Viruses are pesky and can infiltrate your computer out of nowhere. Though there are many third-party antiviruses available in the market, Windows’ in-built Defender also provides adequate protection from them.

If you do not have any third-party antivirus installed on your system, Windows Defender automatically runs periodically to safeguard your system from threats. However, at times, malicious programs may slip through for which you would have to manually run a scan for them to be detected.

Typically, you can run the Defender using the GUI. However, if you are not able to access Windows Defender or you find it better to use Command Prompt to interact with your system, this guide is for you.

For your ease of convenience, we will be showcasing all types of scans that can be run using the Command Prompt.

Launch an Elevated Command Prompt

First things first, you will need to launch an elevated Command Prompt on your Windows 11 PC. If you need a quick refresher, follow the below-listed instructions.

First, head to the Start Menu and type Terminal to perform a search. Then, from the search results, right-click on the ‘Run as administrator’ option.

Now, a UAC (User Account Control) window will appear on your screen. If you are not logged in with an admin account, enter credentials for one. Otherwise, click on the ‘Yes’ button.

On the Terminal window, click on the chevron (downward arrow) and select the ‘Command Prompt’ option.

Command Prompt will be opened in a new tab on the Terminal window.

1. Run a Quick Scan

The quick scan typically scans the objects that are loaded at the time of system startup which mainly consists of system memory and boot sectors. Though it is not the most thorough scan of your computer, it can alert you if your system is infected.

To run a quick scan, type or copy+paste the below-mentioned command and hit Enter to change the Command Prompt runtime directory to the Windows Defender installation directory.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

After that, type or copy+paste the following command and hit Enter to execute.

MpCmdRun -Scan -ScanType1

That’s it, a quick scan will be initiated on your system.

2. Run a Full Antivirus Scan

A full antivirus scan is the most thorough scan of your computer. It scans system memory, programs loaded at startup, system backup, email databases, hard drives, network drives, and even removable storage media (if connected).

On the Command Prompt tab, type or copy+paste the below-mentioned command and hit Enter to execute.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

Then, type the following command and execute it to initiate the scan on your system.

MpCmdRun -Scan -ScanType 2

Do remember a full scan can take hours to complete if you have a large number of files.

3. Run a Custom Scan

The custom scan option allows you to scan only specific locations on your hard drive. This can come in handy when you do not wish to go through a complete cycle of scans.

On the Command Prompt tab, type or copy+paste the below-mentioned command and hit Enter to execute.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

Afterward, type or copy+paste the following command and execute.

Note: Replace the <directory> placeholder with the actual folder directory in the command below.

MpCmdRun -Scan -ScanType 3 -File <directory>

4. Run a Boot Sector Scan

The boot sector comprises files and instructions for the system startup and is critical for the operating system to function properly. There can be certain malware that targets the boot sector specifically.

From the Terminal window, type or copy+paste the below-mentioned command and hit Enter to execute.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

Then, type or copy+paste the below-mentioned command and execute it to initiate the scan.

MpCmdRun -Scan -ScanType -BootSectorScan

How to Update Windows Defender Using Command Prompt

Keeping the antivirus definition updated is just as important as periodic scans because the scans can only be powerful if they are up to date with information on new viruses and malware. Thankfully, along with scanning, you can also update the definition right from the Command Prompt.

In an elevated Command Prompt window, type or copy+paste the below-mentioned command and hit Enter to execute.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

Then, type or copy+paste the following command and execute it to update the virus definition.

MpCmdRun -SignatureUpdate

How to View or Restore a Quaruntined Item

When a file is identified as malicious by the Microsoft Defender, it quarantines it and typically awaits user intervention on what action should be performed on that file. Using the Command Prompt, you can view all the quarantined items and also restore them if you find a false positive.

First, open an elevated Command Prompt window as shown earlier in the guide, then, type or copy+paste the below-mentioned command and hit Enter to execute.

cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*

Afterward, type or copy+paste the below-mentioned command to view all the quarantined items. 

MpCmdRun -Restore -ListAll

To restore all the quarantined items, type or copy+paste and execute the following command.

MpCmdRun -Restore -All

To restore a specific file, type or copy+paste the following command and execute.

Note: Replace the <filename> placeholder with the actual file name in the command.

MpCmdRun -Restore -Name -<filename.extension>

To restore a specific file to a specific path, type or copy+paste the below-mentioned command and hit Enter to execute.

MpCmdRun -Restore -Name -<filename> -FilePath <file directory>

It is not the end if you are not able to access Microsoft Defender through the GUI route. Using the Command Prompt, you can perform all the necessary functions to safeguard your system against viruses.