有时您的计算机和设备可能会被传统防病毒软件难以清除的恶意软件感染。在其他情况下,恶意软件会阻止任何防病毒软件的安装,您无法手动将其删除。在这种微妙的情况下,您需要在安全的恢复环境中启动防病毒软件,使其在操作系统加载之前运行。这是清除此类恶意软件的唯一方法。针对这种情况,微软(Microsoft)创建了自己的Microsoft Defender Offline防病毒工具,并且做得非常出色。以下是如何进行Windows Defender Offline扫描并从运行(Windows Defender Offline)Windows 10或 Windows 7的计算机和设备中删除病毒:
在继续之前:
本指南涵盖以下情况:
- 你使用Windows 10,可以登录使用,但怀疑它可能感染了恶意软件。因此,您希望执行深入扫描以确认您的怀疑并在发现恶意软件时删除该恶意软件。如果这是您的情况,请按照本指南下一部分中的说明进行操作。
- 您使用 Windows 10,但由于恶意软件感染而无法登录。在这种情况下,请跳到本教程的最后一部分。
- 您使用 Windows 7,并且想要运行Windows Defender 脱机(Windows Defender Offline)扫描恶意软件并清除发现的任何威胁。在这种情况下,请跳到本文的最后一部分。
在所有情况下,您都需要有效的 Internet 连接并使用具有管理员权限的用户帐户登录(administrator permissions)Windows。
如何在Windows 10中进行(Windows 10)Windows Defender 脱机(Windows Defender Offline)扫描
如果你使用的是带有2020 年 5 月更新(May 2020 Update)或更新版本的 Windows 10,Windows Defender 防病毒软件(Windows Defender Antivirus)已更名。它现在具有Microsoft Defender Antivirus的名称,您可以从Windows 安全(Windows Security)应用程序访问它。如果您不知道如何使用它,请查看本指南(check this guide),或者,如果您赶时间,只需转到“开始”菜单(Start Menu),然后单击或点击Windows 安全(Windows Security)快捷方式。
Windows 安全应用程序(Windows Security app)看起来就像下面的屏幕截图。
在Windows 安全(Windows Security)应用程序中,选择左侧的“病毒和威胁防护” ,然后单击或点击“("Virus & threat protection")当前威胁(Current threats)”部分中的“扫描选项(Scan options)”链接。
然后您会看到Microsoft Defender Antivirus提供的所有扫描选项的列表。选择“Microsoft Defender 脱机扫描”("Microsoft Defender Offline scan"),然后按“立即(Scan now)扫描”按钮。
然后,系统会要求您保存您的工作,因为Microsoft Defender 防病毒软件(Microsoft Defender Antivirus)需要重新启动您的Windows 10 PC。如果您有任何打开的文档和应用程序,请先保存并关闭它们。然后,单击或点击扫描(Scan)以继续。
之后,您可能会看到一个UAC 提示(UAC prompt),要求您进行确认。按是(Yes)继续。
接下来,您会收到“您即将退出登录”("You're about to be signed out")的通知,并且您的 PC “将在不到一分钟的时间内关闭”。("will shut down in less than a minute.") 关闭(Close)通知并等待您的 PC 或设备重新启动。
然后,Windows 10 在恢复环境中启动并启动Microsoft Defender Offline。Windows Defender 脱机扫描(Windows Defender Offline scan)过程可能需要几分钟,因此请耐心等待。
Microsoft Defender Offline会自动扫描您的计算机,如果发现恶意软件,系统会询问您要执行的操作。
如果没有发现任何问题,您的 PC 或设备会像往常一样重新启动并再次加载 Windows 10。
如何使用Microsoft Defender 防病毒软件在(Microsoft Defender Antivirus)Windows 7或 Windows 10 中运行Windows Defender 脱机(Windows Defender Offline)扫描(未启动时)
您要做的第一件事是为您的 PC 下载正确的Microsoft Defender 离线(Microsoft Defender Offline)版本。转到此网页:使用 Microsoft Defender Offline 帮助保护我的 PC(Help protect my PC with Microsoft Defender Offline)。滚动到底部并下载 32 位或 64 位版本的Microsoft Defender Offline,具体取决于您拥有的Windows类型。(Windows)如果您不知道您拥有的是哪个版本,请阅读本教程:我安装了哪个版本的 Windows?(5种方法)(What version of Windows do I have installed? (5 methods))。
您也可以使用这些直接下载链接,但我们不能保证Microsoft永远不会更改它们:
您下载一个名为mssstool32.exe或mssstool64.exe的文件。
下一步是将Microsoft Defender Offline刻录到 CD 或DVD,将其复制到USB闪存驱动器,或将其保存为可在感染了恶意软件的 PC 上使用的ISO光盘映像。(ISO)请记住,您应该有大约 250-300 MB 的可用存储空间。请注意,尽管Microsoft重新命名了此工具并现在将其称为Microsoft Defender Offline,但您使用此方法获得的工具仍使用旧的Windows Defender Offline名称。
运行mssstool32.exe或mssstool64.exe ,在看到UAC提示时按Yes,然后使用向导在要使用的媒体上安装Windows Defender Offline 。向导首先会通知您所需的东西:250 MB 的存储空间和一张空白 CD、DVD或 USB 闪存驱动器。阅读显示的信息,然后单击下一步(Next)。
阅读Windows Defender Offline(Windows Defender Offline)的许可条款,然后按“我接受”。("I accept.")
