How to Remove Malware with Windows Defender Offline | Step by Step Guide

Share on:

Microsoft has added more value in their security system. Do you know what is windows defender offline scan? We all are concerned of Microsoft’s windows defender antivirus as it has been providing service from older versions of windows. But this time, Microsoft came with a different type of antivirus service named windows defender offline scan. In this article, I will show you how you can remove malware with windows defender Offline Scan. Let’s focus on the topic.

How to Remove Malware with Windows Defender Offline

Is an ‘Offline’ Scan More Useful Than a Windows Defender Normal Scan?

In windows defender antivirus, we can start a quick or full scan to remove malware from our computer. So, why we need an offline scan? When you are performing an offline scan on your damaged or infected computer, then windows defender scans your computer outside windows OS. In other words, when an offline scan is running, then windows OS stops working and windows defender scans the whole computer to find and remove the malware. It’s not something big, So why we will perform an Offline scan?
See, when an offline scan is running, the OS stops working. When the OS is running, then many malware may be running in backgrounds. But when windows defender offline media make OS stop working, then the malware cannot run in the background. Then it seems easy for windows defender to detect and remove that malware.

When a normal quick or full scan is running, windows defender cannot detect much malware as the OS is running. But during an offline scan, windows defender can detect that malware easily. Many malware cannot be detected while OS is running. That’s why an offline scan is more useful than a normal scan as in offline scan, windows defender scans the system outside from the OS.
In the versions of the latest Windows 10 updates, windows defender itself shows it cannot detect some malware in your computer and recommends you to use windows defender offline scan. In the earlier versions of windows, as there is no by default offline scan tool, you won’t be notified to use an offline scan. So, when you are facing problems though you are scanning with windows defender regularly and if you think there are hidden malware in your computer, then you should use an offline scan.

How to Remove Malware with Windows Defender Offline

Microsoft has added a by default option to scan with windows defender offline from their Anniversary update. You can also use this windows defender offline technique in their previous versions, you just have to create the windows defender offline media manually. I will show you two methods how you can use windows defender offline scan to remove malware. Method-1 will work in all versions of windows and the second method will only work in windows 10 Anniversary update and next updates.

Method-1: For Windows 10, 8.1 or 7

There is no by default option in windows 7, 8.1 or in even many windows 10 versions for the windows defender offline scan. So it’s better to create a windows defender offline media in a bootable drive and then use it in the infected computer. Now I am gonna show you how you can create a bootable drive and boot the windows defender online tool on your desired computer.


MS Warinig of Windows Defender
MS Warning

The computer you are using to make the bootable drive containing the Windows Defender Offline tool should be totally secure and virus free. Microsoft warns if the computer you are using to make the bootable drive is infected with viruses, the process of creating a bootable drive with windows defender offline can be hampered and you will be harmed.
So, if you are not sure of your computer’s secured environment, then use another secured and virus protected computer to create the bootable device otherwise offline scanning process may not work properly.


  1. At first, you have to download the Windows Defender Offline tool. Go to this Link and you will find two options, 32-bit version, and 64-bit version.
Software Version

At first check your computer’s system type→

  • In Windows 10, press (windows+I) button and Then go to System→ About. Then you will find an option named System type. Check it and you can see whether you are 32-bit or 64-bit version user.
  • In Windows 8, search System in your search bar and click on the result. Check System type and you can see whether you are 32-bit or 64-bit version.
  • In Windows 7, click Start icon from the lower left corner and right click on the computer option, choose properties.
  • Check System type and you can see whether you are 32-bit or 64-bit version user.

    Operating System

    After knowing your system type, download the Windows Defender Offline tool likewise.


    Windows Defender Offline

    After the download completed, click on the downloaded exe file and then you can see a window like below introducing you with windows defender Offline tool. Click next.

    Now you can see a window having three options for you.

    1. On a blank CD or DVD: You can install the Windows defender offline tool in a blank CD or DVD and then use this CD or DVD for another computer. If you want to create a bootable CD or DVD with Windows defender offline tool, then insert a blank CD or DVD(minimum 250 MB space) into your PC and select this option.
    2. On a USB drive that is not password protected: You can use a USB flash drive to make your bootable drive Windows Defender Offline tool. If you want so, insert a blank 1GB (minimum 250 MB) USB drive into your PC and choose this option. Make sure your USB drive is empty otherwise after the process, the USB drive will be overwritten and you will lose your data.
    3. As an ISO file on a disk: You can burn the downloaded exe file into a disk for further usage. But compared to two other options, this is more complicated and you need a third party burning apps to complete the process. So, I think it will be better if you choose any of other two options. But if you are a computer expert and know these burning things already, then you can continue with this option.

    Select any of these three and click Next.


    After you have created the bootable USB drive or CD or DVD, remove it from your computer and plug it to the computer you want to scan. Restart your computer after plugging the bootable drive.


    When you are restarting your computer, it may automatically start to boot or if it doesn’t, then you have to boot your computer from the created bootable drive to start the offline scan. Depending on your computer’s setting, you may have to press one of these keys in your keyboard, (F1,F2,F10,F11,ESC) to start the boot processor Delete key during the boot process to change your boot order. It varies from computer to computer. Please visit the website of your computer’s service providers to make sure the boot stuffs.


    After completing boot process successfully, you will see windows defender scanning and removing malware from your computer automatically.

    Windows Defender Offline


    After completing scanning process, remove the bootable drive from your computer and close the program. Then the computer will reboot automatically or if don’t, reboot your computer to get back into your running OS.

    Method-2: For Windows 10 Anniversary update and next updates

    This method will work only in windows 10 Anniversary update and next updates. In anniversary update, Microsoft has added a by default option in their OS to scan the computer with the windows defender offline tool. This is simple and almost same as a normal scan with windows defender.
    If this method fails in your computer, then please make sure your windows 10 is updated to  Anniversary update or next updates. If it still fails, then follow method-1 and you should be successful this time. Close all your running apps and files before starting offline scan otherwise, they will be lost.

    1.  Go to Settings → Update & Security  → Windows Defender.
    2. You will find an option ‘Scan Offline’ in the lower part under ‘Windows Defender Offline’. Click on Scan offline.
    3. Now you will see windows defender starts to scan your computer and if any malware or virus threats found, then you will be notified to remove it. The full scanning process can take up to fifteen minutes. When your scanning process gets done, your computer will automatically reboot and you will be taken to your running OS as well.
    4. If you want to see the Offline Scan results, then go to→Settings → Update & Security  → Windows Defender.Then go to→History→ All Detected Items→ View Details

    Here you can see your all scan results and items detected by offline scan are marked offline in ‘detection method’ in the right menu bar.


    If you have gone through my whole article, then you should get Offline Scan with Windows defender clearly. Follow any of those two methods depending on your windows version and start scanning offline with windows defender. If any method fails, then restart the process and make sure you are not missing anything. I prefer you to follow method 1 though it’s somehow lengthy process than method 2, once you make a bootable drive with method 1, you can use it for other computers with all versions of windows after windows 7. Go find your convenient method and get things done properly.

    About The Author

    Leave a Comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.