Set Windows Defender to Scan Core Operating System Files

Learn more at

Windows Defender is the antivirus program that cones built-in to Windows versions 7 and 8. Some people claim it is not an enterprise capable antivirus program, but it does a good job of protecting most users, and it comes bundled with the OS for free.

Windows Defender cannot do a complete job of scanning malware on your PC because in the GUI (Graphical User Interface) mode, some core operating system files are in use. However, you can set Windows Defender to perform an offline scan before it loads these core operating system files. Offline mode also makes it easier to detect highly persistent malware like rootkits.

Set offline scan mode

To run Windows Defender in offline mode, open Windows Defender and click on the gear icon to open its settings screen. On settings screen, near bottom of right panel, under the title "Windows Defender Offline", click on the [Scan Offline] button. Your PC will then restart with no GUI, perform an offline scan, and then boot back into GUI mode.

To see the results of the offline scan, open Windows Defender select the History tab, and click on the [View details] button.

Learn more at

More Windows Administration Information:
• FREE Antivirus Software AVG
• Remove Stubborn Malware Infection With McAfee Labs Stinger
• Computer Technician's Guide to Biometric Security Devices
• Avoid the Indigestion of Cookies
• Botnets - What Are They?
• Four Tips to Safe Web Browsing
• Ransomware and How To Protect Yourself
• BIOS Security
• An Introduction to Forensics Data Acquisition From Android Mobile Devices
• Set Windows Defender to Scan Core Operating System Files