Kyle said:Anyone have a neat list of all the default settings for WD 1.1.1600?
Guess they're not entirely necessary, but it'd be nice if WD (like
many other programs) had a "Restore Defaults" button.
Dave M said:You should be able to create a batch file to reset WD to defaults by using
the following code:
@echo off
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Restoredefaults
Otherwise just run "MpCmdRun -Restoredefaults" at a command prompt from
within the Windows Defender program folder.
Kyle said:I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
Dave M said:Kyle said:I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
I don't want to restore defaults, as I've modified Defender extensively and
I would loose the mods, so I'll gather logs instead using "-GetFiles".
Here's how to navigate to the Windows Defender folder (your location should
be similar).
Then to list the command options available for MpCmdRun.
Then to gather log files with the "-GetFiles" command.
Don't neglect to include the (-)hyphen in front of each command.
Start > Run > type "CMD" without quotes > click OK
****************************************************************************************
C:\Documents and Settings\Dave>CD C:\Program Files\Windows Defender
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -?
Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender
Usage:
mpcmdrun.exe [command] [-options]
Command Description
-? / -h Displays all available options for this
to
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature
definitio
to a previous backup copy or to the
origin
default set of signatures
-RestoreDefaults Resets the Windows Defender registry
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software
install
on your computer
-GetFiles Collects support information
Additional Information:
Support information will be in the following directory:
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
Defend
-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much
information
is recorded.
If no component is specified, all the components will be logged.
If no level is specified, the Error, Warning and Informational
levels
will be logged.
[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions
[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions
-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory
- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer
-RemoveDefinitions
Restores the last set of signature definitions
-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.
-RestoreDefaults
Resets all configuration options to their default values; this is
the
equivalent of running Windows Defender setup unattended.
-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -GetFiles
Collecting events from System Event Log...done!
Collecting events from Application Event Log...done!
Collecting Software Explorer information...done!
Collecting configuration information...done!
Getting Windows Update log...done!
Getting MpCmdRun log...done!
done!
done!
Getting MpSigStub log...done!
Creating CAB file...done!
Files successfully created in C:\Documents and Settings\All
Users\Application Data\Microsoft\Windows Defender\Support
Kyle said:My usage options don't include -RestoreDefaults like yours does. When I
try
-RestoreDefaults I just get another list of the usage options. When I try
-GetFiles, I get a message Access is denied. This is probably more trouble
than it's worth. I'm not unhappy with my current settings. Thanks for the
try, Dave. I do enjoy playing with this stuff, but I hate to waste any
more
of your time, unless you just want to tackle this for the fun of it.
Dave M said:Kyle said:I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
:
Kyle wrote:
Anyone have a neat list of all the default settings for WD 1.1.1600?
Guess they're not entirely necessary, but it'd be nice if WD (like
many other programs) had a "Restore Defaults" button.
You should be able to create a batch file to reset WD to defaults by
using the following code:
@echo off
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Restoredefaults
Otherwise just run "MpCmdRun -Restoredefaults" at a command prompt
from within the Windows Defender program folder.
I don't want to restore defaults, as I've modified Defender extensively
and
I would loose the mods, so I'll gather logs instead using "-GetFiles".
Here's how to navigate to the Windows Defender folder (your location
should
be similar).
Then to list the command options available for MpCmdRun.
Then to gather log files with the "-GetFiles" command.
Don't neglect to include the (-)hyphen in front of each command.
Start > Run > type "CMD" without quotes > click OK
****************************************************************************************
C:\Documents and Settings\Dave>CD C:\Program Files\Windows Defender
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -?
Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender
Usage:
mpcmdrun.exe [command] [-options]
Command Description
-? / -h Displays all available options for
this
to
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature
definitio
to a previous backup copy or to the
origin
default set of signatures
-RestoreDefaults Resets the Windows Defender registry
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software
install
on your computer
-GetFiles Collects support information
Additional Information:
Support information will be in the following directory:
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
Defend
-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much
information
is recorded.
