Windows Defender as scanner
Question asked by echoDreamz - June 7, 2017 at 10:27 AM
Unanswered
Has anyone had the idea of trying to use Windows Defender's command line scanner with SmarterMail? Clam is great, but the detection rate is pretty low even with 3rd party databases. I imagine WD is a little better.

Christopher

3 Replies

Reply to Thread
0
jorge.mx.neto Replied
In this thread (https://portal.smartertools.com/community/a2204/what-is-the-enable-real-time-av.aspx) this topic was approached, but no specific answers how to manage the command line AV.
 
I've made some tests with the MS Windows Defender but no conclusive results, below for reference the syntax I used.
 
C:\Program Files\Microsoft Security Client>MpCmdRun.exe -Scan -ScanType 3 -File %FILEPATH -disableremediation
 
Maybe someone can also chime in more results on this topic.
 
0
echoDreamz Replied
C:\Program Files\Windows Defender\MpCmdRun.exe -scan -scantype 3 -file "%FILEPATH" -disableremediation
Same as your setup here. I see scans are running. Though reports today show 0 viruses caught. Usually we have 800+ (though that is based on the ClamAV scanner).
 
The log located in the Windows temp directory shows tons of scanned messages with no threats, so either it is simply not working or is really not finding any threats.

Christopher

0
echoDreamz Replied
Just an update, after setting up a mail server to send ecar test viruses through easily to our primary server, Windows defender picks them up if I copy to the desktop or manually scan the file, but in an email, it reports no threats. So clearly the scanner is not working properly.

Christopher

Reply to Thread