Microsoft Defender (formerly Windows Defender) is an efficient, inexpensive antivirus that comes pre-installed on Windows 10 devices. It also provides users with advanced web and real-time protection against harmful viruses, Trojans, and other malware.

As a native Microsoft application, you can manage Microsoft Defender through Windows PowerShell.

With a few commands in PowerShell, you can easily update Microsoft Defender, run system scans, check the current antivirus status and even schedule scans. PowerShell commands speed up the configuration process and give you access to options not available in the Microsoft Defender interface.

What is PowerShell?

PowerShell is a modern cross-platform management framework that extends the standard command line interface. It combines a configuration framework, scripting language, and command line shell to provide a powerful tool for developers. PowerShell is based on the .NET Framework and offers support for MacOS, Linux and Windows.

To start Windows PowerShell on Windows 10:

  1. Entrance Windows Powershell in the search bar of the start menu.

  2. Right-click Windows PowerShell and click Run as administrator

Check the Microsoft Defender status using PowerShell

Before using PowerShell to configure Microsoft Defender, the first thing you should do is check its current status. The following command will show the detailed status of the anti-malware software installed on your Windows PC.

After starting Windows PowerShell as an administrator, type the following command and press Enter to check the status of Microsoft Defender:


You should then be given a long list of details about Microsoft Defender. We are currently only interested in the AntivirusEnabled label. If so, Microsoft Defender is configured correctly and is running on your PC.

You can then safely proceed to updating Microsoft Defender and running anti-malware scans. If Microsoft Defender is deactivated on your PC, you can activate it in a few steps.

Related: Is Microsoft Defender the Best Antivirus for Your PC?

How to update Microsoft Defender using PowerShell

Antivirus software needs to be updated regularly to keep anti-malware definitions up to date. You can update Microsoft Defender through Windows PowerShell by typing the following command and pressing Enter:


After this cmdlet command runs successfully, new Microsoft Defender definition updates will be downloaded and installed, if available. This command downloads the latest updates from the standard update source, the Microsoft Update Server.

Alternatively, you can also download updates from a specific source and turn them off using the command below Source name for the location of your choice.

Update-MpSignature -UpdateSource SourceName

The following command updates Microsoft Defender settings to automatically check for definition updates every day of the week:

Set-MpPreference -SignatureScheduleDay Everyday

Use PowerShell to run a quick antivirus scan

Sometimes you want to run a quick malware scan on your PC. While this is relatively easy to do through the Windows security interface, the PowerShell command makes it even easier. To run a quick virus scan on Windows 10, type the following cmdlet command in PowerShell and press Enter:

Start-MpScan -ScanType QuickScan

Run a full antivirus scan using PowerShell

A full malware scan checks all files on your Windows PC and sometimes even externally connected USB sticks. Navigating to a full scan on the Microsoft Defender can be problematic. Hence, you can use PowerShell to quickly perform a comprehensive malware scan of your PC. You can run a full Microsoft Defender scan with the following cmdlet command:

Start-MpScan -ScanType FullScan

The full scan usually takes some time to go through all the folders on your PC. You can run the scan in the background with the following command:

Start-MpScan -ScanType FullScan -AsJob

After the above commands are successfully executed, Microsoft Defender will run an in-depth full malware scan of your Windows 10 PC.

Microsoft Defender offline scan

Offline scanning is a powerful feature that can be used to remove difficult-to-detect malware. The antivirus software sometimes fails to remove malware while Windows is running. Such serious malware can be safely removed from PC using Microsoft Defender Offline Scan.

Make sure to save any open files before running the offline scan. Enter the following command in the PowerShell console to run an offline scan on your Windows 10 PC:


This cmdlet command causes Windows 10 to start in Windows Defender offline mode and scan the entire system for malware. After your computer starts up, you will see the Windows Defender Antivirus loading screen, followed by a Command Prompt window showing the progress of the offline scan.

After the test is complete, you can view the offline scan report by navigating to Windows Security> Virus & threat protection> Protection history.

Schedule a quick antivirus scan with PowerShell

PowerShell also lets you schedule quick scans that happen every day during the week at a routine time. Type the following command in PowerShell and press Enter to schedule a quick scan in Microsoft Defender.

Set-MpPreference -ScanScheduleQuickScanTime Scan_Time

You need to replace Scan time With the 24 hour time you want to run the test. The following command schedules a quick scan for 2 p.m. every day:

Set-MpPreference -ScanScheduleQuickScanTime 14:00:00

To reset the quick scan schedule, run the same cmdlet command without the time parameter.

Schedule a full antivirus scan using PowerShell

Similarly, you can also schedule a full system scan of your Windows 10 PC with a few quick commands in PowerShell:

  1. Type the following command in PowerShell and press Enter
    Set-MpPreference -ScanParameters 2

  2. Enter the following command but replace "Scan_Day" with a number between "0" and "7", where "0" indicates any day and the numbers 1-7 indicate the specific day of the week starting on Sunday
    Set-MpPreference -RemediationScheduleDay Scan_Day

  3. Finally, enter the following command in PowerShell and replace Scan_Time with the 24 hour time you want to select
    Set-MpPreference -RemediationScheduleTime Scan_Time

You can reset the entire system scan schedule to its default settings by selecting "8" in step 2. After successfully configuring the full scan schedule, Microsoft Defender automatically performs a full system scan on the configured day and time.

Scan Windows 10 for malware using PowerShell

Microsoft Defender is a very powerful antivirus and has always been one of the top antivirus software on the market. As a built-in, free antivirus, it protects you from malware threats very efficiently.

PowerShell lets you configure Microsoft Defender with a few simple commands. These commands can update Microsoft Defender, run system scans, and even set up scheduled scans.

What is malware and how does it work?

Malware is widespread. Learn how it works and how to prevent infection.

Continue reading

About the author

M. Fahad Khawaja
(8 articles published)

Fahad is a writer at MakeUseOf and is currently studying computer science. He previously worked as a writer for Plan A Voyage and Smartek USA. As an enthusiastic tech writer, he makes sure that he stays up to date with the latest technology. He is particularly interested in Windows, Android and iOS. Fahad enjoys playing soccer and coding impossible tasks.

By M. Fahad Khawaja

Subscribe to our newsletter

Sign up for our newsletter to receive tech tips, reviews, free e-books, and exclusive offers!

One more step …!

Please confirm your email address in the email we just sent you.