Merge remote-tracking branch 'refs/remotes/origin/defender-cmd' into windef-atp

windows/keep-secure/TOC.md

@@ -428,6 +428,7 @@
 ### [Windows Defender in Windows 10](windows-defender-in-windows-10.md)
 #### [Update and manage Windows Defender in Windows 10](get-started-with-windows-defender-for-windows-10.md)
 #### [Configure Windows Defender in Windows 10](configure-windows-defender-in-windows-10.md)
+#### [Run a Windows Defender scan from the command line] (run-cmd-scan-windows-defender-for-windows-10.md)
 #### [Troubleshoot Windows Defender in Windows 10](troubleshoot-windows-defender-in-windows-10.md)
 ## [Enterprise security guides](windows-10-enterprise-security-guides.md)
 ### [Control the health of Windows 10-based devices](protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md)

windows/keep-secure/run-cmd-scan-windows-defender-for-windows-10.md

@@ -0,0 +1,60 @@
+---
+title: Run a scan from the command line in Windows Defender in Windows 10 (Windows 10)
+description: IT professionals can run a scan using the command line in Windows Defender in Windows 10.
+keywords: scan, command line, mpcmdrun, defender
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: W10
+ms.mktglfcycl: manage
+ms.sitesec: library
+author: mjcaparas
+---
+
+# Run a Windows Defender scan from the command line
+
+**Applies to:**
+
+- Windows 10
+
+IT professionals can use a command-line utility to run a Windows Defender scan. 
+
+The utility is available in _%Program Files%\Windows Defender\MpCmdRun.exe
+
+This utility can be handy when you want to automate the use of Windows Defender. 
+
+## Before you start
+
+To complete the procedures in this scenario:
+- You must have administrator credentials
+[CHECK WITH RAM IS THIS IS ACCURATE]
+
+
+**To run a full system scan from the command line**
+
+1. Click **Start**, type **cmd**, and press **Enter**.
+2. Navigate to _%ProgramFiles%\Windows Defender_ and enter the following command, and press **Enter**:
+
+```
+C:\Program Files\Windows Defender\mpcmdrun.exe -scan -scantype 2
+```
+The full scan start. When the scan completes, you'll see a message indicating that the scan is finished. 
+
+
+The utility also provides other commands that you can run:
+
+```
+MpCmdRun.exe \[command] [-options]
+```
+
+Command | Description 
+:---|:---
+\- ? / -h | Displays all available options for the tool
+\-Scan [-ScanType #] [-File <path> [-DisableRemediation] [-BootSectorScan]][-Timeout <days>] | Scans for malicious softare
+\-Trace  [-Grouping #] [-Level #]| Starts diagnostic tracing
+\-GetFiles | Collects support information
+\-RemoveDefinitions [-All] | Restores the installed signature definitions to a previous backup copy or to the original default set of signatures
+\-AddDynamicSignature [-Path] | Loads a dyanmic signature
+\-ListAllDynamicSignature [-Path] | Lists the loaded dynamic signatures
+\-RemoveDynamicSignature [-SignatureSetID] | Removes a dynamic signature
+\-EnableIntegrityServices | Enables integrity services
+\-SubmitSamples | Submit all sample requests