Two years ago I showed you how to add on-demand scans to the context menu for Windows Defender; however, this trick was endemic to folders not files. Today, I want to show you a quick command line trick that will let you scan any file you want.
Scanning for bugs and bad software can be a pain with Windows Defender.
The problem is that Windows Defender does too much. I know that’s an oblique compliment but it’s true. Since real-time protection is enabled by default, Microsoft didn’t think it was necessary to include a “Scan on Demand” button.
That’s because real-time protection automatically watches for downloaded files, attachments and programs that run on your computer. That’s cool but what can you do when you want to scan a specific file?
You yell “Vonnie, help!” and watch – I’ve got your back.
Follow me my friend – I’m about to make your Windows Defender dreams come true hahaa.
Scanning a specific file from the command line
To start, open an elevated command prompt.
We’re going to the Windows Defender directory and will run MpCmdRun.exe with a few clever parameters. This lissome tool is your key to scanning specific files.
cd C:\Program Files\Windows Defender
To scan a specific file type this:
MpCmdRun -Scan -ScanType 3 -File "C:\Users\vhudson\Downloads\Get-ProductKey.ps1"
Just supplant the path in quotes with the path to the desired file to scan.
You can also right click the file in File Explorer and hold down the Shift key to click Copy as Path from the context menu.
Then just right click the command prompt after the -File parameter and paste in the path.
You can use this for any file.
But let’s say the command prompt is a little too geeky for you. Don’t worry I’ve got you covered. Let me show you how to add a slick shortcut to the context menu so you can scan files by right-clicking them.
Scanning a specific file by right-clicking it
Bust open Notepad (Windows Key + q) and type “notepad”
Now let’s create a little batch script:
Creating the script
@ECHO OFF "C:\Program Files\Windows Defender\MpCmdRun.exe" -Scan -ScanType 3 -File %1 PAUSE
The first line says, “Hey, don’t display, echo, the command to the screen. We don’t care about seeing that”
The second line is the path to the Microsoft Antimalware Service Command Line Utility.
-ScanType 3 indicates you want to do a custom scan on a file and the
%1 thing means to scan the first file name we give it. (in our case, the file we right-click)
The last line, PAUSE, means “Don’t close the command line window until the user presses Enter. We need to give her time to see the results! Duh!”
Now press Alt + fa in Notepad to open the Save As window.
It’s super important that we change the default Save as type from Text Documents (*.txt) to All Files (*.*).
Change the filename to “Scan_with_Windows_Defender.cmd” and hit Save.
Now any file you drag and drop on top of your newly created batch script will automatically get scanned by Windows Defender.
Adding it to the context menu
To add the batch script to your right-click menu, press Windows Key + r and type:
You’ll notice your existing right-click items are happily hanging out in here.
Drag and drop the “Scan_with_Windows_Defender.cmd” file into the SendTo folder.
Now you should instantly see the fruit of your labor. No reboots required. Just right click any file, mouse down to the SendTo option and find your new shortcut.
Making it look sexy
If you hate the way the icon looks (I do) go to http://www.iconarchive.com and find one that looks really cool.
Download the ICO and get ready for beauty. I like the one called Earth-Scan-icon (although it doesn’t look as cool as the 128×128 pixel preview because shortcut icons are tiny 16 pixel squares – but oh well – it’s still worth it.
Right click the Scan_with_Windows_Defender.cmd file in your SendTo folder and choose Create Shortcut. Now move that .cmd file to a different location like My Documents or something. We just want the shortcut in the SendTo folder, not the cmd, because Windows let’s us change shortcut icons not cmd icons.
Incidentally, there’s a good reason Microsoft forbids .bat and .cmd icon manipulations. It would make it easier for hackers to trick people into running malicious files! Yeah, you see that thing that looks like Google Chrome? Click that and you’ll fry your computer.
Right click the shortcut, visit Properties and click Change Icon…
Browse to your icon and click OK through all the windows and you’re golden.
And like Montell Jordan would say…
“This is how we do it!”
Now you can scan specific files for viruses.