X

Microsoft's new Windows Defender tool runs outside Windows

Available as a public beta, a new version of Windows Defender is designed to run off a CD or USB stick to scan your PC for malware before Windows loads.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
3 min read
Microsoft's new offline version of Windows Defender can scan for malware outside Windows.
Microsoft's new offline version of Windows Defender can scan for malware outside Windows. Screenshot by Lance Whitney/CNET

Microsoft is launching a new version of its Windows Defender antivirus tool that will run before Windows even boots up.

Making its debut as a publicly available beta, the new Windows Defender is designed to run directly off a CD, DVD, or USB flash drive to scan your PC outside of Windows. As such, its aim is to detect rootkit viruses and other malware that can infect your computer during the boot process.

You first need to install the software on a recordable disc or USB stick. You can then use that disc or device to boot up any PC and scan for malware.

To set up Windows Defender beta, simply download it from Microsoft's Web site. You're given a choice of the 32-bit or the 64-bit version depending on which version is supported by the PC you want to scan. Most PCs today use a 64-bit processor, so that version should work on any relatively recent computer.

Double-click on the downloaded file (mssstool32.exe for the 32-bit version and mssstool64.exe for the 64-bit version). The Windows Defender Offline Tool will launch and prompt you to have a CD, DVD, or USB drive on which the necessary startup and antivirus files can be installed. The files take up less than 300 megabytes of space, so a CD or USB stick will do the trick. Make sure there are no important files on the USB device as it will be reformatted during the process.

Click Next, and the tool will ask if you want to install the software on a CD/DVD or USB flash drive. A third option offers you the ability to save the software as an ISO file, which you can then burn onto a CD at a later point. Choose one of the options and click Next.

The following screen will look for the media that you selected. Click Next again. The latest antivirus definition files are downloaded from the Internet and added to your device.

Once the process is done, you can insert the CD or USB drive into the computer that you need to scan. You'll have to access your PC's startup menu so you can boot off the CD or USB drive rather than your hard drive. Your device will then boot up the PC and launch Windows Defender.

From there, you can choose to run a full scan, a quick scan, or a custom scan. You'll also find other options, such as a History list of items that have been quarantined or detected, and a Settings screen where you can exclude different files and locations from the scan.

You'll periodically need to update your device with the latest virus definition files. You can do that by running the Windows Defender setup again or by plugging an Ethernet cable into your scanned PC after you launch the tool and then selecting the Update option.

Beyond the new offline tool, Microsoft has even bigger plans for Windows Defender. At the company's Build conference in September, Windows President Steven Sinofsky revealed that a new and beefier version of Defender would provide the built-in anti-malware and antivirus for Windows 8.

Special thanks to Paul Thurrott for his column on Windows Defender yesterday, which clued me in on the new beta.