Go Back   Technibble Forums > Technical Discussions > Security, Viruses and Trojans

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #1  
Old 04-18-2012, 12:28 AM
The Tech Professor The Tech Professor is offline
Banned
 
Join Date: Oct 2009
Location: Tennessee
Posts: 75
The Tech Professor is an unknown quantity at this point
Default Windows Defender Offline

Hello everyone,

Microsoft's bootable security scanner has emerged from beta and deserves a permanent place in your Windows bag of tricks: Check out how you can run WDO unattended - great stuff!

http://www.infoworld.com/t/windows-s...he-dead-191053

Best wishes,
The Tech Professor
Reply With Quote
  #2  
Old 04-18-2012, 02:24 AM
AlaDes's Avatar
AlaDes AlaDes is offline
 
Join Date: Jan 2011
Location: White Sulphur Springs, WV
Posts: 422
AlaDes is on the way
Default

I've used the beta a few times but have been wondering if there's a difference in it, the offline scanner in MSDart, and MSE. Does anyone know?
Reply With Quote
  #3  
Old 04-18-2012, 09:21 AM
Steve202's Avatar
Steve202 Steve202 is online now
 
Join Date: Sep 2010
Location: Staffordshire, UK
Posts: 797
Steve202 is on a distinguished road
Default

I've used it a few times now and I'm pretty impressed with it.
__________________
Steve
"Hello, have you tried turning it off and on again"
Reply With Quote
  #4  
Old 04-18-2012, 04:44 PM
iisjman07's Avatar
iisjman07 iisjman07 is offline
 
Join Date: Jul 2009
Location: South End Of The UK
Posts: 3,049
iisjman07 has a spectacular aura aboutiisjman07 has a spectacular aura about
Default

Last time I tried to use the beta is threw up an error message when loading; is it all good now?
__________________
put that in your pipe and grep it
Reply With Quote
  #5  
Old 04-19-2012, 07:43 AM
PC Problems PC Problems is offline
 
Join Date: May 2010
Location: Dudley, UK.
Posts: 64
PC Problems is an unknown quantity at this point
Default

Last time I used it it, it was painfully slow and useless, I returned to Kaspersky Rescure disk which deleted rootkit in 30 seconds flat...
__________________
www.pc-problems.biz

Wouldn't it be great if you could:-

format internet: /q
Reply With Quote
  #6  
Old 04-23-2012, 01:26 PM
ajc196's Avatar
ajc196 ajc196 is offline
 
Join Date: Apr 2010
Posts: 319
ajc196 is an unknown quantity at this point
Default

It's always worked wonders for me. Additionally, they are small enough to cram both iso's (x86 and x64) onto one CD. Or, a USB if that's your thing. SARDU added support for it at some point a while back, and it will even let you update definitions right in SARDU. Just remember to rename the "WDO" in the iso's to "MSSS".

http://www.sarducd.it/downloads.html

http://windows.microsoft.com/en-US/w...fender-offline
Reply With Quote
  #7  
Old 09-27-2012, 02:19 AM
NYJimbo's Avatar
NYJimbo NYJimbo is offline
 
Join Date: Jul 2008
Location: Long Island, you know, like the iced tea.
Posts: 6,122
NYJimbo is just really niceNYJimbo is just really niceNYJimbo is just really niceNYJimbo is just really niceNYJimbo is just really nice
Default

Just wanted to bump this because I am finding WDO to be quite helpful in tracking down stuff others cant. I know most techs know about MSSE but many new techs might not know about this bootable version.

http://windows.microsoft.com/en-US/w...fender-offline
(same link as above post)

Basically it is Microsoft Security Essentials, the look and feel is the same, the only difference is it doesnt install, it boots and runs on its own so you are getting MSSE without needing a bootable O/S on the infected machine. It will try to just run on boot up but you can cancel it and do an update.

Its weird because in the online info they say you should not reuse a WDO ISO because it doesnt have the latest updates, but you can update it so I am not sure if they just want to scare you into downloading the latest and not keep using the same one for months.

You download a tool, it then creates the ISO, DVD or USB. You can also burn the ISO with your own burner software if the WDO built in functions don't work for you. The output from the tool is the actual MSSE/WDO.

I should note that the current version seems to be based on Windows 8 as it has the new logo and colors. But it scans all modern versions of windows (XP, vista,7 and 8).

So far it has found lots of remnants on infected machines and even cleaned up a bad rootkit that nothing else would.

If you do download the MSSSTOOLxx.EXE I would recommend downloading it at least once a month, the EXE itself seems to be updated regularly so if you dont have any online access at a repair site you can get the latest for your tookit the morning before you go out and be very up to date.

Last edited by NYJimbo; 09-27-2012 at 02:23 AM.
Reply With Quote
  #8  
Old 09-27-2012, 04:01 PM
YeOldeStonecat's Avatar
YeOldeStonecat YeOldeStonecat is offline
 
Join Date: Nov 2011
Location: Southeast Connecticut
Posts: 6,857
YeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to allYeOldeStonecat is a name known to all
Default

I will say one thing......Microsofts detection has surprised me quite a few times.

All of us here have our favorite antivirus...and our favorite tools. While most of us won't agree on antivirus, most of us here will agree on cleaning/removal tools.

Some of you may be familiar with seeing Microsofts Malicious Software Removal Tool. It gets updated at some interval. But you could manually launch it....Start==> Run==> "MRT" without the quotes. And it will kick off the tool to run a manual scan. You want to do that after updating it.

Anyways...point I'm getting to, I've seen MRT, as well as MSE....find stuff on infected drives that other top notch products missed. I've scanned drives that were cleaned with Kaspersky and Eset and MalwareBytes and other stuff....and MRT/MSE has found a few legit files leftover.

So yeah...as "one more scan" by yet another product...."why not?" Only gives a more thorough test.
__________________
Resident "Geek on a Harley" doing IT in Southeast Connecticut
http://www.dynamic-alliance.com/
https://www.facebook.com/YeOldeStonecat
Reply With Quote
  #9  
Old 11-02-2012, 02:16 PM
ajc196's Avatar
ajc196 ajc196 is offline
 
Join Date: Apr 2010
Posts: 319
ajc196 is an unknown quantity at this point
Default

If you haven't played with WDO lately, they have now made it Windows 8-based. So it's a bit quicker booting and faster scanning. Still works great with SARDU.
Reply With Quote
  #10  
Old 11-06-2012, 03:18 PM
ShinyTech's Avatar
ShinyTech ShinyTech is offline
 
Join Date: Oct 2012
Location: Ocala, FL
Posts: 147
ShinyTech is an unknown quantity at this point
Default

Never knew that they even offered something like this. Ive used many different winPE and linux based boot programs to do removals but never even thought microsoft would develop something like this. ALready downloaded it and excited to try it out. Does anyone know if you install it to a flash drive if it will wipe the drive?
__________________
ShinyTech
http://855keylime.com
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:33 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.