Windows 10 "Anniversary Update" version 1607 features offline scanning with Windows Defender. While the feature itself is not new for those who are familiar with Defender and use it, it has now become part of Windows for the first time. Today, we'll see how to launch it from PowerShell.
Earlier, Microsoft made available Windows Defender Offline via a special bootable environment. Windows 7 and Windows 8 users could download it, burn it to a disc or a USB flash drive, and then boot it to perform the scan and remove malware from a non-infected, clean environment.
This required an external bootable disk. There are many third-party software makers offering the same functionality, such as Dr. Web or Kaspersky Anti-virus or the free Avira or Avast.
The situation has changed with Windows 10 "Anniversary Update". Windows 10 version 1607 features the ability to perform an offline scan with Windows Defender right from the Settings app.
A new option is located in Settings under - Update & security - Windows Defender - Windows Defender Offline
The same can be done with PowerShell.
To start an Offline Scan with Windows Defender from PowerShell, do the following.
- Open PowerShell as Administrator.
- Type or copy-paste the following command:
Start-MpWDOScan
- Your operating system will be restarted automatically:
- Before Windows 10 boots, Windows Defender will be started in a special boot environment and will scan your device for threats. This is how it will look:
- Once finished, it will start Windows 10 again.
Tip: you can create shortcut to Windows Defender offline scan in Windows 10.
That's it.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Try the new cross-platform PowerShell https://aka.ms/pscore6
PS C:\Users\USER> Start-MpWDOScan
Start-MpWDOScan : Errors were encountered when attempted to run WDO scan on your PC.
At line:1 char:1
+ Start-MpWDOScan
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (MSFT_MpWDOScan:ROOT\Microsoft\…\MSFT_MpWDOScan) [Start-MpWDOScan], CimE
xception
+ FullyQualifiedErrorId : HRESULT 0x800106ba,Start-MpWDOScan
PS C:\Users\USER>