Start an Offline Scan with Windows Defender from PowerShell

Windows 10 "Anniversary Update" version 1607 features offline scanning with Windows Defender. While the feature itself is not new for those who are familiar with Defender and use it, it has now become part of Windows for the first time. Today, we'll see how to launch it from PowerShell.

Earlier, Microsoft made available Windows Defender Offline via a special bootable environment. Windows 7 and Windows 8 users could download it, burn it to a disc or a USB flash drive, and then boot it to perform the scan and remove malware from a non-infected, clean environment.

This required an external bootable disk. There are many third-party software makers offering the same functionality, such as Dr. Web or Kaspersky Anti-virus or the free Avira or Avast.

The situation has changed with Windows 10 "Anniversary Update". Windows 10 version 1607 features the ability to perform an offline scan with Windows Defender right from the Settings app.

A new option is located in Settings under - Update & security - Windows Defender - Windows Defender Offline

Windows 10 defender offline scan

The same can be done with PowerShell.

To start an Offline Scan with Windows Defender from PowerShell, do the following.

 

  1. Open PowerShell as Administrator.
  2. Type or copy-paste the following command:
    Start-MpWDOScan

    Run An Offline Scan With Windows Defender With PowerShell

  3. Your operating system will be restarted automatically: Windows_Defender offline scan warning
  4. Before Windows 10 boots, Windows Defender will be started in a special boot environment and will scan your device for threats. This is how it will look: Windows Defender offline scan is starting
  5. Once finished, it will start Windows 10 again.

Tip: you can create shortcut to Windows Defender offline scan in Windows 10.

That's it.

 

1 thought on “Start an Offline Scan with Windows Defender from PowerShell

  1. Ace

    Windows PowerShell
    Copyright (C) Microsoft Corporation. All rights reserved.

    Try the new cross-platform PowerShell https://aka.ms/pscore6

    PS C:\Users\USER> Start-MpWDOScan
    Start-MpWDOScan : Errors were encountered when attempted to run WDO scan on your PC.
    At line:1 char:1
    + Start-MpWDOScan
    + ~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (MSFT_MpWDOScan:ROOT\Microsoft\…\MSFT_MpWDOScan) [Start-MpWDOScan], CimE
    xception
    + FullyQualifiedErrorId : HRESULT 0x800106ba,Start-MpWDOScan

    PS C:\Users\USER>

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *