MpCmdRun.exeOn Forefront Client Security this is found in;
C:\Program Files\Microsoft Forefront\Client Security\Client\AntimalwareIf you go to a command prompt and run this command with a -? you will get a bunch of debugging commands, there are among others restore commands that will reset the configuration of the client etc etc.. One likely useful command to debug performance issues is;
MpCmdRun.exe -traceHowever I have been unable to determine how to decode the .bin file created!? So if you have any suggestions please let me know!? However if you look in the .log file in the same directory you will get some historic information which may prove useful. Also, there is still the good old utils from Sysinternals (eg filemon) to assist you. All very useful.. Here are the switches for Forefront Client Security;
-Scan [-ScanType]
0 Default, according to your configuration 1 Quick scan 2 Full system scan
-Trace [-Grouping] [-Level]
Begins tracing Microsoft Forefront Client Security's actions. You can specify the components for which tracing is enabled and
how much information is recorded. If no component is specified, all the components will be logged. If no level is specified, the Error, Warning and Informational levels will be logged. The data will be stored in the support directory as a file having the current timestamp in its name and bearing the extension BIN.
[-Grouping] 0x1 Service 0x2 Malware Protection Engine 0x4 User Interface 0x8 Real-Time Protection 0x10 Scheduled actions
[-Level] 0x1 Errors 0x2 Warnings 0x4 Informational messages 0x8 Function calls 0x10 Assertions
-GetFiles Gathers the following log files and packages them together in a compressed file in the support directory - Any trace files from Microsoft Forefront Client Security - The Windows Update history log - All FCSAM or FCSAMRtp events from the System and Application event log - All relevant Microsoft Forefront Client Security registry locations - All software information from Software Explorer
-RemoveDefinitions Restores the last set of signature definitions
-RemoveDefinitions -All Rolls the signature definitions back to the default signature set and removes any installed signature and engine files.Use this option if you have difficulties trying to update signatures.
-RestoreDefaults Resets all configuration options to their default values; this is the equivalent of running Microsoft Forefront Client Security setup unattended.
-GetSWE Exports the contents of Software Explorer into a file named MPSWE.txt in the support directory
It would appear that I am not the only person capable of misplacing things, NASA apparently ‘misplaced’ the original recordings of the lunar landing for 40 years, and just recently rediscovered them.
It would appear that what we have been watching these past 39 years was nothing more than a video camera re-recording of the original footage. But now NASA plan on restoring the the tapes and releasing them. Nice..
http://www.express.co.uk/posts/view/110442/WORLD-EXCLUSIVE-NASA-finds-missing-moon-landing-tapes
Every once in a while you tend to come across something really cool, today was such a day..
A while back I added a “Commercials no thank you!” on my mailbox (in Denmark most companies respect these), and what a relief 🙂 earlier I would carry 1-2 plastic bags down to the recycling bin every week filled with commercials, and I actually only read a fraction of these. On the down side, now the few commercials I actually DID read I have no access to any more 🙁 so it was a bitter sweet victory.
Along with a random browsing for whatever came http://minreklame.dk/ and THIS is smart, someone has actually taken the time to gather electronic versions of the printed commercials and put them on a central site, and furthermore made them search-able. Clever clever stuff.