diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md index 5760e380c9..6832c65573 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md @@ -21,46 +21,42 @@ manager: dansimp - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -You can perform various Windows Defender Antivirus functions with the dedicated command-line tool mpcmdrun.exe. +You can perform various Windows Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility can be useful when you want to automate Windows Defender Antivirus use. You can find the utility in _%ProgramFiles%\Windows Defender\MpCmdRun.exe_. You must run it from a command prompt. > [!NOTE] -> You may need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. +> You might need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt. The utility has the following commands: ```DOS MpCmdRun.exe [command] [-options] ``` -For example, +Here's an example: ``` MpCmdRun.exe -scan -2 ``` +| Command | Description | +|:----|:----| +| \-? **or** -h | Displays all available options for this tool | +| \-Scan [-ScanType [0\|1\|2\|3]] [-File \ [-DisableRemediation] [-BootSectorScan]] [-Timeout \] [-Cancel] | Scans for malicious software. Values for **ScanType** are: **0** Default, according to your configuration, **-1** Quick scan, **-2** Full scan, **-3** File and directory custom scan. | +| \-Trace [-Grouping #] [-Level #] | Starts diagnostic tracing | +| \-GetFiles | Collects support information | +| \-GetFilesDiagTrack | Same as Getfiles but outputs to temporary DiagTrack folder | +| \-RemoveDefinitions [-All] | Restores the installed Security intelligence to a previous backup copy or to the original default set | +| \-RemoveDefinitions [-DynamicSignatures] | Removes only the dynamically downloaded Security intelligence | +| \-RemoveDefinitions [-Engine] | Restores the previous installed engine | +| \-SignatureUpdate [-UNC \| -MMPC] | Checks for new Security intelligence updates | +| \-Restore [-ListAll \| [[-Name \] [-All] \| [-FilePath \]] [-Path \]] | Restores or lists quarantined item(s) | +| \-AddDynamicSignature [-Path] | Loads dynamic Security intelligence | +| \-ListAllDynamicSignatures | Lists the loaded dynamic Security intelligence | +| \-RemoveDynamicSignature [-SignatureSetID] | Removes dynamic Security intelligence | +| \-CheckExclusion -path \ | Checks whether a path is excluded | -| Command | Description | -|:--------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------| -| \-? **or** -h | Displays all available options for this tool | -| \-Scan [-ScanType [0\|1\|2\|3]] [-File \ [-DisableRemediation] [-BootSectorScan]] [-Timeout \] [-Cancel] | Scans for malicious software. Values for **ScanType** are: **0** Default, according to your configuration, **-1** Quick scan, **-2** Full scan, **-3** File and directory custom scan. | -| \-Trace [-Grouping #] [-Level #] | Starts diagnostic tracing | -| \-GetFiles | Collects support information | -| \-GetFilesDiagTrack | Same as Getfiles but outputs to temporary DiagTrack folder | -| \-RemoveDefinitions [-All] | Restores the installed Security intelligence to a previous backup copy or to the original default set | -| \-RemoveDefinitions [-DynamicSignatures] | Removes only the dynamically downloaded Security intelligence | -| \-RemoveDefinitions [-Engine] | Restores the previous installed engine | -| \-SignatureUpdate [-UNC \| -MMPC] | Checks for new Security intelligence updates | -| \-Restore [-ListAll \| [[-Name \] [-All] \| [-FilePath \]] [-Path \]] | Restores or lists quarantined item(s) | -| \-AddDynamicSignature [-Path] | Loads dynamic Security intelligence | -| \-ListAllDynamicSignatures | Lists the loaded dynamic Security intelligence | -| \-RemoveDynamicSignature [-SignatureSetID] | Removes dynamic Security intelligence | -| \-CheckExclusion -path \ | Checks whether a path is excluded | -For example, -``` -mpcmdrun.exe -scan -2 -``` ## Related topics - [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md)