Commands for Defender scan using Task Scheduler

[Guest]

I prefer to have all my scheduled system tasks centralised...so I'd like to
schedule a Defender scan using the *Vista's Task Scheduler*, rather than
configuring it with the scan options in Defender itself.

Can anybody tell me the correct command lines and switches to schedule a
*full* system scan which runs after *checking for updates*, and without the
GUI or user input etc? What other options should I set to ensure it runs
unattended in the middle of the night?

thanks

 

[Jon]

I prefer to have all my scheduled system tasks centralised...so I'd like to
schedule a Defender scan using the *Vista's Task Scheduler*, rather than
configuring it with the scan options in Defender itself.

Can anybody tell me the correct command lines and switches to schedule a
*full* system scan which runs after *checking for updates*, and without
the
GUI or user input etc? What other options should I set to ensure it runs
unattended in the middle of the night?

thanks

Something along these lines

c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges

 

[Guest]

Thanks for the reply. I'm doing it like this (a quick scheduled scan which
supposisdly checks for updates):
C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScanType 1
-SignatureUpdate

Does anyone know how get it to do a full scan of just the "C: drive"? The
The trouble is that the long scan takes about 5 hours because it gets trapped
in backup archives on my D: drive.

 

[Jon]

Don't think so. Can't see that option in its documentation.......


Windows Defender Command Line Utility (c) 2006 Microsoft Corporation
Use this tool to automate and troubleshoot Windows Defender

Usage:
mpcmdrun.exe [command] [-options]

Command Description
-? [h] Displays all available options for this
tool
-Scan [-ScanType] Scans for malicious software
-SignatureUpdate Checks for new definition updates
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-GetFiles Collects support information
-RemoveDefinitions [-All] Restores the installed signature
definitions
to a previous backup copy or to the
original
default set of signatures
-GetSWE Exports information about software
installed
on your computer

Additional Information:

Support information will be in the following directory:
C:\ProgramData\Microsoft\Windows Defender\Support

-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan

-Trace [-Grouping] [-Level]
Begins tracing Windows Defender's actions. You can specify
the components for which tracing is enabled and how much information
is recorded for each component. If no level is specified,
the Error, Warning, Informational, and Assert levels will be logged.

[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions

[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions

-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory

- Any trace files from Windows Defender
- The Windows Update history log
- All WinDefend or WinDefendRtp events from the
System and Application event log
- All relevant Windows Defender registry locations
- All software information from Software Explorer

-RemoveDefinitions
Restores the last set of signature definitions

-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set,
version 1.0.0.0, and removes any installed signature and engine
files.
Use this option if you have difficulties trying to update
signatures.

-GetSWE
Exports the contents of Software Explorer into a file named
MPSWE.txt
in the support directory