Windows Defender Offline Beta targets rootkits and other hard-to-kill infections.
Microsoft’s free Windows Defender products are aimed at keeping Windows computers malware-free. Like all security products, it is engaged in a cat and mouse game with malware cooks, who will always be a step or two ahead of the white hat efforts.
The worst types of malware infections, such as rootkits or bootkits (how to remove a bootkit), are difficult for security protects to exterminate because the infection targets the very core of the operation system, capable of intercepting and blocking/altering low level system calls.
These variants are written specifically to thwart efforts to locate and remove them (or even to act as an anti-virus against rival malware), and once booted into the system they can be extremely difficult to get rid of. A long-standing solution for these problems is to attempt removal before the operating system boots.
Some popular security products, such as Avast! Free AntiVirus, have boot-time scan abilities built in, but in order to set a boot-time scan, you actually have to be able to run the Avast utility and enable it. Even if you do enable it, malware can simply change the BootExecute, or any other registry key to prevent such scans being loaded on boot.
