Scan a network folder in Windows Defender (Windows 8.1) via command line?

4

In Windows 8.1, we can instruct Windows Defender to perform a custom scan, via command line, like this:

MpCmdRun -Scan -ScanType 3 -File "D:\My Personal Docs"

Can the same be done with network locations (UNC paths), like this?

MpCmdRun -Scan -ScanType 3 -File "\\NetworkShare\Shared Office Docs"

I don't have access to a Windows 8.1 machine at the moment which is why I'm asking here. Hopefully someone already knows or can try it.

misha256

Posted 2015-08-17T23:53:50.460

Reputation: 10 292

I just checked it with my network drive--an Ubuntu Server running a Samba share-- and it didn't work: Image 1, Image 2. It failed with error: 0x80508023.

– IfOnlyIHadAGoodUsername – 2015-08-22T06:15:35.170

Answers

1

I have just tested this myself, sadly it didn't work. I guess you've have to assign driver letters to each one or use IP's.

Jay

Posted 2015-08-17T23:53:50.460

Reputation: 660

1

No, this is not possible.

There is a -UNC switch you can pass if you are doing a signature update, but quoting from Technet Forums: "On-demanded scan could only scan file/folder on local disk. So you cannot run custom scan for remote server "

The solution suggested is to use psexec to connect to the system hosting the UNC sharename and performing a MpCmdRun on that machine with a custom scan pointing to the local path via something like: psexec \\NetworkShare -s cmd /c MpCmdRun -Scan -ScanType 3 -File "D:\Shares\Shared Office Docs"

Of course, this requires the remote machine to also have Windows Defender and the PsExec service available.

ssnobody

Posted 2015-08-17T23:53:50.460

Reputation: 2 510

Asked: 2015-08-17T23:53:50.460

Viewed: 693 times

Active: 2015-08-26T22:13:43.887