To remove stubborn malware from Windows, you can run the included Windows Defender offline scanner. Here’re the steps on how to do it.
Apart from real-time scanning and protection, Windows Defender has several different scan types. These scan types include full scan, quick scan, and custom scan. As you can guess, all these scan types are very helpful in different kinds of situations.
When you perform a virus scan, no matter the scan type, if a threat is detected, Windows Defender will try to remove it from your system. However, there might be times when Windows Defender is unable to remove the threat. This happens when malware is infecting the Windows system processes or other files. In those cases, you can use the Windows Defender Offline Scanner.
What is Windows Defender Offline Scanner?
The Offline Scanner is another scan type of Windows Defender that is mainly designed to remove stubborn malware. When you launch the Offline Scanner, Windows Defender will reboot your system into a secure recovery environment that is outside the regular Windows environment. Since Windows Defender is no longer running or using the same regular Windows environment, it can not only scan efficiently but also remove any malware from the system files or processes.
Step-by-Step Guide to Run Windows Defender Offline Scanner
As I said before, the Offline Scanner is built into Windows Defender in Windows 10. So, all you have to do is click a button and Windows will take care of the rest. Here’s how.
Note: Below steps are only applicable to Windows 10. If you are using Windows 7 or 8, follow the second method. Also, Windows Defender is now called Windows Security.
1. First, open the Start menu, search for “Windows Security” and click on the result. This action will open the Windows Security app.
2. In the Windows Security app, go to the “Virus & Threat Protection” page appearing on the left panel. Once you are here, click on the “Scan Options” link appearing on the right page.
3. Now, select the “Windows Defender Offline Scan” option and click on the “Scan now” button.
4. As soon as you do that, you will see a warning/information window stating that the PC will sign you out and restart. Once you accept the prompt, Windows will reboot into the recovery environment. From here, Windows Defender will scan and remove any threats.
Steps for Windows 7 and Windows 8
Windows 7 and 8 users have to create the Windows Defender Offline bootable drive. This is because the feature is not integrated into Windows Defender in those versions. Thankfully, the procedure is pretty simple and straightforward.
1. First, go to this page and download Windows Defender Offline. You will find the download links at the bottom of the page.
2. After downloading, install the software like any other application and launch it.
3. Now, insert an empty USB drive, select the “On a USB flash drive that is not password protected” radio option, and click on the “Next” button.
4. This action will create the Offline Scanner bootable drive. Once created, restart the system to boot into the Offline Scanner. While rebooting make sure the USB drive is plugged in.
Note: If you are not able to boot into Windows Defender Offline media, you might have to change the boot priority in BIOS. Check your motherboard manual to learn how.
5. After booting into Windows Defender Offline, follow the prompt, and the security software will scan and remove any threats.
That is all. It is that simple to install and run Windows Defender Offline scanner in Windows 10, 8, and 7. If you are stuck or need some help, comment below and I will try to help as much as possible. If you like this article do check out how to run Windows Defender from the command-line.