If no component is specified, all the components will be logged.
If no level is specified, the Error, Warning and Informational
levels
will be logged.
[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions
[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions
-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory
- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer
-RemoveDefinitions
Restores the last set of signature definitions
-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.
-RestoreDefaults
Resets all configuration options to their default values; this is
the
equivalent of running Windows Defender setup unattended.
-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -GetFiles
Collecting events from System Event Log...done!
Collecting events from Application Event Log...done!
Collecting Software Explorer information...done!
Collecting configuration information...done!
Getting Windows Update log...done!
Getting MpCmdRun log...done!
done!
done!
Getting MpSigStub log...done!
Creating CAB file...done!
Files successfully created in C:\Documents and Settings\All
Users\Application Data\Microsoft\Windows Defender\Support
Bill Sanderson said:Kyle - I take it you are running Vista?
My version number on Vista agrees with yours.
When I look at Windows Defender's mpcmdrun on Vista, like you, I don't see
a -RestoreDefaults switch.
I've looked through the UI for the program, the help, and the control panel,
and I have to say I don't see a way to reset the choices to defaults.
I think the defaults must be in place in a template which is used when new
user accounts are created, but I haven't spotted where that lives, and
blowing away and re-creating your user profile seems a hard way to
accomplish this goal.
You could create a new user, and log in as that user and look at the
Defender settings and write them down.....
Seems like a good suggestion to the developers--thanks!
Kyle said:My usage options don't include -RestoreDefaults like yours does. When I
try
-RestoreDefaults I just get another list of the usage options. When I try
-GetFiles, I get a message Access is denied. This is probably more trouble
than it's worth. I'm not unhappy with my current settings. Thanks for the
try, Dave. I do enjoy playing with this stuff, but I hate to waste any
more
of your time, unless you just want to tackle this for the fun of it.
Dave M said:Kyle wrote:
I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
:
Kyle wrote:
Anyone have a neat list of all the default settings for WD 1.1.1600?
Guess they're not entirely necessary, but it'd be nice if WD (like
many other programs) had a "Restore Defaults" button.
You should be able to create a batch file to reset WD to defaults by
using the following code:
@echo off
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Restoredefaults
Otherwise just run "MpCmdRun -Restoredefaults" at a command prompt
from within the Windows Defender program folder.
--
Regards, Dave
I don't want to restore defaults, as I've modified Defender extensively
and
I would loose the mods, so I'll gather logs instead using "-GetFiles".
Here's how to navigate to the Windows Defender folder (your location
should
be similar).
Then to list the command options available for MpCmdRun.
Then to gather log files with the "-GetFiles" command.
Don't neglect to include the (-)hyphen in front of each command.
Start > Run > type "CMD" without quotes > click OK
****************************************************************************************
C:\Documents and Settings\Dave>CD C:\Program Files\Windows Defender
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -?
Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender
Usage:
mpcmdrun.exe [command] [-options]
Command Description
-? / -h Displays all available options for
this
to
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature
definitio
to a previous backup copy or to the
origin
default set of signatures
-RestoreDefaults Resets the Windows Defender registry
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software
install
on your computer
-GetFiles Collects support information
Additional Information:
Support information will be in the following directory:
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
Defend
-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much
information
is recorded.
If no component is specified, all the components will be logged.
If no level is specified, the Error, Warning and Informational
levels
will be logged.
[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions
[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions
-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory
- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer
-RemoveDefinitions
Restores the last set of signature definitions
-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.
-RestoreDefaults
Resets all configuration options to their default values; this is
the
equivalent of running Windows Defender setup unattended.
-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -GetFiles
Collecting events from System Event Log...done!
Collecting events from Application Event Log...done!
Collecting Software Explorer information...done!
Collecting configuration information...done!
Getting Windows Update log...done!
