Extra Security: Offline Malware Scanners

Category: Security

If you’re smart, you have a real-time internet security tool already installed on your computer. It provides constant protection against viruses and other malware that may sneak into your computer. But no anti-malware program is foolproof; something may slip through its defenses and infect your hard drive. So what can you do if a really nasty virus disables your anti-malware protection, or fouls up your hard drive so Windows won't even start? Here's the answer...

When to Use an Offline Malware Scanner

If a virus is clever enough to disable your anti-virus program, render it ineffective, or foul up your hard drive's boot sector, you'll need something other than a standard anti-malware program to repair the damage. That’s when you need offline protection: a bootable CD or flash drive that bears an effective malware detection and removal program. I highly recommend that you make such an emergency kit and keep it handy. The alternative is to re-install Windows on the hard drive, possibly losing your files in the process.

Microsoft's Windows Defender Offline is a free emergency anti-malware program for Windows 7, 8, and 10 systems. Defender Offline restarts your computer outside of the Windows environment, in order to scan for and remove any malware that might be lurking. Read on for instruction on how to use Defender Offline, and be sure to see the links at the end of this article for other offline malware scanners you may want to try.

On a Windows 10 system, here's how to start Defender Offline. From the Start menu, select Settings, then click Update & Security > Windows Security > Virus & threat protection. Next, select "Scan options" under Current threats. Select the "Windows Defender Offline scan" option and then click the "Scan now" button.

Windows Defender Offline

Your PC will restart, then load Windows Defender Offline. After scanning and removing any malware that was found, your computer will restart Windows. Expect the process to take 10 to 15 minutes.

On a Windows 7 or Windows 8.1 system, the process is a little different. Scroll down the Windows Defender Offline support page and you'll find download links for the 32-bit or 64-bit version of Defender Offline. (If you're not sure which version you need, there's a link on the download page to help you determine if your PC is running the 32-bit or 64-bit version of Windows.)

When you run the installation program, it will prompt you for a blank CD, DVD, or flash drive with at least 250 MB of free space. I highly recommend using a flash drive as your Windows Defender Offline medium. Malware changes daily, and so does the malware signatures data file. A flash drive is re-writable, so Windows Defender Offline will download the latest signatures file if it is installed on a flash drive; not so with write-once optical media.

During installation, the latest database of malware signatures will be downloaded, so you will need an active Internet connection. Windows Defender Offline will be installed on the removable medium along with the signatures and files necessary to boot from the medium. Store the medium in a safe place until you need Windows Defender Offline.

To use Windows Defender Offline, restart your computer using the Windows Defender Offline medium instead of your hard drive. If Defender doesn't load when you restart, you will need to reconfigure your computer’s BIOS to get it to boot from removable media. That involves interrupting the startup process (usually by holding down the F2 or Ctrl key), entering the BIOS setup utility, and changing the order in which boot devices are tried during boot-up. The removable media device (CDROM or USB flash drive) that holds Windows Defender Offline should be checked before the hard drive. When the system boots from the correct device, Windows Defender Offline will load.

You can then run a scan of your hard drive to detect malware. If any is found, you will have the option to try to remove it.

No matter what real-time protection you use, Windows Defender Offline is a good, free backup in case your real-time protection is compromised or you cannot boot Windows because of a malware infection. Other options for offline malware scanning include the Avast Rescue Disk, the Bitdefender Rescue CD, and Kaspersky Rescue Disk. I honestly can't say if one is better than the other, but it's nice to have options. And you can use more than one if you like.

Of course, a hard drive that doesn't boot up successfully doesn't necessarily indicate a virus. If your offline malware scanner doesn't detect any problems, and you're having trouble starting Windows, see my related article Hard Drive Data Recovery Services for other tools you can try to revive a non-booting hard drive.

Do you have an offline malware scanner on a CD or USB drive, in case of a virus emergency? Post your comment or question below...

Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Check out other articles in this category:

Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 13 Dec 2019

For Fun: Buy Bob a Snickers.

