Windows Defender Offline crashed computer

[MarleneBerk]

Microsoft Security Essentials said I needed to run Windows Defender Offline to remove a trojan. I made the disk and ran it and it said it removed the trojan and to restart the computer. Only problem is it only goes to the Windows Error Recovery Screen. It will not repair or start normally. I tried the advanced start options (safe mode, etc) and it will not work either. I have a Sony Vaio with Windows 7 Professional, 64 Bit. I was told by MS to download a windows disk from
http://msft.digitalrivercontent.net which I did and burned it to a DVD as requested. Put it in the laptop and still get same windows error recovery screen.
Someone please help. I have now been without the computer for 3 days and I am ready to trash it and get a Macbook Air.

 

[Jacee]

Edit ... You can make a system rescue disk http://www.sysresccd.org/SystemRescueCd_Homepage
Just be sure to burn the ISO at a slow speed so as not to corrupt the CD!

If you have MSE Microsoft Security Essentials, then disable Windows Defender in Services. Type services.msc in the start search box, click on the icon, scroll down to Windows Defender, right click > choose properties, then set it to disabled.

Make sure your not using 'proxy' settings:
1) Under “Tools” in the browser tool bar select “Internet Options”.
2) In the “Internet Options” window that pops up, click the “Connections” tab at the top.
3) Click “LAN Settings” near the bottom of the “Connections” section.
4) If the “Proxy server” checkbox is marked with a check, click it to deselect/uncheck it.
5) Click “Ok” to close the “Local Area Network (LAN) Settings” window.
6) Click “Ok” to close the “Internet Options” window.
Reboot
Make sure "Proxy server" is still disabled under your LAN Settings.
Test whether Internet connectivity is restored.

If no crashes occur connecting to the Internet ...
Download DDS from one of these links:

Mirror 1 Mirror 2 Mirror 3

• Disable any script blocking protection
• Double click the dds icon to run the tool.
• When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt <--- will be minimized in the task tray
• Save both reports to your desktop.

Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.
No need for that though ..... just post it's contents as you would any other log.

 

[sreedhav]

Since you have a Sony Vaio, kindly turn off the laptop. Press Assist. Now create the "Recovery Media. You will need 3 DVD-Rs for that. Once you click on the above, it will guide you!
Regards,
sree

 

[MarleneBerk]

Windows Defender offlinecause computer crash

Thanks sreedhav. I did what you said and it asked if I wanted to do a rescue. I clicked yes but it said it would do a custom rescue and the types of file are Music, Pictures, Documents, E-Mail adn address book.

Is this what I want to copy? I selected the files that said Drive O (Partition 2) and begins with Boot.

 

[Jacee]

Marlene, do you remember the name of the Trojan?

What sreedhav is telling you to do is actually "backing up" Music, Pictures, Documents and E-Mail adresses. You most definitely want to do this!

What I'd like to do, is help find the 'Trojan' and clean it off your computer.

 

[sreedhav]

Marlene, do you remember the name of the Trojan?

What sreedhav is telling you to do is actually "backing up" Music, Pictures, Documents and E-Mail adresses. You most definitely want to do this!

What I'd like to do, is help find the 'Trojan' and clean it off your computer.

Dear Marlene,
What Jacee said is right. The first priority is to get rid of the Trojan. Otherwise you are going to import that into the backup. I will pitch in again after Jacee's suggestions are followed. Please do so. If you find any difficulty in following the steps, just post them!

Regards and best wishes,
sree

 

[MarleneBerk]

Windows Defender Offline Crashed Computer

I gave up on all the "fixes". My computer is being wiped clean and everything reinstalled. Apparently, the Trojan, Alureon, hides itself in your system and changes it's identity and will steal your information and send it back to the hackers who invented it. None of the regular security programs can detect it or stop it. It supposedly is embedded in the Browser Security ( I recently installed Google Chrome, but I don't know if it had anything to do with it.). Just beware if you get it. Thanks everyone for your help.

 

[Jacee]

Ahh! Good for you ... Rootkits are not easy to clean and the best method of getting rid of 'em is to wipe and do a clean install. I applaude your action

 

[kevin s]

I had the same problem the tech I spoke to was no help and wouldn't listen to a word I said finally I just had to buy a new computer in my opion that program cost me 600 dollars

 

[Borg 386]

Marlene, have a look at these tutorials. They will assist you down the road should something like this happen again. This forum has excellent tutorials that can aid you in every aspect of PC computing.

Tutorials - Windows 7 Forums

http://www.sevenforums.com/tutorials/1649-clean-install-windows-7-a.html

http://www.sevenforums.com/tutorials/11728-optimize-windows-7-a.html

http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html?filter

This one in particular would be good to look at. A system image can save you a lot of time & problems should something like this occur again:

http://www.sevenforums.com/tutorials/663-backup-complete-computer-create-image-backup.html

I've dealt with Alureon. It writes a hidden boot sector that boots first every time you turn on the PC. So, it's already running by the time you get Windows initialized. Removal is not impossible, but all in all, the best/safest way when you get any rootkit is a clean install.

@ kevin s - Even with a severe rootkit, a disk wipe & a reinstall of the OS would have fixed that. I would do some serious complaining to the the higher ups of the manufacturer of that PC.