Windows Defender Offline

Microsoft recently released Windows Defender Offline (WDO), which is a standalone CD/USB bootable rootkit/malware scanner program. If you have a computer that will not start up properly because of malware, try WDO.

WDO is essentially the new name for the Microsoft’s Standalone System Sweeper (MSSS).

There are separate versions of WDO for scanning 32-bit and 64-bit systems. From a “good” computer, download the appropriate version of WDO and run the executable. It will prompt you to install it on a CD, create an ISO image, or create a bootable USB stick. You can then use the CD/USB on the infected computer.

WDO can be used to scan Windows XP (SP3), Vista, and Windows 7 systems.

My recommendation for I.T. technicians is to grab two USB sticks, and install the 32 bit version on one, and the 64 bit version on the other, and keep them in your toolkit.

One nice thing with WDO is that if the infected computer does have internet access, when you boot up WDO, it will go out and look for updated definition files.

Finally, you may find Microsoft Resources and Guidance for Removal of Malware and Viruses helpful.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.