WOD

#1
I downloaded Online Defender. Want to follow the prompts. My question is if I switch to disk drive to download will this erase my hard drive? I have backed up my computer on a disk but I do not have the installation disk for the computer.
 

Terry60

Knows where his towel is.
Staff member
#2
WOD ?
Are you talking about Windows Defender ?
If so, forget it and get MSE instead. It includes the Defender code and is also an excellent free anti-malware shield.
 
#3
Yes and OK Thanks

Addendum:

So I did that and it told me to do the Windows Online Defender in the CD/DVD drive. Didn't realize the MSE was Microsoft Security Essentials. I have that on the computer already and after a scan it took me to the web page to download the WOD. Was concerned about switching to CD/DVD drive. After that process is done I switch back to HDD Boot?
 
Last edited:

Terry60

Knows where his towel is.
Staff member
#4
Can you paste the link it tells you to download from, because I've never heard Windows Defender called "W..Online D..." and I'm concerned that you're being directed to a bogus site.
 

JustinW

Super Moderator
Staff member
#6
I'ver never heard of Online Defender, Windows Defender yes. Microsoft Security Essentials doesn't come pre-installed on systems and if you're on Vista Windows Defender is pre-installed. MSE doesn't direct to a web page either to download another tool. You may have a scareware appearing to be MSE/Windows Defender. Go to the MSE page on Microsoft's website to download MSE and do a full scan:
Microsoft Security Essentials - Free Antivirus for Windows
 

Terry60

Knows where his towel is.
Staff member
#7
It's OK Justin.
IE9 confirms it as a genuine Microsoft site and that it is automatically invoked by MSE.
It must indicate that MSE can detect malware that it is unable to remove while the system is running, so it uses this bootable OFFline Beta to decontaminate the OS from outside.
Debby, carry on following the instructions.
Don't worry. It's just creating a bootable CD which you will then use to scan and disinfect your OS while it's not running.
Afterwards, when you remove the CD, Windows will continue to boot as usual, but hopefully minus some nasty infection or other.
 
#8
I tried to install and was prompte that it was already installed. I don't see where to uninstall. I went to uninstall programs and do not see it listed there. I am installing MSE on another computer to see if it looks the same. SpeedmaxPC installed on the computer. I have a Gateway with windows 7 installed. I aquired this computer so not sure how or where the programs came from that are installed. The computer seems to function well. A did have an issue with rebooting but the Speedmax seemed to resolve that when I run a scan. ??? What do I do about a scareware? Never heard of it. I will read about it, any suggestions?
 

Terry60

Knows where his towel is.
Staff member
#9
Don't worry about scareware. That's stuff that tells you you're infected and to fix it by downloading a fake anti-virus program, which is the real virus and will probably try to empty your bank account.
This site is genuine Microsoft.
Just follow the instructions on the link you posted to create a bootable CD or flash-drive, then boot from the device you created and let it scan your W7.
You don't need to install anything on your W7. You already have MSE. You don't need to install it again.
It was MSE that told you to create this bootable cd/flash-drive because (presumably) it thinks it has detected malware that it cannot remove from inside W7, so it needs to remove it using this offline tool.
 
#11
I was able to successfully do the scan...that is the good news. It did remove the Trojan, but found a worm win/32, it experienced an error will trying to remove it. So left it undone, now windows won't boot. It trys and then just shuts down. I don't have the repair disks, as I said this is a computer I was blessed with. Yikes.
 

Terry60

Knows where his towel is.
Staff member
#12
Have you tried the Offline defender again, or just the once ?
 
#15
I ran the scan again this morning and got the same results. While reading the details on start start up restore, I got this message. Problem Signature 01 & 02: 6.1.7600.16385; Problem Signature 03: unknown; PS: 04 21200791: PS 05: Auto Failure; PS 06: 7; PS 07: Corrupt Volume; OS Version 6.1.7600.2.0.0.256.1; Leagal ID: 1033...Does that tell you anything? Also in the Bios Settings under Boot Divice this is a message in discription column. "Adivice in the [HDD:tongueout:O-ST3750528AS] has been disabled in the corresponding type memu." Would that have been something I did or a problem?
 

Terry60

Knows where his towel is.
Staff member
#16
According to the MS bulletin about the Win32 worm, you can phone them (In US or Canada) for free help with removing this infection.
1-866-PCSAFETY
Let them know that the Offline Defender didn't work.
(btw You did download and create this tool on an uninfected PC didn't you ? -- The nature of the conficker worm is that it spreads itself from any infected PC to all network connected computers and all USB devices ever inserted into an infected PC. If you created the tool on your infected PC, it may have inserted itself into the offline tool too.)
 

Terry60

Knows where his towel is.
Staff member
#18
One of the things Conficker does is disable Safe Mode.
Make the tool again on a clean PC of a friend.
Don't take any USB flash drive from your PC, it might carry the infection to the other PC.
Preferably burn the tool to a brand new CD-R and bring it back to scan your PC again.
If that doesn't clean the worm out, contact MS on that number.
 

Terry60

Knows where his towel is.
Staff member
#20
Did you change your BIOS to put CD before HDD in the boot sequence ?