How To Use Windows Defender From The Command Prompt

Windows Defender, now known as Windows Security, is a robust antivirus solution integrated into Windows operating systems, offering real-time protection against various threats. Using Windows Defender from the Command Prompt provides advanced control and automation capabilities, making it particularly useful for scripting and managing multiple systems.

Getting Started with Windows Defender Command Prompt

To use Windows Defender from the Command Prompt, you need to run it with administrative privileges. Here’s how to do it:

Open Command Prompt as Administrator:
- Type cmd in the search box.
- Right-click on Command Prompt and select Run as administrator.
Locate the Windows Defender Folder:
- The utility program MpCmdRun.exe is required to run Windows Defender commands. This file is usually located in the C:\Program Files\Windows Defender folder. Note down this path as it will be necessary for subsequent commands.

Running Windows Defender Scans from Command Prompt

Windows Defender allows you to perform various types of scans using the Command Prompt.

Quick Scan

A quick scan checks common locations for malware and completes in a few minutes.

Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 1
```
This command initiates a quick scan. If you prefer a default scan, you can replace 1 with 0.

Full Scan

A full scan is a comprehensive scan that checks all files and folders on your system, which can take significantly longer.

Command:

"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 2

This command performs a full antivirus scan.

Custom Scan

You can also perform a custom scan to target specific folders or files.

Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 3 -File PATH\TO\FOLDER-FILES
```
Replace PATH\TO\FOLDER-FILES with the actual path of the folder or file you want to scan.

Updating Windows Defender Antivirus Definitions

Keeping your antivirus definitions up to date is crucial for effective protection.

Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate
```
This command updates the antivirus definitions to the latest available.

Listing and Restoring Quarantined Files

If Windows Defender mistakenly quarantines a legitimate file, you can restore it using the Command Prompt.

List Quarantined Files:
- Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Restore -ListAll
```
  This command lists all the files currently in quarantine.
Restore a Quarantined File:
- Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Restore -Name "FileName"
```
  Replace "FileName" with the actual name of the file you want to restore.

Verifying Cloud Connection

To ensure that Windows Defender is connected to the cloud for enhanced protection, you can use the following command.

Command:
```
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -ValidateMapsConnection
```
If the connection is successful, you will see a message indicating that a connection to MAPS (Microsoft Active Protection Service) has been established.

Additional Tips and Applications

Scheduling Tasks: You can use the Task Scheduler to automate Windows Defender tasks. For example, you can schedule regular scans or updates.
Scripting: The Command Prompt commands for Windows Defender are particularly useful when creating scripts to automate antivirus tasks across multiple systems.
Customizing Scans: You can customize scans to include or exclude specific files and folders, and even set a timeout for the scan process.

By leveraging these commands, you can gain greater control over Windows Defender and automate various security tasks efficiently.