Getting MpCmdRun log...done!
done!
done!
Getting MpSigStub log...done!
Creating CAB file...done!
Files successfully created in C:\Documents and Settings\All
Users\Application Data\Microsoft\Windows Defender\Support
Kyle said:I've been having trouble replying here using the web newsgroup reader.
Yes, Vista. No, the new user thing didn't work, as described here:
http://support.microsoft.com/kb/925548/en-us.
Good thought, though, I thought. Ugh. (Laughing Ghoulishly).
Bill Sanderson said:Kyle - I take it you are running Vista?
My version number on Vista agrees with yours.
When I look at Windows Defender's mpcmdrun on Vista, like you, I don't see
a -RestoreDefaults switch.
I've looked through the UI for the program, the help, and the control panel,
and I have to say I don't see a way to reset the choices to defaults.
I think the defaults must be in place in a template which is used when new
user accounts are created, but I haven't spotted where that lives, and
blowing away and re-creating your user profile seems a hard way to
accomplish this goal.
You could create a new user, and log in as that user and look at the
Defender settings and write them down.....
Seems like a good suggestion to the developers--thanks!
Kyle said:My usage options don't include -RestoreDefaults like yours does. When I
try
-RestoreDefaults I just get another list of the usage options. When I try
-GetFiles, I get a message Access is denied. This is probably more trouble
than it's worth. I'm not unhappy with my current settings. Thanks for the
try, Dave. I do enjoy playing with this stuff, but I hate to waste any
more
of your time, unless you just want to tackle this for the fun of it.
:
Kyle wrote:
I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
:
Kyle wrote:
Anyone have a neat list of all the default settings for WD 1.1.1600?
Guess they're not entirely necessary, but it'd be nice if WD (like
many other programs) had a "Restore Defaults" button.
You should be able to create a batch file to reset WD to defaults by
using the following code:
@echo off
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Restoredefaults
Otherwise just run "MpCmdRun -Restoredefaults" at a command prompt
from within the Windows Defender program folder.
--
Regards, Dave
I don't want to restore defaults, as I've modified Defender extensively
and
I would loose the mods, so I'll gather logs instead using "-GetFiles".
Here's how to navigate to the Windows Defender folder (your location
should
be similar).
Then to list the command options available for MpCmdRun.
Then to gather log files with the "-GetFiles" command.
Don't neglect to include the (-)hyphen in front of each command.
Start > Run > type "CMD" without quotes > click OK
****************************************************************************************
C:\Documents and Settings\Dave>CD C:\Program Files\Windows Defender
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -?
Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender
Usage:
mpcmdrun.exe [command] [-options]
Command Description
-? / -h Displays all available options for
this
to
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature
definitio
to a previous backup copy or to the
origin
default set of signatures
-RestoreDefaults Resets the Windows Defender registry
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software
install
on your computer
-GetFiles Collects support information
Additional Information:
Support information will be in the following directory:
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
Defend
-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much
information
is recorded.
If no component is specified, all the components will be logged.
If no level is specified, the Error, Warning and Informational
levels
will be logged.
[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions
[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions
-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory
- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer
-RemoveDefinitions
Restores the last set of signature definitions
-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.
-RestoreDefaults
Resets all configuration options to their default values; this is
the
equivalent of running Windows Defender setup unattended.
-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -GetFiles
Collecting events from System Event Log...done!
Collecting events from Application Event Log...done!
Collecting Software Explorer information...done!
Collecting configuration information...done!
Getting Windows Update log...done!
Getting MpCmdRun log...done!
done!
done!
Getting MpSigStub log...done!
Creating CAB file...done!
Files successfully created in C:\Documents and Settings\All
Users\Application Data\Microsoft\Windows Defender\Support
Kyle said:I've been having trouble replying here using the web newsgroup reader.
Yes, Vista. No, the new user thing didn't work, as described here:
http://support.microsoft.com/kb/925548/en-us.