Prev Article:
Check Out These Roku Models for Cord Cutters

The Top Twenty
Next Article:
Here's How to Sell Handmade Goods

Most recent comments on "Extra Security: Offline Malware Scanners"

Posted by:

Bob Gilson
13 Dec 2019

You mention using a removable media device (CDROM or USB flash drive). Is there any reason this couldn't be a USB external HDD or SSD? As you say, the CDROM is not as good a choice since it isn't re-writable.
I have more 250GB+ HDDs lying around than the number of 250GB thumb drives:).
Thanks for another great article.

EDITOR'S NOTE: The storage device has to be formatted so it can be used at a boot drive. Not sure if the Defender Offline installer will allow an external drive.

Posted by:

Russell Coover
13 Dec 2019

I do use Windows Defender as my AV application of choice, but run ESET Online AV Scan once a month, prior to Microsoft's 2nd Tuesday of the month Update. I also run it when I suspect that I may have been infected.

Posted by:

Mike Davies
13 Dec 2019

"you will need to reconfigure your computer’s BIOS to get it to boot from removable media". How do I do that if the malware won't let me boot up?

EDITOR'S NOTE: You access the BIOS settings before your computer starts the operating system. Usually by pressing Ctrl, or F2 during the startup. Look for a message that briefly appears during the boot process.

Posted by:

Bill C
13 Dec 2019

HHMM, followed right along under w10 until : "{ Next, select "Scan options" under Current threats. " and got "PC Matic is on". Now what?

Posted by:

13 Dec 2019

"If you’re smart, ..." @MikeDavies >> UEFI (born as BIOS) boot-up occurs at the motherboard level, prior to launch of the Windows OS from a drive (HDD/SSD/flash), which may be infected with that thing Mr. Rankin calls 'malware'.
Each manufacturer of motherboards/PCs may have a different keyboard command to enter the UEFI (BIOS). F1, F2, F10, F12, or DEL keyboard keys are common examples, you need to determine for your system.
Since your Windows OS environment may be set for 'FastStartUp' during boot, pressing the specific Key may not be able to be recognized quick enough.
There is also the F8 key that is part of the Windows OS (not OEM UEFI), which may allow you to select to enter BIOS during boot.
The trick that used to work well for a while was to keep stroking the specific Key rapidly (repetitively) during boot and a bit of kismet.
If/when all of these attempts fail; then, you may need to physically remove the CMOS (RTC) backup battery from the guts of the device having issues. Doings so, while the MAINS power is disconnected and waiting a few minutes before replacing the battery (w/a new 1?) and then re-connecting the power should allow you to automatically boot to UEFI by default during next cold boot.

Posted by:

Gary B
13 Dec 2019

Followed directions to create a USB drive with WDO installed. It downloaded files, processed them, formatted the USB drive and then started copying files. Got error 0007 8000-4005. Tried several times and with different USB drives, same error. Could not find any online help that worked.

Posted by:

David Baker
14 Dec 2019

I use Malwarebytes Free on my Windows 10 desktop. It's caught questionable items in the past. The "Free" price tag fits my budget.

Posted by:

George Reisman
14 Dec 2019

"When you run the installation program, it will prompt you for a blank CD, DVD, or flash drive with at least 250 MB of free space." Another of your great articles, Bob. But did you really mean to write 250 GigaB's rather than 250 MegaB's? After all, in many cases 250GB will be enough to hold a complete installation disk image.

EDITOR'S NOTE: Nope, in this case megabytes is correct.

Posted by:

14 Dec 2019

Defender Offline in Windows 10 doesn't have a full scan option, or I haven't found it. Defender Offline for download won't connect to the Internet for updates, even with an Ethernet connection. This used to work years ago, but not recently.

Posted by:

Bob H
14 Dec 2019

Following the instructions for Windows 10, upon reboot all I get is "Dell Backup and Recovery". No Defender Offline appears. ?????

Posted by:

16 Dec 2019

One of the great articles.Thanks, Bob. You have to accommodate non-techy folks as well - may be sometimes frustrating for you. My query is about the same as last commenter-your name sake, Bob.

I created one Defender Rescue Disk (USB). When I checked, it said the "Folder is empty". Should n't there be some "rescue" file on the USB? Mystery!

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy     RSS/XML

Article information: AskBobRankin -- Extra Security: Offline Malware Scanners (Posted: 13 Dec 2019)
Source: https://askbobrankin.com/extra_security_offline_malware_scanners.html
Copyright © 2005 - Bob Rankin - All Rights Reserved