Windows Defender Offline – How To Run and Scan in Windows 10

Posted: June 28, 2017 in Windows 10
Tags: , ,

Summary:  ‘How To’ select and run Windows Defender Offline in Windows 10

Comments:

  • Windows Defender Offline(WDO) is an antimalware scanning tool
  • WDO provides the ability to boot and scan the device in a trusted environment
  • WDO’s scan runs outside the normal Windows kernel and operating system
  • Scanning in a trusted environment outside the Windows kernel allows WDO to scan for and target malware that attempts to bypass the Windows shell(e.g. viruses and malware that can infect or overwrite the boot record data)
  • WDO can be run on devices using MBR(Master Boot Record) or GPT(GUID Partition Table)
  • The ‘How To’ section in this article is based on the current Windows 10 1703 version(Creators Update)
  • When WDO’s is instructed to run(required, it does not run on its own) it(and Windows) will restart the device, boot the device, pass control to WDO instead of the Windows kernel and operating system, and then perform the scan
  • WDO’s Offline scan should take less than 15 minutes when no infections are found and/or corrected
  • WDO may remove or quarantine items during its scan
    • Items removed or quarantined by WDO will be listed/shown in Windows 10 in Windows Defender’s Scan History section (located in the Windows Defender Security Center/Virus and Threat Protection/)
  • Note: To run WDO ensure Windows 10 is logged on with an Administrator account

How To:

  • Click the Windows Start Button and scroll down the alphabetical app listing and select Windows Defender Security Center
    • Optionally one can right click on the Windows Defender icon in the Task Bar Notification area and select open
  • Click on ‘Virus and Threat Protection’

WDO_01

  • Click on ‘Advanced Scan’

WDO_02

  • Select the ‘Windows Defender Offline scan’ option, then click ‘Scan Now’

WDO_03

  • Acknowledge the prompt to ‘Save your work’ do so if necessary, then click ‘Scan’

WDO_04

  • Once ‘Scan’ is clicked,  Windows 10 Creators Update Version 1703 will prompt with a User Account Control(UAC) notice dialog box requesting the user to allow changes to the computer.  Click ‘Yes’ to this required prompt to proceed with the restart process and allowing WDO to run and scan the device in the necessary offline mode.
  • WDO will scan (see screenshot below) then automatically restart the device

WDO_05

Additional Information:

 

Revisions:

June 26, 2017: Initial Draft Date

June 27, 2017: Final Draft Date

June 28, 2017: Initial Publish Date

Comments are closed.