How to Run a Windows Defender Offline Scan

windows defender offline scan

Windows Defender is Microsoft’s free, built-in antivirus and antimalware utility in Windows. Working in conjunction with the other security features of the operating system, Windows Defender generally does a good job of keeping your Windows 10 PC safe from common viruses and malware.

But no antivirus utility is perfect, and it’s still possible to be infected in Windows 10. The problem is that advanced viruses and malware can now embed themselves into the operating system and disable the very features and precautions that are meant to prevent such an infiltration. In such a situation, an antivirus utility like Windows Defender may not be reliable, or work at all, because the virus or malware has broken or limited its capabilities.

In this case, you generally need to turn to what’s called an “offline” tool. The purpose of an offline antivirus is that it is run outside of your operating system, thus (hopefully) avoiding the viruses and malware that have compromised your system. In some cases, antivirus developers provide special boot disks to conduct an offline virus scan. In this case, you restart your PC and boot to the antivirus disk. Your infected operating system remains dormant while the antivirus application performs its scan. This allows the antivirus to both scan your PC without fear of being infected, as well as properly detect and remove files that may be inaccessible while the operating system is running.

Instead of requiring a special boot disk, however, Microsoft has given Windows Defender its own offline mode that is simple to use in Windows 10 with just a single click. Here’s a quick look at using Windows Defender to perform an offline scan for viruses and malware.

Windows Defender Offline Scan

To get started, log into your Windows 10 PC and launch the Windows Defender Security Center. You can do this by searching for it via the Start Menu or by selecting it from the All Apps list.

Once the Security Center window appears, select Virus & Threat Protection (the Shield icon beneath Home in the list on the left side of the window). This is where you can perform a quick scan and configure your scan settings and definition update preferences. We need one more step, however, so click Run a new advanced scan, located beneath the Quick Scan button.

The Advanced Scans window gives you the option to run a full scan of everything on your PC, a custom scan of only certain locations, or the Windows Defender Offline Scan, which is what we’re looking for.

windows defender offline scan button

Click the radio button to select the offline scan option and then click Scan Now. Windows will warn you that the offline scan requires the user to reboot their PC. Make sure all of your work and open applications are saved and then proceed, being sure to accept any User Access Control prompts.

windows defender offline scan reboot warning

After a few moments, your PC will reboot. Instead of booting to Windows, however, a similar boot screen will instead take you to a special instance of the Windows Defender interface.

windows defender offline boot screen

At this point, Defender is running completely independently of your operating system, giving it full access to any potentially infected files while minimizing the risk of becoming compromised itself. The time the scan takes to complete will vary depending on the size of your drive and the speed of your hardware. Just be sure to let it finish.

windows defender offline scan running

When it’s done, Defender will attempt to remove any infections it found. If it’s successful, it will reboot your PC back to Windows, where you can verify that the issue has indeed been resolved. If Defender was unable to correct the issue you may need to consider the use of offline versions of other tools, or more drastic measures such as reformatting the hard drive.

In any case, just make sure to back up your data, but be careful not to back up any infected files, as that could lead to your clean new Windows installation becoming infected immediately.

Want news and tips from TekRevue delivered directly to your inbox? Sign up for the TekRevue Weekly Digest using the box below. Get tips, reviews, news, and giveaways reserved exclusively for subscribers.