Microsoft Defender (previously known as Windows Defender) can be used in offline mode to remove malware from your computer. You will find below the steps to Remove Malware using Microsoft Defender Offline Scan.
Microsoft Defender Offline Scan
Apart from Quick, Full and Custom Scans, Windows Security also provides the option to use Microsoft Defender in offline mode to remove malware from your computer.
The offline scan is specifically designed to remove hard-to-detect and persistent types of viruses or malware from a Windows computer.
Certain malware types like NTRootkit, Fame, Machiavelli and other types of Rootkit viruses have the ability to bypass the Windows Shell and avoid being detected during regular Malware Scans.
When Microsoft Defender is used Offline, it scans your computer from outside the Windows Kernel, which allows it to target Rootkit and other viruses, trying to infect or overwrite the master boot record.
Remove Malware Using Microsoft Defender Offline Scan
Follow the steps below to remove malware from your computer using Microsoft Defender in offline mode.
1. Go to Settings > Update & security > Windows Security > Virus & Threat Protection.
2. On the next screen, click on Scan Options.
3. Scroll down in the right-pane, select Microsoft Defender Offline scan option and click on Scan now.
4. On the popup, click on the Scan option to start the Offline Scan.
Once you click on the Scan button, your computer will restart and boot in special offline scan mode.
When the Offline Scan is completed (10 to 15 minutes), your computer will restart again. This time Windows 10 operating system will be loaded and you will see the regular Windows Login Screen.
Examine Offline Scan Results
Once your computer restarts, you can take a look at what was removed during Microsoft Defender Offline scan by clicking on Protection History link located below the scan summary.
On the next screen, you will see a listing of malware detected or removed during the Malware Scan on your computer.