Windows Defender

Get-MpComputerStatus    #See the status of Defender 
Get-MpPreference        #See current Defender preferences
Add-MpPreference        #Change Defender Settings
Get-MpThreat            #See threat history for computer
Get-MpThreatCatalog     #Show any known threats
Get-MpThreatDetection   #Show all history for any detected threats
Remove-MpThreat         #Remove an active threat
Remove-MpPreference     #Create exclusion and default behavior 
Start-MpScan            #Start Defender Scan
Update-MpSignature      #Signature updates
Set-MpPreference        #Configures scans and updates     

tasklist /v 

MsMpEng.exe
MpCmdRun.exe

dir "C:\ProgramData\Microsoft\Windows Defender\Support\MPLOG-<Datetime>.log"
dir "C:\ProgramData\Microsoft\Windows Defender\Support\MPDetection-<Datetime>.log"

reg query "HKLM\Software\Microsoft\Windows Defender"
reg query "HKLM\Software\Microsoft\Windows Defender\Real-Time Protection"
reg query "HKLM\Software\Microsoft\Windows Defender\Features"
reg query "HKLM\Software\Microsoft\Windows Defender\SpyNet"
reg query "HKLM\Software\Microsoft\Windows Defender\Windows Defender Exploit Guard"
reg query "HKLM\Software\Microsoft\Windows Defender\exclusions\paths"

Set-MpPreference -DisableRealtimeMonitoring 0​​
Set-MpPreference -DisableRealtimeMonitoring $false

Set-MpPreference -DisableRealtimeMonitoring 1
Set-MpPreference -DisableRealtimeMonitoring $true
Set-MpPreference -DisableIntrusionPreventionSystem $true -DisableIOAVProtection $true -DisableRealtimeMonitoring $true -DisableScriptScanning $true -EnableControlledFolderAccess Disabled -EnableNetworkProtection AuditMode -Force -MAPSReporting Disabled -SubmitSamplesConsent NeverSend

Get-MpThreatDetection
Get-MpThreatDetection | sort $_.InitialDecectionTime | select -First 1
Get-MpThreatDetection -ThreatID 2147894794

Get-MpComputerStatus

Get-MpThreat