As of Jan 29, 2012 (possibly earlier), the bootable media created by Microsoft System Sweeper and Windows Defender Offline for 64-bit systems will boot, and immediately show that the definitions are out of date. The built-in "Update" feature will download but not install the updated signatures.
I have tested this on both CD and USB media, on two different 64-bit systems (Win 7 and Win Vista). I'm trying to create a MSS or WDO disc to clean up a third system; the two machines I'm testing on are clean.
I know these tools are free and beta, so I'm getting what I'm paying for. But in the past System Sweeper was the sure-fire solution to clean up a rootkit infection; it worked great.
Can anyone else verify that both these utilities are broken?
Standalone System Sweeper v 1.0.856 64-bit with definitions in mpam-fex64.exe v1.119.905.0.
In mpam-fex64.exe the mpavbase.vdm and mpengine.dll are dated Jan 17, and mpavdlta.vdm is today, Jan 29.
Downloaded from https://connect.microsoft.com/systemsweeper and http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline with both tools resulting in the same failure.
- Changed type Arthur XieMicrosoft contingent staff, Moderator Wednesday, February 01, 2012 7:13 AM
yes, i can confirm for both. Even after reinstalling on a clean usb and downloading the full 250 k, when i boot up with the usb it gives me all red and says i must update. multiple tries at updating and it never finishes....says it failed due to an internet error....
Same problem here as well. I also found this problem affects older DART images that I have built that worked just fine before. This leads me to believe that the problem is rooted in the definition package installer itself. Something wacky going on there...
April 24 2012, didn't seem fixed to me, I have the same problem where the scan is not available, the update starts dowloading and installing multiple times, and then finally gives an error regarding the internet connection. I created the 32 bit version USB from a clean pc to run on another which is infected.
I've been trying to get a WDO image to boot and scan properly since January. I've gotten each new version, created a bootable USB drive. Always the same result - boots fine, loads the UI, fails due to out-of-date definitions, and update fails due to lack of network connectivity.
This time, I tried a few extra things: tried booting with a wired connection: No love. Tried a Mod'ed WIM image that brings up networking: Nope. Tried it on another x64 machine (WS2K8R2): WOW! It scanned perfectly. After scan, tried Update: same no network issue, but boot & scan is repeatable. This got me to thinking. Now that it's worked once - will it boot on the original machine, perhaps its now marked "updated"...
Back on the original machine...
USB boot dev plugged into same USB port it was created in, boot/scan: FAIL; move to next open USB port: FAIL; next port: WORKS! Scans completely, though Update still doesn't work, the out-of-date bug is worked-around.
Of 4 available USB ports on my laptop, only one works: Port_#0001.Hub_#0004.
In each of the other USB ports (Port_#0002.Hub_#0004, Port_#0003.Hub_#0001, Port_#0004.Hub_#0001 ) the out-of-date definition bug always prevents scan.
Don't know if it'll help anyone else... but worth forwarding the the devs. Its interesting that only a port works...