Windows Server Core Commands

Perform Security Agent tasks by issuing commands from the command line interface.

To run the commands, go to the location of PccNTMon.exe. This process is responsible for starting the Security Agent console. This process is found under the <Agent installation folder>.

The following table lists the available commands.

Table 1. Windows Server Core Commands



pccnt <drive or folder path>

Scans the specified drive or folder for security risks


  • If the folder path contains a space, enclose the entire path in quotes.

  • Scanning of individual files is not supported.

Correct commands:

  • pccnt C:\

  • pccnt D:\Files

  • pccnt "C:\Documents and Settings"

Incorrect commands:

  • pccnt C:\Documents and Settings

  • pccnt D:\Files\example.doc

pccntmon -r

Opens Real-time Monitor

pccntmon -v

Lists the agent components and their versions

pccntmon -u

Updates the Security Agent components

pccntmon -n <unload_password>

Unloads the Security Agent

To reload the Security Agent, type the following command:


pccntmon -m <uninstall_password>

Uninstalls the Security Agent

pccntmon -c

Shows the following information in the command line:

  • Scan method

    • Smart scan

    • Conventional scan

  • Pattern status

    • Updated

    • Outdated

  • Real-time scan service

    • Functional

    • Disabled or Not Functional

  • Agent connection status

    • Online

    • Independent

    • Offline

  • Web Reputation Services

    • Available

    • Reconnecting

  • File Reputation Services

    • Available

    • Reconnecting

pccntmon -h

Shows all the available commands