Microsoft Malware Protection
Comme vous l'avez surement remarqué, il existe plusieurs gamme de produits anti-malware chez Microsoft :
- Forefront Endpoint Protection 2010 (FEP 2010) : Gamme Entreprise
- Windows Intune Malware Protection : Gamme TPE et PME
- Microsoft Security Essentials (MSE 2.0) : Gratuit, pour les TPE et les particuliers
Néanmoins, techniquement, ces trois produits partagent le même moteur anti-malware “Microsoft Malware Protection”.
Ainsi, il est intéressant de savoir que le moteur “Microsoft Malware Protection” est administrable en ligne de commande à l’aide de “MpCmdRun.exe”.
Usage: MpCmdRun.exe [command] [-options] -RemoveDefinitions [-All] : Restores the installed signature definitions to a previous backup copy or to the original default set of signatures. -RestoreDefaults : Resets the registry values for Microsoft Antimalware Service settings to known good defaults -SignatureUpdate [-UNC] : Checks for new definition updates -Scan [-ScanType] : Scans for malicious software 0 Default, according to your configuration 1 Quick scan 2 Full system scan -Restore -Name <name> [-All] : Restore the most recently or all quarantined item(s) based on name -GetFiles : Collects support information and gathers log files and packages them together in a compressed file in the support directory -RemoveDefinitions [-All] : Restores the last set of signature definitions or removes any installed signature and engine files -SignatureUpdate [-UNC] : Check for signatures update -Restore -Name <name> : Restores the most recently quarantined item based on name or Restores all the quarantined items -AddDynamicSignature -Path <path> : Adds a Dynamic Signature specified by <path> -RemoveDynamicSignature -SignatureSetID <SignatureSetID> : Removes a Dynamic Signature -ListAllDynamicSignatures : Lists SignatureSet ID's of all Dynamic Signatures added to the client via SpyNet and MPCMDRUN -AddDynamicSignature |