How to use Microsoft Defender Antivirus with Command Prompt
on Windows 10
You can use Command Prompt to control various aspects of Microsoft Defender Antivirus, and in this guide, we'll show you how on Windows 10.
On Windows 10, Microsoft Defender Antivirus provides advanced real-time protection to protect your device and files against viruses, ransomware, spyware, rootkits, and other forms of malware, including hackers.
Although you can
easily control the feature using the Windows Security
app, you can also handle various aspects of the antivirus (updates,
scans, and quarantined items) through Command Prompt. Usually, managing the
experience with commands can be useful in many situations. For instance, when
you need to use a script to automate some of the anti-malware tasks. You want
to set a specific schedule to download updates or perform a quick, full, or
custom scan. Or when you need to complete particular tasks on multiple
computers.
In this Windows 10 guide, we will
walk you through the steps to manage Microsoft Defender Antivirus with Command
Prompt.
·
How to check for updates
on Microsoft Defender
·
How to perform quick
virus scan with Microsoft Defender
·
How to perform full virus
scan with Microsoft Defender
·
How to perform custom
virus scan with Microsoft Defender
·
How to perform boot
sector malware scan on Microsoft Defender
·
How to restore
quarantined items on Microsoft Defender
How to check for updates on Microsoft Defender
To check and download updates for Microsoft Defender, use these steps
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to check and update Microsoft Defender Antivirus and press Enter:
MpCmdRun -SignatureUpdate
Once you complete the steps, the tool will check and download any update available for the built-in antivirus.
Uninstall definitions updates
You can also remove previously installed updates with these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to remove the most recent definitions and press Enter:
MpCmdRun -RemoveDefinitions -All
The -All option restores the previous definitions from the backup or original default set of signatures.5. Type the following command to rollback the engine version and press Enter:
MpCmdRun -RemoveDefinitions -Engine
The -Engine option rolls back to the previous version of the antivirus engine.
6. Type the following command to remove dynamic signature updates and press Enter:
MpCmdRun -RemoveDefinitions -DynamicSignatures
The -DynamicSignatures option uninstalls only the dynamic signatures.
After you complete the steps, the definitions will be removed from your computer according to your configuration.
How to perform quick virus scan with Microsoft Defender
To perform a quick Microsoft Defender scan, use these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to perform a quick antivirus scan and press Enter:
MpCmdRun -Scan -ScanType 1
Quick tip: You can also replace 1 with the 0 option in the command to start a default scan according to your configuration.
Once you complete the steps, the scan will begin, but it takes more than one day, the process will stop automatically.
How to perform full virus scan with Microsoft Defender
To perform a full Microsoft Defender scan with Command Prompt, use these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as a 2. dministrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to perform a full antivirus scan and press Enter:
MpCmdRun -Scan -ScanType 2
After you complete the steps, the antivirus will perform a full malware scan on your device. Depending on the amount of data, this process can take a very long time.
How to perform custom virus scan with Microsoft Defender
To customize a malware scan using Command Prompt, use these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to perform a custom antivirus scan and press Enter:
MpCmdRun -Scan -ScanType 3 -File PATH\TO\FOLDER-FILES
In the command, make sure to specify the path to the folder you want to scan.
For example, this command scans the "Downloads" folder:MpCmdRun -Scan -ScanType 3 -File C:\Users\username\Downloads
5. (Optional) Type the following command to perform a custom scan with timeout time and press Enter:
MpCmdRun -Scan -ScanType 3 -File PATH\TO\FOLDER-FILES -Timeout 1
In the command, make sure to specify the path to the folder you want to scan.
For example, this command scans the "Downloads" folder and sets the timeout to one day:MpCmdRun -Scan -ScanType 3 -File C:\Users\username\Downloads -Timeout 1
Quick note: You can always change the number for the timeout option to specify another number of days. The option is also available for quick and full scan commands.
Once you complete the steps, the anti-malware solution will only scan the location you specified. If you are using the "-Timeout" option, then if the scan is taking a long time, it will timeout once the time you specified has been reached.
How to perform boot sector malware scan on Microsoft Defender
On Windows 10, the boot sector is an essential section in the installation drive that stores the instructions on how to start the boot process. Sometimes, viruses can also attack the boot sector causing unwanted behaviors, which can be challenging to troubleshoot and fix. However, Microsoft Defender Antivirus includes an option to check and remove malicious code that may be residing in the boot sector.
To scan the boot sector for malware with Microsoft Defender, use these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to perform a custom antivirus scan and press Enter:
MpCmdRun -Scan -ScanType -BootSectorScan
After you complete the steps, Microsoft Defender Antivirus will scan the boot sector for any malicious code that may be affecting the device.
How to restore quarantined items on Microsoft Defender
The Microsoft Defender Antivirus command-line tool also includes an option to view a list of quarantined items and another option to restore items that might have been detected as malicious when they are not harmful.
To view and restore quarantined items with Command Prompt, use these steps:
- 1. Open Start.
- 2. Search for Command Prompt, right-click the top result, and select the Run as administrator option.
3. Type the following command to open the antivirus tool location and press Enter:
cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
4. Type the following command to view quarantined items and press Enter:
MpCmdRun -Restore -ListAll
5. Type the following command to restore all quarantined item and press Enter:
MpCmdRun -Restore -All
6. Type the following command to restore a specific quarantined item and press Enter:
MpCmdRun -Restore -Name ITEM-NAME
In the command, replace the "ITEM-NAME" for the name of the quarantined item you want to restore.7. Type the following command to restore a specific quarantined item to a specific path and press Enter:
MpCmdRun -Restore -Name ITEM-NAME -FilePath PATH\TO\RESTORED
In the command, make sure to specify the path to restore the item.
For example, this command restores a specific item to the Documents folder:MpCmdRun -Restore -Name app.exe -FilePath C:\Users\username\Downloads
Once you complete the steps, the items will be restored in the original or alternate location, depending on the command.
This guide focuses on the more important commands you can use with Command Prompt, but the tool includes additional options, which you can view running the MpCmdRun
command.
While you can manage a number of functions through Command Prompt, the tool is quite limited. For example, you cannot start an offline scan or change preferences. If you want to manage settings and control virtually every aspect of Microsoft Defender Antivirus with commands, you should be using the PowerShell modules instead.
Thanks for reading ...
Masud Rana
,,
No comments:
Post a Comment