How to run Windows Defender from the Command Line

Windows Defender, as well as Microsoft Security Essentials, has the ability to scan, update or run other tasks from the command prompt. The application MpCmdRun.exe is situated in the %ProgramFiles%\Windows Defender or %ProgramFiles%\Microsoft Security Essentials folder respectively and is called as the Microsoft Antimalware Service Command Line Utility.

You can use this tool to automate and troubleshoot Microsoft Antimalware Service. Here we will talk about Windows Defender on Windows 10.

Run Windows Defender from Command Line

To do so, open command prompt as an administrator. Type the following to get the entire list of commands:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe"

run Windows Defender from the Command Line
So for instance if you wish to do a quick scan from the command line, you can use -Scan 1 parameter:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 1

To perform a full scan, use:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 2

To update Windows Defender or to create a shortcut to update your Windows Defender  you can use the following command:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe" –signatureupdate

MpCmdRun.exe

MpCmdRun.exe

Here is the entire list which I have copy-pasted from the command prompt results:

Usage: MpCmdRun.exe [command] [-options]

Command Descriptions:

  • -? / -h : Displays all available options for this tool
  • -Trace [-Grouping #] [-Level #] :  Starts diagnostic tracing
  • -RemoveDefinitions [-All] : Restores the installed signature definitions to a previous backup copy or to the original default set of signatures
  • -RestoreDefaults : Resets the registry values for Microsoft Antimalware Service settings to known good defaults
  • -SignatureUpdate [-UNC] : Checks for new definition updates
  • -Scan [-ScanType] : Scans for malicious software
  • -Restore -Name <name> [-All] : Restore the most recently or all quarantined item(s) based on name
  • -GetFiles : Collects support information
  • -Restore : Restore or list quarantined item(s)
  • -AddDynamicSignature : Loads a dynamic signature
  • -ListAllDynamicSignatures : List the loaded dynamic signatures
  • -RemoveDynamicSignature : Removes a dynamic signature.

Hope this helps you get started.

Posted by on , in Category Security with Tags

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.