows Defender Offline - Link above

And as an aside, I use AVAST not AVG for people who want free anti virus. Security Essentials doesn't quite cut it yet.



_________________
Image[url=http://ssd.hlstatsx.com/playerinfo/1973]
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 16:12 
SSDi One Man Army
User avatar

Joined: 13 Dec 2008 21:11
Posts: 1434
Location: Cognac, FR
I dont use that much,
avira and MWbytes for "daily use",
I use bitdefender online when I have to, havnt had any issue for long on my computer, last i had to brainstorm was for a colleague with a notebook but still succeded :)



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 16:17 
User avatar

Joined: 15 Dec 2008 11:03
Posts: 1563
Location: Darlington, County Durham
I tend to use varying combinations of those tools dependant upon how badly compromised the machine is.
Super Anti Spyware is quite good as it includes some fixes for damage that is commonly caused by malware, such as winsock errors. Can save quite a few headaches.



_________________
Image[url=http://ssd.hlstatsx.com/playerinfo/1973]
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 17:38 
SSDi Randy Scotsman
User avatar

Joined: 16 Dec 2008 18:49
Posts: 2994
you can get eset for free. all you do is d/l the trial version. once the trial period is up. look for nod32 username/password on the net with your phone, or another pc. As the eset blocks some of the websites with the usernames passwords, says they nasty sites.... cough cough.. BS cough......



poundsey did sound like a sales man there though...



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 18:01 
User avatar

Joined: 28 Apr 2009 20:35
Posts: 6106
Location: Blackburn Lancashire
i use a disc called windows 7 -64 bit.
Just put it in my disk drive, install it, and hey presto, it's like new :)


























Thansk for the help Dave :)



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 18:02 
SSDi One Man Army
User avatar

Joined: 13 Dec 2008 21:11
Posts: 1434
Location: Cognac, FR
doesnt work for MBR issues



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 18:05 
User avatar

Joined: 15 Dec 2008 11:03
Posts: 1563
Location: Darlington, County Durham
+1 If your MBR is infected, you just get hit again after you've reinstalled.



_________________
Image[url=http://ssd.hlstatsx.com/playerinfo/1973]
Offline
 Profile  
 
 Post subject: Re: Windows Defender Offline
PostPosted: 13 Dec 2011 18:11 
SSDi One Man Army
User avatar

Joined: 13 Dec 2008 21:11
Posts: 1434
Location: Cognac, FR
faced one once, if i well remember i think I got it using UBCD, low level format :)



_________________
Image
Offline
 Profile  
 
Display posts from previous:  Sort by  
 Page 1 of 1 [ 10 posts ] 


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

cron