Windows Defender Cmdlets in Windows PowerShell

Windows PowerShell® is a task-based command-line shell and scripting language designed especially for system administration. This reference topic for the information technology (IT) professional provides assistance in utilizing the Windows PowerShell cmdlets to script and automate tasks.

Defender

This reference provides cmdlet descriptions and syntax for all Defender-specific cmdlets. It lists the cmdlets in alphabetical order based on the verb at the beginning of the cmdlet.

Cmdlet Description

Add-MpPreference

Modifies settings for Windows Defender.

Get-MpComputerStatus

Gets the status of antimalware software on the computer.

Get-MpPreference

Gets preferences for the Windows Defender scans and updates.

Get-MpThreat

Gets the history of threats detected on the computer.

Get-MpThreatCatalog

Gets known threats from the definitions catalog.

Get-MpThreatDetection

Gets past malware threats that Windows Defender detected.

Remove-MpPreference

Removes exclusions or default actions.

Remove-MpThreat

Removes active threats from a computer.

Set-MpPreference

Configures preferences for Windows Defender scans and updates.

Start-MpScan

Starts a scan on a computer.

Update-MpSignature

Updates the antimalware signatures on a computer.

Note

To list all the cmdlets that are available, use the Get-Command –Module Defender cmdlet.

For more information about, or for the syntax of, any of the cmdlets, use the Get-Help <cmdlet name> cmdlet, where <cmdlet name> is the name of the cmdlet that you want to research. For more detailed information, you can run any of the following cmdlets:

Get-Help <cmdlet name> -Detailed
Get-Help <cmdlet name> -Examples
Get-Help <cmdlet name> -Full