系统会要求您选择Windows Defender Offline的安装位置:在空白 CD 或DVD、USB闪存驱动器上,或将其保存为磁盘上的ISO文件。您接下来执行的步骤对于所有这些选项都是相似的。
由于闪存驱动器现在很流行,我们选择了“在不受密码保护的 USB 闪存驱动器上”。(On a USB flash drive that is not password protected.")
如果您插入了多个闪存驱动器,请选择您要使用的闪存驱动器,然后按Next。然后,您会被告知Windows Defender Offline需要重新格式化闪存驱动器才能继续安装。确保您没有任何可能仍需要的数据,然后按下一步(Next)继续。
Windows Defender Offline会下载它需要的所有文件、格式化USB闪存驱动器并将其文件复制到其中。这个过程需要一段时间,它会下载大约 250 MB 的文件。
该过程完成后,按Finish,您可以开始使用Windows Defender Offline对其他计算机和设备进行消毒。
现在是使用Windows Defender Offline的时候了。将USB记忆棒或CD/DVD插入受感染的计算机,并将其配置为从驱动器/光盘启动。在启动过程中,会加载一个 mini-Windows 内核,进而加载Windows Defender Offline。
这个过程需要一段时间,所以请耐心等待。加载后,Windows Defender Offline会自动开始扫描您的设备。如果发现恶意软件,您可以在扫描结束时将其删除。
您应该记住的一件事是,Windows Defender Offline使用在您将其安装到光盘 ( CD/DVD )、闪存驱动器或ISO映像时可用的恶意软件定义。如果您在几天后使用它,它的定义就会过时,并且可能没有太大帮助。这就是为什么您应该取消其自动扫描并在再次扫描系统之前对其进行更新。另一种解决方案是在另一个磁盘或驱动器上再次安装它,以便您拥有最新的恶意软件定义。
您是否使用(Did)Microsoft Defender Offline清除了 Windows PC 中的病毒?
我们曾多次使用Microsoft Defender Offline对存在严重恶意软件问题的系统进行消毒,并且效果很好。该工具易于使用并且大多数用户都熟悉,因此您应该没有任何问题。如果您也使用过它,请告诉我们更多关于您的体验。它是否设法从您的Windows计算机和设备中识别和删除病毒?你(Were)满意吗?在下面发表评论(Comment),让我们分享我们的故事。
How to make a Windows Defender Offline scan
Thеre are times when your computers аnd devices may be infected by malware that is difficult to remove with traditional antіvirus. On оther occasions, the malware blocks the installation of any antivirus, and you cannot remove it manually. In such delicate situations, уou need to boot аn antivirus in a safe rеcovery environment, tо have it running before the operating ѕystem is loaded. This is the onlу way to disinfect that kind of malwarе. For such situations, Microsoft has created its own Microsoft Defender Offline antivirus tool, and it does an excellent job. Here is how to make a Windows Defender Offline scan and remove viruses from computers and devices running Windows 10 or Windows 7:
Before moving forward:
This guide covers the following situations:
- You use Windows 10, you can log in and use it, but you suspect that it may be infected with malware. Therefore you want to perform an in-depth scan to confirm your suspicions and remove the malware if found. If this is your situation, follow the instructions in the next section of this guide.
- You use Windows 10, but you cannot log in because of a malware infection. In this situation, skip to the last section of this tutorial.
- You use Windows 7, and you want to run a Windows Defender Offline scan for malware and clean any threats that are found. In this case, skip to the last section of this article.
In all situations, you need a working internet connection and to log in to Windows with a user account that has administrator permissions.
