How to Use Windows Defender to Scan for Malware

An image of the Windows Defender logo for the blog How to Use Windows Defender to Scan for Malware

Malicious software can wreak havoc on your system and network, compromising personal information, slowing down your computer and even rendering your device unusable. You should have robust malware scanners and protection in place to protect your PC. One available tool is Windows Defender, a free built-in security feature in Windows operating systems.

Does Windows Defender scan for malware?

The short answer is yes. Windows Defender is a built-in solution for Windows 10 and Windows 11 that provides real-time protection for your Windows system. It runs in the background for continuous scanning and is a great tool for identifying malicious software types like viruses, spyware, ransomware, and more.

Windows Defender is updated regularly to guarantee its capability to detect the latest threats. It can also perform on-demand scans for specific areas of your system commonly targeted by threats. These capabilities make it a robust tool for safeguarding your device against potentially destructive malware.

How to enable Windows Defender

The first step to run the Windows virus scan command is to enable Windows Defender to scan for malware on your system. If you’re using Microsoft Defender on Windows 10, follow these steps to open the Windows Security Center:

  1. Click on the Start menu, then select the Settings icon.
  2. In the Settings window, click on “Update & Security.”
  3. From the left-hand menu, select “Windows Security.”
  4. In the Windows Security Center, click on “Virus & threat protection.”
  5. Here, you should see Windows Defender Antivirus. If it’s turned off, click on the “Manage settings” link and toggle the switch to turn it on.

The steps to open Windows Security in Windows 11 are slightly different:

  1. Click on the Start button and select the “Settings” icon.
  2. In the Settings window, click on “Privacy & security.”
  3. From the left-hand menu, select “Windows Security.”
  4. In the Windows Security window, click on “Virus & threat protection.”
  5. Similar to Windows 10, ensure that Windows Defender Antivirus is turned on. If not, click on the “Manage settings” link and enable it.

Before proceeding, identify first which Windows Defender version you have.

Read this how-to guide. ←

How to check for malware on Windows 11?

Malware is disruptive to IT operations and can be destructive to any organization. That’s why malware checking is essential to protecting your organization’s data, systems, and reputation. There are two common ways for checking malware in Windows 11 – manual and automated. Here’s the breakdown:

1. Manual. This method usually involves several ways of checking for malware, such as manually inspecting or observing system components or elements. Here are some factors to pay attention to:

  • Slow performance – when it takes longer for a device to boot up or programs to load than usual.
  • Unwanted failures – when unusual behaviors like application crashes, system freezes, unresponsive system, and anything that interferes with the normal operation of the device occur.
  • Unfamiliar programs – when programs or applications you don’t remember installing or using previously suddenly appear in your computer system.
  • Intrusive pop-ups – sudden pop-up windows, ads, or browser redirects are often signs of adware or malware.

2. Automated. Windows 11 offers built-in solutions such as antivirus tools to scan and remove malware:

  • Windows Security – a built-in tool in Windows 11 that acts as a primary malware checker for the operating system. This includes Windows Defender Antivirus, which can automatically scan Windows 11 systems and detect malicious software.
  • Third-party apps – these are IT security providers that offer additional protection layers, with features such as advanced malware detection, real-time threat monitoring, and enhanced scanning capabilities.
  • Endpoint monitoring and management – organizations and enterprises that manage several computer systems may also use complete endpoint monitoring and management solutions like NinjaOne, which can integrate antivirus tools and automated malware scans into a broader security strategy.

NinjaOne integrates with robust IT security solutions to enhance endpoint security
Learn more about NinjaOne endpoint security integrations

Step-by-step: Performing a Windows Defender scan for malware

After enabling the Windows virus scan command, you have several ways to perform a Windows Defender scan for malware to detect and remove it from your system. This flexibility makes Windows Defender good for virus scans.

Quick scan

A quick scan is a fast check for common malware in the most vulnerable areas of your computer. Follow these steps to perform a quick scan using Windows Defender:

  • Open Windows Security Center in Windows 10 or Windows Security in Windows 11 using the instructions provided earlier.
  • In the Windows Security window, click on “Virus & threat protection.”
  • Under the “Quick scan” section, click on the “Quick scan” button.
  • Windows Defender will scan your system for malware. This may take a few minutes.
  • Once the scan is complete, Windows Defender will display the results.

Full system scan

Perform a full system scan if you suspect a more extensive malware infection or want a comprehensive scan of your entire system. Here’s how to perform a full system scan using Windows Defender:

  • Open Windows Security Center (Windows 10) or Windows Security (Windows 11).
  • Click on “Virus & threat protection” in the Windows Security window.
  • Under the “Virus & threat protection updates” section, click on the “Quick scan” button.
  • In the drop-down menu, select “Full scan” instead of “Quick scan.”
  • Windows Defender will now initiate a thorough scan of your entire system, including all files and folders.
  • Be patient, as a full system scan can take a significant amount of time, depending on the size of your hard drive and the number of files on your system.
  • Once the scan is complete, Windows Defender will present the results.

Custom scan with PowerShell

If you prefer more control over the process, you can use PowerShell to customize your Windows Defender scan for malware. Follow these steps to perform a custom scan using PowerShell:

  • Press the Windows key + X on your keyboard and select “Windows PowerShell (Admin)” from the menu.
  • In the PowerShell window, type the following command: Start-MpScan -ScanType Custom -ScanPath C:\Path\To\Custom\Folder
  • Replace “C:\Path\To\Custom\Folder” with the actual path of the folder or file you want to scan.
  • Press Enter to execute the command and initiate the custom scan.
  • Windows Defender will scan the specified folder or file and display the results in the PowerShell window.

