Microsoft Defender is the built-in Anti-Malware program in Windows 8, with the same engine that powers Security Essential for Windows 7 computers as well as the same user interface to manage it. But do you also know that you can manage the Defender not only through the GUI, but also via the PowerShell cmdlet?
Get the list of the cmdlet available
First, let’s run Get-Command -Module Defender
in PowerShell console to get the list of available cmdlet designated for Defender.
Let’s explore the possibilities
To get the list of preference settings, run Get-MpPreference
. To add a preference, run Add-MpPreference
. And to change a preference, run Set-MpPreference
. Note that to add or change a preference, you will need to run PowerShell as administrator to get the proper permission.
The cmdlet Get-MpComputerStatus
shows the current status of Windows Defender on your computer, such as, the version of AntiVirus engine, when was last time it’s got updated, is the Real Time Protectionenabled, etc.
You can also use Get-MpThreatDectection
to check the threats Microsoft Defender has been able to catch, and remove a thread by Remove-MpThreat
after a threat has been cleaned up.
Oh, you can even manually start a scan (Start-MpScan) or run an update (Update-MpSignature) right from PowerShell console. It’s perfect if you want to run these tasks as part of a batch file or scheduled job.