Good thought, though, I thought. Ugh. (Laughing Ghoulishly).
Bill Sanderson said:Kyle - I take it you are running Vista?
My version number on Vista agrees with yours.
When I look at Windows Defender's mpcmdrun on Vista, like you, I don't
see
a -RestoreDefaults switch.
I've looked through the UI for the program, the help, and the control
panel,
and I have to say I don't see a way to reset the choices to defaults.
I think the defaults must be in place in a template which is used when
new
user accounts are created, but I haven't spotted where that lives, and
blowing away and re-creating your user profile seems a hard way to
accomplish this goal.
You could create a new user, and log in as that user and look at the
Defender settings and write them down.....
Seems like a good suggestion to the developers--thanks!
Kyle said:My usage options don't include -RestoreDefaults like yours does. When I
try
-RestoreDefaults I just get another list of the usage options. When I
try
-GetFiles, I get a message Access is denied. This is probably more
trouble
than it's worth. I'm not unhappy with my current settings. Thanks for
the
try, Dave. I do enjoy playing with this stuff, but I hate to waste any
more
of your time, unless you just want to tackle this for the fun of it.
:
Kyle wrote:
I'll try again. Evidently my first reply didn't take.
Thanks for the reply, Dave. I'm really an extreme novice with the
command prompt stuff. I tried it and got a bunch of command options,
but the Restoredefaults didn't seem to have any meaning. I may not
have been doing it correctly.
:
Kyle wrote:
Anyone have a neat list of all the default settings for WD
1.1.1600?
Guess they're not entirely necessary, but it'd be nice if WD (like
many other programs) had a "Restore Defaults" button.
You should be able to create a batch file to reset WD to defaults
by
using the following code:
@echo off
"C:\Program Files\Windows Defender\MpCmdRun.exe" -Restoredefaults
Otherwise just run "MpCmdRun -Restoredefaults" at a command prompt
from within the Windows Defender program folder.
--
Regards, Dave
I don't want to restore defaults, as I've modified Defender
extensively
and
I would loose the mods, so I'll gather logs instead using "-GetFiles".
Here's how to navigate to the Windows Defender folder (your location
should
be similar).
Then to list the command options available for MpCmdRun.
Then to gather log files with the "-GetFiles" command.
Don't neglect to include the (-)hyphen in front of each command.
Start > Run > type "CMD" without quotes > click OK
****************************************************************************************
C:\Documents and Settings\Dave>CD C:\Program Files\Windows Defender
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -?
Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender
Usage:
mpcmdrun.exe [command] [-options]
Command Description
-? / -h Displays all available options for
this
to
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature
definitio
to a previous backup copy or to the
origin
default set of signatures
-RestoreDefaults Resets the Windows Defender
registry
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software
install
on your computer
-GetFiles Collects support information
Additional Information:
Support information will be in the following directory:
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
Defend
-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much
information
is recorded.
If no component is specified, all the components will be
logged.
If no level is specified, the Error, Warning and Informational
levels
will be logged.
[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions
[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions
-GetFiles
Gathers the following log files and packages them together in
a
compressed file in the support directory
- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer
-RemoveDefinitions
Restores the last set of signature definitions
-RemoveDefinitions -All
Rolls the signature definitions back to the default signature
set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.
-RestoreDefaults
Resets all configuration options to their default values; this
is
the
equivalent of running Windows Defender setup unattended.
-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory
****************************************************************************************
C:\Program Files\Windows Defender>MpCmdRun -GetFiles
Collecting events from System Event Log...done!
Collecting events from Application Event Log...done!
Collecting Software Explorer information...done!
Collecting configuration information...done!
Getting Windows Update log...done!
Getting MpCmdRun log...done!
done!
done!
Getting MpSigStub log...done!
Creating CAB file...done!
Files successfully created in C:\Documents and Settings\All
Users\Application Data\Microsoft\Windows Defender\Support
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.