Configure Windows Defender SmartScreen with this NinjaOne PowerShell script.

→ Get access to the script

Using Command Prompt for malware scanning

You can also use Command Prompt to perform a malware scan with Windows Defender. Here’s how:

  • Press the Windows key + X on your keyboard and select “Command Prompt (Admin)” from the menu.
  • In the command prompt window, type the following command: MpCmdRun.exe -Scan tecting your computer against malware, giving you the flexibility to perform several different scans, schedule them in advance and interpret the results.
  • Do I need anti-malware if I have Windows Defender? While Windows Defender offers comprehensive protection against malware, some users may prefer additional security measures. You can implement additional security software like NinjaOne and its built-in endpoint security tools. -ScanType 3
  • Press Enter to execute the command and start the malware scan.
  • Windows Defender will scan your system for malware and display the results in the command prompt window.

Interpreting Windows Defender scan results

After completing a scan, Windows Defender provides detailed information about any threats detected. Here are a few key elements to look at:

  • Threat name: This identifies the specific malware detected on your system.
  • Threat severity: Windows Defender categorizes threats as low, medium, high or severe based on their potential impact.
  • Recommended action: Windows Defender suggests the appropriate action to take for each detected threat, such as quarantine, remove or allow.
  • Scan history: Windows Defender keeps a record of previous scans and their results, allowing you to review past findings.

Carefully review the scan results and take appropriate action to remove or quarantine any detected malware. Windows Defender offers built-in tools to help you deal with these threats effectively.

How to schedule scans on Windows Defender?

You can schedule regular Windows Defender scans for malware to ensure continuous protection for your device. Follow these steps to set up a scan schedule:

  • Open Windows Security Center (Windows 10) or Windows Security (Windows 11).
  • Click on “Virus & threat protection” in the Windows Security window.
  • Under the “Quick scan” section, click on the “Scan options” link.
  • In the “Scan options” window, click on “Custom scan.”
  • Select the desired scan type (quick scan, full scan or custom scan).
  • Click on the “Advanced scan” link.
  • In the “Advanced scan” window, click on “Configure scans.”
  • Choose the frequency and time for your scheduled scans by selecting the options that suit your needs.
  • Click on “Save” to apply the changes and set up your scan schedule.

Scheduling regular scans automates the process and ensures that your system is always protected against malware.

How to configure Windows Defender SmartScreen?

In addition to malware scanning, Windows Defender offers a feature called SmartScreen, which adds an extra layer of security by protecting against malicious websites and downloads when browsing. Here’s how to configure Windows Defender SmartScreen:

  • Open Windows Security Center (Windows 10) or Windows Security (Windows 11).
  • Click on “App & browser control” in the Windows Security window.
  • Under the “Check apps and files” section, select “Block.”
  • Under the “SmartScreen for Microsoft Edge” section, select “Block.”
  • Under the “SmartScreen for Microsoft Store apps” section, select “Block.”

Endpoint security for Windows with NinjaOne

NinjaOne integrates with the top endpoint security solutions, including Bitdefender and SentinelOne, so that users can ensure the safety of their IT environments. Additionally, due NinjaOne’s endpoint monitoring, patch management, and RMM features, IT professionals are able to build the foundation for an efficient and secure IT infrastructure. Start protecting your IT environment today with NinjaOne.

Carefully review the scan results and take appropriate action to remove or quarantine any detected malware. Windows Defender offers built-in tools to help you deal with these threats effectively.

How to schedule scans on Windows Defender?

You can schedule regular Windows Defender scans for malware to ensure continuous protection for your device. Follow these steps to set up a scan schedule:

  • Open Windows Security Center (Windows 10) or Windows Security (Windows 11).
  • Click on “Virus & threat protection” in the Windows Security window.
  • Under the “Quick scan” section, click on the “Scan options” link.
  • In the “Scan options” window, click on “Custom scan.”
  • Select the desired scan type (quick scan, full scan or custom scan).
  • Click on the “Advanced scan” link.
  • In the “Advanced scan” window, click on “Configure scans.”
  • Choose the frequency and time for your scheduled scans by selecting the options that suit your needs.
  • Click on “Save” to apply the changes and set up your scan schedule.

Scheduling regular scans automates the process and ensures that your system is always protected against malware.

How to configure Windows Defender SmartScreen?

In addition to malware scanning, Windows Defender offers a feature called SmartScreen, which adds an extra layer of security by protecting against malicious websites and downloads when browsing. Here’s how to configure Windows Defender SmartScreen:

  • Open Windows Security Center (Windows 10) or Windows Security (Windows 11).
  • Click on “App & browser control” in the Windows Security window.
  • Under the “Check apps and files” section, select “Block.”
  • Under the “SmartScreen for Microsoft Edge” section, select “Block.”
  • Under the “SmartScreen for Microsoft Store apps” section, select “Block.”

Endpoint security for Windows with NinjaOne

NinjaOne integrates with the top endpoint security solutions, including Bitdefender and SentinelOne, so that users can ensure the safety of their IT environments. Additionally, due NinjaOne’s endpoint monitoring, patch management, and RMM features, IT professionals are able to build the foundation for an efficient and secure IT infrastructure. Start protecting your IT environment today with NinjaOne.

Next Steps

The fundamentals of device security are critical to your overall security posture. NinjaOne makes it easy to patch, harden, secure, and backup all their devices centrally, remotely, and at scale.

You might also like

Ready to simplify the hardest parts of IT?
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).