How to Use PowerShell to Scan Windows 10 for Malware | #microsoft | #hacking | #cybersecurity

Microsoft Defender (formerly Windows Defender) is an efficient, cost-effective antivirus that comes preinstalled on Windows 10 devices. It also provides users with advanced web and real-time protection against harmful viruses, trojans, and other malware.

As a native Microsoft application, you can manage Microsoft Defender through Windows PowerShell.

You can easily update Microsoft Defender, run system scans, check the current antivirus status, and even schedule scans, all through a few commands in PowerShell. PowerShell commands speed up the configuration process and give you access to options that are not available within the Microsoft Defender interface.

What Is PowerShell?

PowerShell is a modern cross-platform management framework that expands the standard command-line interface. It combines a configuration framework, a scripting language, and a command-line shell to provide a powerful tool for developers. PowerShell is built on the .NET framework and provides support for macOS, Linux, and Windows.

To launch Windows PowerShell on Windows 10:

  1. Input windows powershell in the Start menu search bar.
  2. Right-click on Windows PowerShell and click on Run as administrator

Check Microsoft Defender Status Using PowerShell

Before you begin using PowerShell to configure Microsoft Defender, you should first check the current status. The below command gets the detailed status of the anti-malware software installed on your Windows PC.

Update Microsoft Defender with PowerShell

Once you launch Windows PowerShell as administrator, type the following command and hit Enter to verify the status of Microsoft Defender:


You should then get a long list of details about Microsoft Defender. Currently, we are only interested in the AntivirusEnabled label; if this is True, then Microsoft Defender is configured correctly and running on your PC.

You can then safely proceed to updating Microsoft Defender and running anti-malware scans. In case Microsoft Defender is disabled on your PC, you can enable it in a few steps.

Related: Is Microsoft Defender the Best Antivirus for Your PC?

How to Update Microsoft Defender Using PowerShell

Antivirus software must be updated regularly to keep anti-malware definitions up-to-date. You can update Microsoft Defender through Windows PowerShell by typing the following command and pressing Enter:


After successfully executing this cmdlet command, it will download and install new Microsoft Defender definition updates if available. This command works by downloading the latest updates from the default update source, the Microsoft Update Server.

Alternatively, you can also download updates from a specific source with the following command, switching out SourceName for the location of your choosing.

Update-MpSignature -UpdateSource SourceName

The following command will update Microsoft Defender preferences to check for definition updates every day of the week automatically:

Set-MpPreference -SignatureScheduleDay Everyday

Run a Quick Antivirus Scan Using PowerShell

Sometimes, you want to run a quick malware scan on your PC. While this is relatively easy to do through the Windows Security interface, the PowerShell command makes it even easier. To run a quick virus scan on Windows 10, type the following cmdlet command on PowerShell and press Enter:

Start-MpScan -ScanType QuickScan

Run a Full Antivirus Scan Using PowerShell

A full malware scan will check every file on your Windows PC and sometimes even externally connected USB flash drives. Navigating to a Full Scan on the Microsoft Defender can be troublesome, so you may consider using PowerShell to run a deep malware scan of your PC quickly. You can run a Microsoft Defender full scan using the following cmdlet command:

Start-MpScan -ScanType FullScan

The full scan tends to take some time to go through every folder on your PC. You can choose to run the scan in the background using the following command:

Start-MpScan -ScanType FullScan -AsJob

After successfully running the above commands, Microsoft Defender will run an in-depth full malware scan of your Windows 10 PC.

Microsoft Defender Offline Scan

The offline scan is a powerful feature that can remove malware that is difficult to detect. The antivirus software sometimes cannot remove malware while Windows is running. Such severe malware can be safely removed from the PC using the Microsoft Defender Offline Scan.

Make sure you save all of your opened files before running the offline scan. To run an offline scan on your Windows 10 PC, enter the following command into the PowerShell console:


This cmdlet command will cause Windows 10 to boot in Windows Defender offline mode and scan the entire system for malware. Once your computer boots, you will see the Windows Defender Antivirus loading screen followed by a Command Prompt window that will display the progress of the offline scan.

Microsoft Security Offline Scan Report

Once the test is complete, you can view the offline scan report by navigating to Windows Security>Virus & threat protection > Protection history.

Schedule a Quick Antivirus Scan Using PowerShell

With PowerShell, you can also schedule quick scans to take place at a routine time every day throughout the week. To schedule a quick scan on Microsoft Defender, type the following command into PowerShell and press Enter:

Set-MpPreference -ScanScheduleQuickScanTime Scan_Time

You need to replace Scan_Time with the 24-hour time you want to run the test. The following command schedules a quick scan for 2 PM every day:

Set-MpPreference -ScanScheduleQuickScanTime 14:00:00

To reset the quick scan schedule, run the same cmdlet command without the time parameter.

Schedule a Full Antivirus Scan Using PowerShell

You can also similarly schedule a full system scan of your Windows 10 PC with a few quick commands on PowerShell:

  1. Type the below command in PowerShell and press Enter

    Set-MpPreference -ScanParameters 2
  2. Enter the following command, but replace “Scan_Day” with a number between “0” and “7”, where “0” indicates every day and numbers 1-7 indicate the specific day of the week starting from Sunday

    Set-MpPreference -RemediationScheduleDay Scan_Day
  3. Finally, type the below command on PowerShell and replace Scan_Time with the 24-hour time you wish to choose

    Set-MpPreference -RemediationScheduleTime Scan_Time

You can reset the entire system scan schedule to default by choosing “8” in Step 2. After successfully configuring the full scan schedule, Microsoft Defender will automatically carry out a full system scan at the configured day and time.

Scan Windows 10 For Malware With PowerShell

Microsoft Defender is a very powerful antivirus and has consistently been one of the top antivirus software available in the market. As a built-in free-of-cost antivirus, it is very efficient in protecting you from malware threats.

PowerShell allows you to configure Microsoft Defender through a few simple commands. These commands can update Microsoft Defender, run system scans, and even set up scheduled scans.

Man eating popcorn, watching TV.
9 Legal Ways to Watch Movies Online for Free

There are many illegal options. Want to stay within the law? Here are several legal ways to watch movies online.

Read Next

About The Author

Original Source link

Leave a Reply

Your email address will not be published.

seven + three =