 |
| windows defender icon |
In the article Windows Defender: Past, present, and future, I told you that Windows Defender appears to be slated for a transition into a modern Windows app after years with a similar user interface. I also ran through some of the features in the most current version of Windows Defender.
After that article was published, I received a question from a reader who asked if I knew whether Windows Defender will still have a command-line version after it is converted into a Windows app. I checked with a couple of my sources and received three answers: Yes, No, and Maybe. The Yes and Maybe answers were based on the fact that there are some advanced operations you can only perform from the command line. Since it's really too early to speculate further, I'll just leave it at that for now. However, while I was running my informal survey, I discovered that a couple of my contacts were unaware that there was a command-line version of Windows Defender.
As such, I thought I would write an article covering how and why to run Windows Defender from the command line. Let take a look.
Accessing the command-line version
Since Windows Defender has a Windows UI and performs most of its operations in the background, you may be wondering why anyone would want to use it from the command line. Well, the truth is that the command-line version is useful in situations where you want to be able to automate and customize Windows Defender's standard operations. Furthermore, as I mentioned, there are some advanced operations you can only perform from the command line-version. You may not use some of those operations often, but it's nice to know that they are available.
To find the command-line version of Windows Defender, just open File Explorer and navigate to C:\Program Files\Windows Defender. When you get there, look for a file by the name of
MpCmdRun.exe
If you right-click on the file and access its properties, you'll see that the actual name of the tool is Microsoft Malware Protection Command Line Utility (Figure A). Thus, the strange filename.
Figure A
You can find the actual name of the tool by accessing the file's properties.
Performing standard operations
To use the command-line version of Windows Defender, you need to be in an Administrator Command Prompt. If you have been following along and have File Explorer open to the C:\Program Files\Windows Defender folder, all you have to do is pull down the File menu and select the Open Command Prompt As Administrator command, as shown in Figure B.
Figure B
You can open an Administrator Command Prompt from within File Explorer.
The command-line version is useful in situations where you want to automate and customize how and when Windows Defender is run. For example, if you want to run a quick scan, you'll use the command:
mpcmdrun -scan -scantype 1
If you want to run a full scan, you'll use the command:
mpcmdrun -scan -scantype 2
If you want to check for new virus signature definition updates, you'll use the command:
mpcmdrun -signatureupdate
Performing advanced operations
In addition to the standard types of operations, there are several other advanced operations you can only perform with the command-line version of Windows Defender. For instance, you can enable diagnostic tracing, remove certain signature definitions, scan specific folders, and just run a scan on the boot sector of your hard disk. Here are a few examples.
If you want to scan the Downloads folder, you'll use the command:
mpcmdrun -scan -scantype 3 -File C:\Users\{yourname}\Downloads
If you want to perform a boot sector scan, you'll use the command:
mpcmdrun -scan -bootsectorscan
If Windows Defender gets fouled up during a signature definition update, you can reset signature definitions using the command:
mpcmdrun -removedefinitions
You can then try the update again.
If Windows Defender isn't performing up to par, you can reset the settings using the command:
mpcmdrun -restoredefaults
Detailed help
You can get detailed information about these commands and other advanced Windows Defender command-line operations with the command:
mpcmdrun -?
I've used AVG anti-virus for a couple of years now, and I'd recommend this product to everybody.
ReplyDelete