How to make a Windows Defender Offline scan in Windows 10
If you're using Windows 10 with May 2020 Update or newer, the Windows Defender Antivirus was rebranded. It now bears the name of Microsoft Defender Antivirus, and you can access it from the Windows Security app. If you don't know how to get to it, check this guide, or, if you're in a hurry, just go to your Start Menu and click or tap on the Windows Security shortcut.
The Windows Security app looks just like the screenshot below.
In the Windows Security app, select "Virus & threat protection" on the left, and then click or tap on the Scan options link from the Current threats section.
Then you get to see a list of all the scanning options offered by Microsoft Defender Antivirus. Select "Microsoft Defender Offline scan" and press the Scan now button.
You are then asked to save your work because the Microsoft Defender Antivirus needs to restart your Windows 10 PC. If you have any open documents and apps, save and close them first. Then, click or tap Scan to continue.
After that, you may see a UAC prompt asking for your confirmation. Press Yes to continue.
Next, you get a notification that "You're about to be signed out" and that your PC "will shut down in less than a minute." Close the notification and wait for your PC or device to restart.
Then, Windows 10 boots in a recovery environment and starts Microsoft Defender Offline. The Windows Defender Offline scan process may take a few minutes, so be patient.
Microsoft Defender Offline automatically scans your computer and, if malware is found, you are asked about the action that you want to take.
If nothing bad is found, your PC or device restarts and loads Windows 10 again, like it usually does.
How to use Microsoft Defender Antivirus to run a Windows Defender Offline scan in Windows 7 or Windows 10 (when it's not booting)
The first thing you have to do is download the correct Microsoft Defender Offline version for your PC. Go to this web page: Help protect my PC with Microsoft Defender Offline. Scroll to the bottom and download the 32-bit or the 64-bit version of Microsoft Defender Offline, depending on the type of Windows that you have. If you don't know which is the one you have, read this tutorial: What version of Windows do I have installed? (5 methods).
You can also use these direct download links, but we cannot guarantee that Microsoft will never change them:
You download a file named mssstool32.exe or mssstool64.exe.
The next step is to burn Microsoft Defender Offline to a CD or DVD, copy it to a USB flash drive, or save it as an ISO disc image that can be used on the PC infected with malware. Keep in mind that you should have about 250-300 MB of storage space available. Note that, although Microsoft rebranded this tool and now calls it Microsoft Defender Offline, the tool that you get using this method still uses the old Windows Defender Offline name.
Run mssstool32.exe or mssstool64.exe, press Yes when you see a UAC prompt, and use the wizard to install Windows Defender Offline on the media you want to use. The wizard starts by informing you about the things you need: 250 MB of storage space and a blank CD, DVD, or a USB flash drive. Read the information displayed, and then click Next.
Read the license terms of the Windows Defender Offline, and press "I accept."
You are asked to select where you want to install Windows Defender Offline: on a blank CD or DVD, a USB flash drive, or save it as an ISO file on the disk. The steps you perform next are similar for all these options.
Since flash drives are popular nowadays, we chose "On a USB flash drive that is not password protected."
If you have more than one flash drive plugged in, select the flash drive you want to use and press Next. Then, you are informed that Windows Defender Offline needs to reformat the flash drive before the installation can continue. Make sure that you don't have any data on it that you might still need, and then press Next to continue.
Windows Defender Offline downloads all the files it needs, formats the USB flash drive, and copies its files to it. This process takes a while, and it downloads around 250 MB of files.
When the process has finished, press Finish, and you can start using Windows Defender Offline to disinfect other computers and devices.
Now it's time to use Windows Defender Offline. Plug your USB memory stick or CD/DVD into the infected computer and configure it to boot from the drive/disc. During the boot procedure, a mini-Windows kernel is loaded, which, in turn, loads Windows Defender Offline.
The process takes a while, so be patient. When loaded, Windows Defender Offline automatically starts to scan your device. If malware is found, you can remove it at the end of the scan.
One thing that you should keep in mind is that Windows Defender Offline uses the malware definitions that were available at the time you installed it on your disc (CD/DVD), flash drive, or ISO image. If you use it a couple of days later, its definitions are dated, and it might not be of much help. That's why you should cancel its automatic scan and update it before scanning the system again. Another solution is to install it again, on another disc or drive so that you have the latest malware definitions available.
Did you clean your Windows PC from viruses with Microsoft Defender Offline?
We used Microsoft Defender Offline on a couple of occasions to disinfect systems that had nasty problems with malware, and it worked great. The tool is easy to use and familiar to most users, so you should not have any issues with it. If you have used it as well, tell us more about your experience. Did it manage to identify and remove viruses from your Windows computers and devices? Were you satisfied? Comment below and let's share our stories.