As of Jan 29, 2012 (possibly earlier), the bootable media created by Microsoft System Sweeper and Windows Defender Offline for 64-bit systems will boot, and immediately show that the definitions are out of date. The built-in "Update" feature will download but not install the updated signatures.
I have tested this on both CD and USB media, on two different 64-bit systems (Win 7 and Win Vista). I'm trying to create a MSS or WDO disc to clean up a third system; the two machines I'm testing on are clean.
I know these tools are free and beta, so I'm getting what I'm paying for. But in the past System Sweeper was the sure-fire solution to clean up a rootkit infection; it worked great.
Can anyone else verify that both these utilities are broken?
Standalone System Sweeper v 1.0.856 64-bit with definitions in mpam-fex64.exe v1.119.905.0.
In mpam-fex64.exe the mpavbase.vdm and mpengine.dll are dated Jan 17, and mpavdlta.vdm is today, Jan 29.
Downloaded from https://connect.microsoft.com/systemsweeper and http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline with both tools resulting in the same failure.
- Jenis yang Diubah Arthur XieMicrosoft contingent staff, Moderator 01 Februari 2012 7:13
yes, i can confirm for both. Even after reinstalling on a clean usb and downloading the full 250 k, when i boot up with the usb it gives me all red and says i must update. multiple tries at updating and it never finishes....says it failed due to an internet error....
April 24 2012, didn't seem fixed to me, I have the same problem where the scan is not available, the update starts dowloading and installing multiple times, and then finally gives an error regarding the internet connection. I created the 32 bit version USB from a clean pc to run on another which is infected.
I've been trying to get a WDO image to boot and scan properly since January. I've gotten each new version, created a bootable USB drive. Always the same result - boots fine, loads the UI, fails due to out-of-date definitions, and update fails due to lack of network connectivity.
This time, I tried a few extra things: tried booting with a wired connection: No love. Tried a Mod'ed WIM image that brings up networking: Nope. Tried it on another x64 machine (WS2K8R2): WOW! It scanned perfectly. After scan, tried Update: same no network issue, but boot & scan is repeatable. This got me to thinking. Now that it's worked once - will it boot on the original machine, perhaps its now marked "updated"...
Back on the original machine...
USB boot dev plugged into same USB port it was created in, boot/scan: FAIL; move to next open USB port: FAIL; next port: WORKS! Scans completely, though Update still doesn't work, the out-of-date bug is worked-around.
Of 4 available USB ports on my laptop, only one works: Port_#0001.Hub_#0004.
In each of the other USB ports (Port_#0002.Hub_#0004, Port_#0003.Hub_#0001, Port_#0004.Hub_#0001 ) the out-of-date definition bug always prevents scan.
Don't know if it'll help anyone else... but worth forwarding the the devs. Its interesting that only a port works...