How to manage Microsoft Defender Antivirus with PowerShell on Windows 10
On Windows 10, Microsoft Defender Antivirus (formerly Windows Defender Antivirus) is part of the Windows Security experience, and it provides a robust real-time protection against unwanted viruses, ransomware, spyware, rootkits, and many other forms of malware and hackers. It even happens to be one of our best antivirus software picks.
Although yous can easily control everyday antivirus tasks through the Windows Security app, y'all can also manage the anti-malware solution using PowerShell commands, which can come in handy in many scenarios. For example, when you're trying to customize an option that happens not to exist available via the graphical user interface (GUI), such as schedule a quick or full scan or signature update. You demand to create scripts to automate some Microsoft Defender tasks. Or using commands instead of a GUI tin can as well speed up the configuration process, especially when you demand to utilise the same settings on multiple installations of Windows 10.
In this Windows 10 guide, we'll walk you lot through the steps to get started managing Microsoft Defender Antivirus with PowerShell commands.
- How to check status of Microsoft Defender
- How to check for updates on Microsoft Defender
- How to perform quick virus browse with Microsoft Defender
- How to perform full virus scan with Microsoft Defender
- How to perform custom virus scan with Microsoft Defender
- How to perform offline virus browse with Microsoft Defender
- How to delete agile threat on Microsoft Defender
- How to change preferences on Microsoft Defender
How to cheque condition of Microsoft Defender
To bank check the electric current status of Microsoft Defender using PowerShell, use these steps:
- Open First.
- Search for PowerShell, right-click the tiptop result, and select the Run as administrator choice.
-
Type the following command to see the Microsoft Defender Antivirus condition and press Enter:
Become-MpComputerStatus
-
Confirm the AntivirusEnabled is reads True to know if the security solution is running.
In improver to checking whether the antivirus is running, the command output also displays other important information, such as the version of the engine and product version, real-fourth dimension protection status, last fourth dimension updated, and more than.
How to cheque for updates on Microsoft Defender
To employ PowerShell to update Microsoft Defender Antivirus with the latest definition, use these steps:
- Open Start.
- Search for PowerShell, right-click the meridian result, and select the Run as administrator option.
-
Type the following control to check to update Microsoft Defender Antivirus and press Enter:
Update-MpSignature
Once you complete the steps, if new updates are available, they will download and install on your device.
How to perform quick virus scan with Microsoft Defender
To complete a quick scan using PowerShell, apply these steps:
- Open up Start.
- Search for PowerShell, correct-click the summit effect, and select the Run as administrator choice.
-
Type the following control to commencement a quick virus browse and press Enter:
Kickoff-MpScan -ScanType QuickScan
After you consummate the steps, Microsoft Defender Antivirus volition perform a quick virus scan on your device.
How to perform full virus scan with Microsoft Defender
To complete a full scan using commands on Windows ten, use these steps:
- Open Start.
- Search for PowerShell, correct-click the summit effect, and select the Run as administrator pick.
-
Type the following command to outset a full virus scan and press Enter:
Start-MpScan -ScanType FullScan
Once yous consummate the steps, the antivirus for Windows 10 will browse the entire system for any malware and malicious lawmaking.
How to perform custom virus scan with Microsoft Defender
To fix upward a custom scan using PowerShell, utilise these steps:
- Open up Start.
- Search for PowerShell, right-click the top result, and select the Run as administrator selection.
-
Blazon the post-obit command to perform a custom Microsoft Defender Antivirus browse and press Enter:
Kickoff-MpScan -ScanType CustomScan -ScanPath PATH\TO\Folder-FILES
In the command, brand sure to update the path with the folder location you want to scan.
For instance, this command scans the Downloads folder:
Start-MpScan -ScanType CustomScan -ScanPath "C:\Users\user\Downloads"
After y'all complete the steps, Microsoft Defender volition just scan for viruses in the location y'all specified.
How to perform offline virus scan with Microsoft Defender
Microsoft Defender Antivirus also provides an offline scan option, which will come in handy when an unwanted malware infects the device which the antivirus isn't able to remove while Windows 10 is fully loaded.
To start an offline scan, use these steps:
Quick note: Before proceeding, make sure to relieve any piece of work you may have open, equally the control will immediately restart the device to perform an offline scan.
- Open up Start.
- Search for PowerShell, correct-click the top result, and select the Run every bit administrator pick.
-
Type the following control to kickoff an offline virus scan and press Enter:
Commencement-MpWDOScan
In one case you complete the steps, the device volition restart automatically. Information technology'll boot into the recovery environment, and it'll perform a full scan to remove viruses that otherwise wouldn't be possible to find during the normal performance of Windows 10. Later the browse, the device will restart automatically, and then yous tin can view the scan report on Windows Security > Virus & thread protection > Protection history.
Run across this comprehensive guide to learn almost offline scanning with Microsoft Defender Antivirus.
How to delete active threat on Microsoft Defender
To remove all active threats from your computer, use these steps:
- Open Start.
