Using Windows Defender Offline to Get Rid of Malware

Windows 10 PC gets a hard-to-remove virus, you can use Windows Defender Offline to get rid of it once and for all.

It powerfully scans a PC to remove any malware from a personal computer. It scans the PC from outside the windows which means that any malicious software (malware) that may be running inside the Windows cannot interfere.

A few things are as risky as malware when it comes to PCs. Luckily, PCs running in Windows 10 have at least one application known as Windows Defender that can protect it from malware infection. But at times, malware can outsmart Windows Defender by hiding within Windows when it is running.

To remove such devious and clever malware, you should run Windows Defender in offline mode which is quite easy to do though people do not know this option as it is buried deep in the settings.

When should you use Windows Defender in offline mode?

Run Windows Defender in offline mode if:

  • Windows Defender detects highly resistant malware on your PC such as rootkits and alerts you to scan the computer using Windows Defender Offline. You will receive an alert message indicating that malware was found on your device.
  • You suspect that there is malware hiding in your PC, but the installed security software does not detect anything.

How to use it on Windows 10

Windows Defender Offline will start automatically performing a full scan of any virus.

If you are using Windows 10, you can simply do this in a few clicks.

However, this option is not available on the Windows Defender application on the desktop but can be found in the settings.


  • In the Cortana search box, type settings and click on the settings app which is the first search result.
  • Click on the update and security app, then in the navigation window, click the Windows Defender item.
  • Scroll down the page until you see Windows Defender Offline section and click the scan offline button to start the scan.
  • Once, you click the button, your computer reboots automatically, and it is scanned for any malware. Since the PC restarts automatically, you should save all your work and close any open applications.

The scan process takes about 15 minutes, and if there is any malware, you are asked to remove it within the Windows-Defender Offline interface. In case no malware is found, the computer boots back automatically.

It not only works with Windows 10, but you can also use it on previous versions of Windows.

How to use it on Windows 7 and 8.1

For previous Windows versions, you should download and install Windows-Defender Offline since it doesn’t come pre-installed. Make a bootable CD, DVD or USB drive, and boot Windows-Defender Offline on your computer.

This works similarly on Windows 10 only that you need to create a bootable media then boot it yourself.

What you will need

  • An external media that can be used on the infected computer such as a USB, CD or DVD with a capacity of at least 1GB. You can also create an ISO image.
  • A clean computer as malware in the background will interfere with the process.


  • Using a clean computer, go to the official download page of Windows-Defender Offline and either download the 32 or 64-bit version. This depends on whether your computer is running a 32 or a 64-bit windows version.
  • After the download is complete, double click the mssstool64.exe or mssstool32.exe to run the file.
  • When Windows-Defender Offline Tool wizard opens, click Next to continue.
  • Read and accept the license agreement, select the bootable media you want to create then click next.
  • If you have more than one USB device connected to the personal computer, you will be prompted to select the drive you want to use.
  • Confirm by clicking next.
  • At this point, the wizard reformats the USB flash drive, the necessary files are downloaded, and the wizard creates Windows Defender Offline bootable media.
  • Click finish to close the wizard

Now connect the USB device to the infected computer and restart it. Windows Defender Offline performs a full scan of malware automatically just like it would when running on Windows 10.

After the scan, close the program and remove the USB device. The computer will reboot automatically.

Though you may download Windows-Defender Offline at any time, do it when you are cleaning an infected computer to ensure that you have the latest update.

One thought on “Using Windows Defender Offline to Get Rid of Malware

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.