Scheduling silent hourly Windows Defender definition updates using Task Scheduler on Windows 8

8

3

I want to update Windows Defender's definitions every hour and came up with the idea of using the Task Scheduler to execute the Defender update service with the signature update argument.

~/Windows Defender/MpCmdRun -SignatureUpdate

This works pretty well but opens up a cmd window every hour and I want to run it silently in the background.

I am aware of the registry mod that can be done to increase the update frequency but do not want to do that hack over and over again after critical Defender updates after which the registry goes back to the original settings.

I am not very familiar with cmd arguments. I know that some executables work with the /silent argument for background launching, but it doesn't help. What else can I try or use?

Afzal

Posted 2013-02-03T18:56:38.560

Reputation: 1 225

Answers

6

Use a VBS file instead of a CMD file and schedule it as usual with your Task Scheduler.

VBScript's run method can open other programs in a hidden window via its second argument (, 0). The tricky part was the escaping together with the argument -SignatureUpdate

set objShell = createobject("wscript.shell")  
objShell.Run("""C:\Program Files\Windows Defender\MpCmdRun.exe"" ""-SignatureUpdate""") , 0

Now you won't see any window during Windows Defender update. Only a task manager process is visible:

enter image description here

Other possible settings for intWindowStyle:

0 = Hide the window and activate another window.
1 = Activate and display the window. (restore size and position).
2 = Activate & minimize.
3 = Activate & maximize.
4 = Restore. The active window remains active.
5 = Activate & Restore.
6 = Minimize & activate the next top-level window in the Z order.
7 = Minimize. The active window remains active.
8 = Display the window in its current state. The active window remains active.
9 = Restore & Activate. Specify this flag when restoring a minimized window.
10 = Sets the show-state based on the state of the program that started the application.

nixda

Posted 2013-02-03T18:56:38.560

Reputation: 23 233

Is it possible to use a .lnk file instead of .cmd which would have the argument for updating? I will keep that somewhere like in the Desktop and use attrib +r +h +s, so that it stays hidden. – Afzal – 2013-02-04T15:30:59.803

Or the .cmd points to a .lnk with the argument for updating? – Afzal – 2013-02-04T15:49:59.437

I misinterpreted the 2nd additional point. My bad. What's the , 0 exactly for? – Afzal – 2013-02-04T18:56:26.390

1That's an argument to the VBS run method which defines the Window style of the called programm. In our case a CMD window. This way, the CMD is fired but wont show up in your taskbar. You can only see it in your task manager. – nixda – 2013-02-04T19:03:29.193

Awesome. Once I get Karan's permission to merge the other answer with yours, I will mark this answer as accepted. Thanks a lot! :) – Afzal – 2013-02-04T19:07:37.333

1@sabrefresco I updated my answer with a better solution. Now you don't need a CMD file at all. Just a scheduled task and that VBS file. – nixda – 2013-02-15T02:28:04.783

2

  1. Instead of using %ProgramFiles%\Windows Defender\MpCmdRun.exe -SignatureUpdate, try
    %ProgramFiles%\Windows Defender\MSASCui.exe -Update instead.

  2. If option 1 does not work, you can use Hidden Start to hide the cmd window:

Console applications and batch files are regularly run at Windows startup or in a schedule. The main inconvenience of this is that each application opens a console window that flickers on the screen. Hidden Start (or Hstart) is a lightweight command line utility that allows you to run console applications and batch files without any window in the background, handle UAC privilege elevation under Windows 7 and Vista, start multiple commands in parallel or synchronously, and much more.

1

Karan

Posted 2013-02-03T18:56:38.560

Reputation: 51 857

OK. So option 1 brings up the Defender windows itself. It does update but not silently. Option 2 is good for silent updates, but I don't see anything for the frequency of the updates. I need both silent and hourly definition updates, or atleast increase the frequency of the updates. If you know how to make HStart launch a particular executable every hour or so, please let me know, as I don't see any options of that kind. – Afzal – 2013-02-04T15:45:12.567

No, you'd need to use Task Scheduler as you are already doing, but instead of calling MpCmdRun.exe directly, you'd call hstart.exe instead with /NoConsole and MpCmdRun.exe -SignatureUpdate as the parameters (i.e. htstart.exe /NoConsole ""%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate"). – Karan – 2013-02-04T17:50:49.413

OK, got it. I like both of the answers to this question. Can we perhaps merge your answer with the previous one to have two options to this question, with and without 3rd party apps? – Afzal – 2013-02-04T18:58:57.503

It doesn't work that way IMO. What if someone else comes along in future and posts another great answer? Do we merge that as well? Qs and As here are meant to help future readers too, don't forget. I understand that it may be difficult to decide which answer to accept if you have multiple possible valid ones, but that's up to you. Sometimes people just upvote all and don't accept any specific answer; sometimes they just choose one at random. In any case you have benefited (as hopefully will others) since you got different people weighing in with unique solutions, so don't worry about it. – Karan – 2013-02-04T22:53:47.203

2

This works pretty well but opens up a cmd window every hour and I want to run it silently in the background.

I always use task scheduler on MSE and in W8 on Defender, with the parameters you also state. To prevent the cmd window to open you have to change the user account, on the general tab in the task scheduler, to SYSTEM and check the box high priority.

Now it should work smoothly!

IJpie

Posted 2013-02-03T18:56:38.560

Reputation: 21

0

Here's a free app that will hide the command window:

enter image description here

Schedule it as such:

cmdNoWnd "C:\Program Files\Windows Defender\MpCmdRun.exe" -SignatureUpdate

I set it up to run every hour in Windows Task Scheduler.

c00000fd

Posted 2013-02-03T18:56:38.560

Reputation: 339

0

Hourly scheduled update

schtasks /create /tn "Defender Definition Update" /sc HOURLY /ru SYSTEM /rl HIGHEST /tr "'C:\Program Files\Windows Defender\MpCmdRun.exe' -SignatureUpdate -MMPC"

Remove scheduled task

schtasks /delete /tn "Defender Definition Update"

zamiere

Posted 2013-02-03T18:56:38.560

Reputation: 1

Asked: 2013-02-03T18:56:38.560

Viewed: 7 377 times

Active: 2017-02-07T05:47:13.823