- Search for PowerShell, right-click the top effect, and select the Run as administrator choice.
-
Type the following command to eliminate active threat using Microsoft Defender and printing Enter:
Remove-MpThreat
Afterwards you complete the steps, the anti-malware solution will eliminate any active threats on the reckoner. Although this is an interesting command, it'll just work for threats that the antivirus hasn't already mitigated.
How to change preferences on Microsoft Defender
Using PowerShell commands, it'southward also possible to configure various features of the Microsoft Defender Antivirus. For instance, you can exclude locations and files, specify quarantine retention menses, run different scans, schedule virus scans, alter browse preferences, and much more.
List preferences
To listing all the available preferences for Microsoft Defender with PowerShell, utilize these steps:
- Open Start.
- Search for PowerShell, right-click the top upshot, and select the Run as administrator option.
-
Type the post-obit command to become a total list of the current configurations for the Microsoft Defender Antivirus and press Enter:
Get-MpPreference
In one case y'all complete the steps, you'll understand all the settings that you can configure with the built-in antivirus.
The post-obit commands are some examples of the preferences that yous can customize using PowerShell.
Exclude locations
Microsoft Defender Antivirus includes an choice to exclude binder locations from real-fourth dimension and scheduled scanning.
To exclude a folder path with PowerShell, employ these steps:
- Open Start.
- Search for PowerShell, right-click the top outcome, and select the Run every bit administrator pick.
-
Type the following command to exclude a folder and press Enter:
Set-MpPreference -ExclusionPath PATH\TO\FOLDER
In the command, brand sure to supplant "PATH\TO\Folder" with the path you want to exclude.
For case, this command excludes the Users binder from being scanned:
Set-MpPreference -ExclusionPath C:\Users
Afterward y'all complete the steps, Microsoft Defender will ignore the folders you specified during real-time and scheduled scanning.
If you want to remove a folder from the exclusion list, yous can use this command: Remove-MpPreference -ExclusionPath "PATH\TO\Binder-FILES"
, and don't forget to update the command with the path you wish to remove.
Exclude file type
Likewise, to exclude locations, you can prevent certain file types from beingness scan with Microsoft Defender.
To exclude a file type with PowerShell, apply these steps:
- Open Start.
- Search for PowerShell, right-click the elevation issue, and select the Run equally administrator pick.
-
Type the following command to exclude a file type and press Enter:
Ready-MpPreference -ExclusionExtension EXTENSION
In the command, brand certain to supplant "EXTENSION" with the extension you lot desire to exclude.
For example, this control excludes the Microsoft Give-and-take files from being scanned:
Gear up-MpPreference -ExclusionExtension docx
In one case you complete the steps, the file extension will be added to the database of formats that need to be ignored during malware real-fourth dimension, custom, or scheduled scanning.
If you demand to remove an extension from the exclusion list, then you tin can use this command: Remove-MpPreference -ExclusionExtension EXTENSION
and don't forget to update the control with the extension you wish to remove.
Quarantine time before deletion
You tin can also specify the number of days to keep threats in quarantine with these steps:
- Open Start.
- Search for PowerShell, right-click the pinnacle result, and select the Run equally ambassador option.
-
Type the following command to specify the days to proceed items in quarantine and press Enter:
Ready-MpPreference -QuarantinePurgeItemsAfterDelay DAYS
In the command, make sure to replace "DAYS" for the number of days you lot want to continue items.
For example, this command keeps items for 30 days earlier beingness deleted:
Set-MpPreference -QuarantinePurgeItemsAfterDelay xxx
Quick tip: You lot can employ the value of "0" (zero) or no value to set keep items indefinitely.
After y'all complete the steps, items in the Quarantine folder volition be deleted automatically after the period you lot specified.
Schedule quick scan
To schedule a daily quick malware scan with a PowerShell command, use these steps:
- Open up Start.
- Search for PowerShell, right-click the top upshot, and select the Run as administrator pick.
-
Type the following command to schedule a daily quick scan and press Enter:
Prepare-MpPreference -ScanScheduleQuickScanTime Browse-Time
In the command, make sure to replace "Browse-Fourth dimension" with the fourth dimension in 24-60 minutes format y'all desire to run the scan.
For example, this command schedules a quick scan every solar day at 6:00 am, local time:
Set up-MpPreference -ScanScheduleQuickScanTime 06:00:00
Quick tip: You tin can specify no time value or fix the time to two hours after midnight to reset the settings to their defaults.
Once you complete the steps, Microsoft Defender will perform a quick browse during the time you specified.
Schedule full browse
Using PowerShell commands, y'all can also specify the day and time to perform a full malware scan.
To schedule a full malware scan on Windows 10, use these steps:
- Open Start.
- Search for PowerShell, right-click the top result, and select the Run equally administrator option.
-
Type the following command to schedule a full scan and press Enter:
Gear up-MpPreference -ScanParameters two
Quick notation: The number "2" in the parameter is what specifies Microsoft Defender a total scan.
