Microsoft Defender Antivirus is a robust security solution that comes pre-installed with Windows 11. It provides real-time protection against various forms of malware, including viruses, ransomware, and spyware. While the Windows Security app offers a user-friendly interface to manage Defender Antivirus, advanced users may prefer to leverage PowerShell commands for more precise control and automation. In this article, we will explore how to control Microsoft Defender Antivirus using PowerShell on Windows 11.
Step 1: Opening PowerShell: To get started, launch PowerShell on your Windows 11 computer. You can do this by pressing the Windows key, typing "PowerShell," and selecting the "Windows PowerShell" app from the search results.
Step 2: Run PowerShell as Administrator: To access all the necessary commands and permissions, it is important to run PowerShell as an administrator. Right-click on the "Windows PowerShell" app from the search results and choose the "Run as administrator" option.
Step 3: Managing Real-Time Protection: Real-time protection is a key feature of Microsoft Defender Antivirus, constantly scanning files and programs for potential threats. To enable or disable real-time protection using PowerShell, you can use the following commands:
- To enable real-time protection:
Set-MpPreference -DisableRealtimeMonitoring $false
- To disable real-time protection:
Set-MpPreference -DisableRealtimeMonitoring $true
Step 4: Initiating Quick Scans: Microsoft Defender Antivirus allows you to perform quick scans to check for any potential threats. Here's how you can start a quick scan using PowerShell:
Start-MpScan -ScanType QuickScan
Step 5: Managing Scan Exclusions: In some cases, you may need to exclude specific files, folders, or processes from being scanned by Microsoft Defender Antivirus. PowerShell enables you to manage these scan exclusions efficiently. The following commands demonstrate how to add and remove exclusions:
To add a scan exclusion:
Add-MpPreference -ExclusionPath "C:\Folder\Path"
To remove a scan exclusion:
Remove-MpPreference -ExclusionPath "C:\Folder\Path"
Step 6: Updating Microsoft Defender Antivirus Definitions: Keeping your antivirus definitions up to date is crucial for effective protection. PowerShell allows you to trigger a manual update with the following command:
Step 7: Monitoring Protection Status: To check the current status of Microsoft Defender Antivirus, PowerShell provides the
Get-MpComputerStatus command. This command provides detailed information about the antivirus engine, the last scan time, and more.
Conclusion: While the Windows Security app offers a user-friendly interface for managing Microsoft Defender Antivirus, PowerShell provides advanced users with a powerful toolset to control and automate various aspects of antivirus protection. By following the steps outlined in this article, you can leverage PowerShell commands to enable or disable real-time protection, initiate scans, manage exclusions, update antivirus definitions, and monitor the protection status of Microsoft Defender Antivirus on your Windows 11 system.