First Look Windows Server 2016 Antimalware

Windows Server 2016 will be shipped with a preloaded and enabled by default Antiwalware tool that will protect your server from the moment you boot it.

This is a great move by Microsoft as In most servers deployment it takes a few weeks for the engineering team or admin to load a Antimalware software to their server after deployment and in some cases it’s being forgotten.

The new Antimalware tool can be managed from PowerShell and there is no GUI.

To Install the tool In case it was uninstall use the cmdlet below Remember that the tool is Installed by default so there is no need to do it If no one uninstalled In case you run it nothing will happen.

Install-WindowsFeature -Name Windows-Server-Antimalware


To uninstall the tool use the cmdlet below:

Uninstall-WindowsFeature -Name Windows-Server-Antimalware


To check If the tool is running run the cmd below from the cmd tool (not PowerShell)

sc query Windefend


To view all the available cmdlet run:

Get-Command –Module Defender


The cmdlets are:

Add-MpPreference

Get-MpComputerStatus

Get-MpPreference

Get-MpThreat

Get-MpThreatCatalog

Get-MpThreatDetection

Remove-MpPreference

Remove-MpThreat

Set-MpPreference

Start-MpScan

Update-MpSignature

For example to run a manual scan use: Start-MpScan


To change one of the setting use the example below.

Set-MpPreference -DisableArchiveScanning $true


How To Add File Type Exclusion Windows Server 2016 Antimalware

If you need to add file type Exclusion to Windows Server 2016 Antiwalware you will need to use PowerShell as there is no GUI Interface at this stage.

To add exclusion open PowerShell and type:

add-MpPreference -ExclusionExtension *.pst


To view all exclusions type Get-MpPreference | select exclusionextension


To Exclude a path use:

Add-MpPreference -ExclusionPath “c:\install”

How To Updates the antimalware definitions

To update the antimalware definitions use update-mpsignature


How To Manually start a scan

To start a manual scan type start-mpscan


Leave a Reply