-
Type the following command to ready a scan day and press Enter:
Set-MpPreference -RemediationScheduleDay Browse-24-hour interval
In the control, change the "SCAN-24-hour interval" for the day (number) you wan to run the scan. Here are the bachelor options:
- 0 – Everyday
- 1 – Sunday
- 2 – Monday
- 3 – Tuesday
- 4 – Wednesday
- 5 – Thursday
- 6 – Fri
- 7 – Saturday
- 8 – Never
For case, this command schedule the full scan for Sundays:
Set-MpPreference -RemediationScheduleDay 1
Quick tip: You lot can revert to the default scanning schedule using option number
viii
. -
Type the post-obit control to specify a fourth dimension for the scan and printing Enter:
Set-MpPreference -RemediationScheduleTime Scan-TIME
In the command, modify "SCAN-Time" with the time in 24-hr format y'all want to run the scan.
For example, this command schedules a full scan at 6:00 am, local time:
Set-MpPreference -RemediationScheduleTime 06:00:00
After you lot complete the steps, Microsoft Defender Antivirus will run a full scan on the day and time you lot specified in the preferences.
Disable antivirus
Although Microsoft Defender offers a command to disable the antivirus, it's guarded past the Tamper Protection feature, which you can only disable through the Virus & threat protection settings bachelor in the Windows Security app.
To disable the antivirus, turn off Tamper Protection, and and so use these steps:
- Open Offset.
- Search for PowerShell, right-click the top upshot, and select the Run as administrator option.
-
Type the following command to temporarily disable Microsoft Defender Antivirus and press Enter:
Set up-MpPreference -DisableRealtimeMonitoring $true
One time you lot complete the steps, the real-time antivirus protection will be disabled until the adjacent reboot. Or you lot tin can run this command: Prepare-MpPreference -DisableRealtimeMonitoring $false
turn on existent-time immediately via PowerShell.
If you want to disable the Microsoft Defender Antivirus permanently, you have to follow these instructions.
Enable external drive scanning
Past default, the antivirus congenital-in to Windows 10 doesn't scan for malicious and unwanted programs inside removable storage, but y'all tin change this behavior with these steps:
- Open Beginning.
- Search for PowerShell, correct-click the top result, and select the Run as administrator option.
-
Type the following command to allow scanning for removable drives during a quick or full scan and printing Enter:
Set-MpPreference -DisableRemovableDriveScanning $imitation
After you complete the steps, the anti-malware characteristic will scan external storage devices during a total scan.
If you want to revert the changes, utilize the same instructions, just on step No. 3, use this command: Set up-MpPreference -DisableRemovableDriveScanning $true
.
Disable annal scanning
Past default, the antivirus scans .zip, .cab, and other archive files, but if you take a reason not to browse athenaeum, yous can disable the choice with these steps:
- Open Get-go.
- Search for PowerShell, right-click the tiptop outcome, and select the Run as administrator option.
-
Type the post-obit command to permit scanning for archives files during a quick or full browse and press Enter:
Prepare-MpPreference -DisableArchiveScanning $truthful
Once you complete the steps, Microsoft Defender won't scan archive files.
If yous want to disengage the settings, you tin employ the same instructions, but on step No. 3, use this control: Set-MpPreference -DisableArchiveScanning $false
.
Enable network bulldoze scanning
To allow Microsoft Defender Antivirus to scan network drives, use these steps:
- Open Start.
- Search for PowerShell, correct-click the peak result, and select the Run as administrator pick.
-
Blazon the following command to enable network drive scan during a quick or full browse and printing Enter:
Prepare-MpPreference -DisableScanningMappedNetworkDrivesForFullScan $false
Subsequently your complete the steps, network drives will be scanned for malicious and unwanted programs during a total scan.
If y'all want to roll dorsum the original settings, you can use the same instructions, but on pace No. 3, use this control: Set-MpPreference -DisableScanningMappedNetworkDrivesForFullScan $true
.
You can always check this Microsoft back up folio to learn about the settings y'all tin configure for the antivirus.
More than Windows 10 resources
For more helpful articles, coverage, and answers to common questions almost Windows 10, visit the following resource:
- Windows 10 on Windows Central – All you demand to know
- Windows x help, tips, and tricks
- Windows 10 forums on Windows Central
We may earn a committee for purchases using our links. Learn more.
New build!
New Windows eleven preview build brings improved taskbar for touch users
Information technology's fourth dimension for another Windows 11 preview build, and this calendar week is another big 1. Today's build is 22563 and features fifty-fifty more taskbar improvements, this fourth dimension for tablet users. Microsoft is introducing a new car-hide Taskbar interface that's similar to the touch-beginning taskbar that was first introduced on Windows 10X and the Surface Neo.
Source: https://www.windowscentral.com/how-manage-microsoft-defender-antivirus-powershell-windows-10
Posted by: pendletonexagagaidid.blogspot.com
0 Response to "How to manage Microsoft Defender Antivirus with PowerShell on Windows 10"
Post a Comment