Windows Defender Off-Line
Scanning your system for malware, especially if you suspect a virus or other malware infection, is best done from outside of the potentially infected computer’s operating system. There are a few ways to do this and one is to download The Windows Defender Off-Line Tool from Microsoft. This is a relatively easy thing to do, from downloading the necessary software to creating proper media and scanning the potentially infected system. Start by visiting Microsoft's download page for the Windows Defender Off-Line Tool (preferably from a non-infected machine) and choosing the correct version for the potentially infected computer’s operating system. This simply means choosing either 32-bit or 64-bit to download so please do be sure which is correct for your computer. To determine whether the potentially infected computer is 32 or 64-bit follow these simple directions and see the images below.
If you have a "my computer" icon on your desktop, right-click on that icon and choose properties in the drop-down. If there is no icon, hit the start button and go up to the "my computer" or "computer" choice listed in the start menu then right-click on that and choose properties in the drop-down menu. The images below help illustrate what you will see.
Please Note: Windows XP will NO LONGER BE SUPPORTED by Microsoft - Q1 2014.
Once you have determined which is the correct version for you click on the corresponding download button and save the file on your desktop or a location on your hard drive which you will remember so you can then start The Windows Defender Off-Line installer (links provided below). Please be sure to have a CD or DVD or USB flash drive that you can write to with at least 250 MB of available space. Locate the downloaded file and double-click on it to start the installation. The images below will illustrate exactly how to create a Windows Defender Off-Line bootable media for you to use to attempt removing malware (possibly including viruses) from a potentially infected computer.
The USB flash drive option gives you an updatable option because you can reuse it by running the installation later on and it will update the signatures it uses to scan the machine. The ISO is also an excellent option because you can save that and make new images which will update whenever you do so. Although Windows Vista would require third-party ISO burning software, Windows XP and Windows 7 have that capability built-in. Windows 8.1 users would need to use Windows Defender Off-Line Beta and a link to that is also provided below.
Now that you have the media created, whether it is a CD or a DVD or USB flash drive all you need to do now is configure the infected computer to boot from which ever media you have created. To do this depends on the BIOS configuration of that machine and these do vary by manufacturer and age. When starting the computer, many times hitting the F 12 button on your keyboard will bring up boot options specifically but this is not always true. If you are using a USB flash drive be sure to have it plugged into the machine (preferably in a USB port on the motherboard, usually in the rear) but often times any USB port can work. Entering the BIOS setup (usually the Delete or F2 button) generally does give you boot options by right - arrowing over to that submenu. In that submenu you can typically choose a CD or DVD-ROM drive boot option in many cases also a USB option. Once you have it set to boot to your media save the changes in the BIOS and reboot the computer to start the Windows Defender Off-Line scan of the machine.
Windows Defender Offline Beta (for Windows 8.1)