How to Utilise PowerShell to Scan Windows 10/11 for Malware – Guide
In Windows 10, Microsoft Defender Antivirus (formerly Windows Defender Antivirus) is part of the Windows security experience and provides robust, real-time protection against unwanted viruses, ransomware, spyware, rootkits, and many other types of malware and hackers. It is also one of our best antivirus software. While you can easily control day-to-day antivirus tasks through the Windows Security application, you can also manage anti-malware solutions using PowerShell commands, which can be useful in many scenarios. For example, when you are trying to customize an option that is not available through the graphical user interface (GUI), such as scheduling a quick or full scan or a signature update. You need to create scripts to automate some Microsoft Defender tasks. Or using commands instead of GUI can also speed up up the setup process, especially when you need to apply the same settings across multiple installations of Windows 10.
What is PowerShell?
PowerShell is a modern cross-platform management framework that expands on the standard command-line interface. It combines a configuration framework, a scripting language, and a command-line shell to provide a powerful tool for developers. PowerShell is built on the .NET framework and supports macOS, Linux and Windows. To start Windows PowerShell on Windows 10:
Check Microsoft Defender Status Using PowerShell
Before you start using PowerShell to configure Microsoft Defender, you should first check the current status. The command below gets the detailed status of the anti-malware software installed on your Windows PC. After starting Windows PowerShell as an administrator, type the following command and press Enter to check the status of Microsoft Defender: You should get a long list of details about Microsoft Defender. We are currently only interested in the AntivirusEnabled label; if True, Microsoft Defender is properly configured and running on your PC. You can safely proceed to update Microsoft Defender and run anti-malware scans. In case Microsoft Defender is disabled on your PC, you can enable it in a few steps.
How to Update Microsoft Defender Using PowerShell
Antivirus software must be updated regularly to maintain anti-malware definitions up-Up to the present date. You can update Microsoft Defender through Windows PowerShell by typing the following command and pressing Enter: After you successfully run this cmdlet command, it will download and install new Microsoft Defender definition updates if available. This command works by downloading the latest updates from the default update source, Microsoft Update Server. Alternatively, you can also download updates from a specific source with the following command, replacing SourceName with the location of your choice. The following command will update Microsoft Defender preferences to automatically check for definition updates every day of the week:
Run a quick antivirus scan using PowerShell
Sometimes you want to run a quick malware scan on your PC. While this is relatively easy to do through the Windows Security interface, the PowerShell command makes it even easier. To run a quick virus scan on Windows 10, type the following cmdlet command in PowerShell and press Enter:
Run a full antivirus scan using PowerShell
A full malware scan will scan all files on your Windows PC and sometimes even externally connected USB flash drives. Navigating to a full scan in Microsoft Defender can be problematic, so consider using PowerShell to run a deep malware scan of your computer quickly. You can run a full Microsoft Defender scan using the following cmdlet command: The full scan tends to take some time to go through all the folders on your PC. You can choose to run the background scan using the following command: After successfully executing the above commands, Microsoft Defender will run a full and detailed malware scan of your Windows 10 PC.
Microsoft Defender Offline Scanning
Offline verification is a powerful feature that can remove hard-to-detect malware. Antivirus software is sometimes unable to remove malware while Windows is running. This severe malware can be safely removed from PC using Microsoft Defender Offline Scan. Make sure to save all your open files before running the offline scan. To run an offline scan on your Windows 10 PC, enter the following command in the PowerShell console: This cmdlet command will make Windows 10 boot into Windows Defender offline mode and scan the entire system for malware. After your computer boots, you will see the Windows Defender Antivirus loading screen followed by a command prompt window that will display the offline scan progress. When testing is complete, you can view the scan report offline by navigating to Windows Security > Virus & Threat Protection > Protection History.
Schedule a quick antivirus scan using PowerShell
Schedule a full antivirus scan using PowerShell
You can also schedule a full system scan of your Windows 10 PC with a few quick commands in PowerShell:
Final note
I hope you like the guide How to Utilise PowerShell to Scan Windows 10/11 for Malware. In case if you have any query regards this article you may ask us. Also, please share your love by sharing this article with your friends.
