瞬快と組み合わせているから苦労しているだけなんです。分かっています。

• http://d.hatena.ne.jp/kenmituo/20101004
• http://d.hatena.ne.jp/kenmituo/20101104

瞬快の保護対象から外して、コマンドで定義ファイルを引っ張るところまでは完璧！だと思う。
　
分からないのがForefrontの更新のタイミングで「OSの起動時に更新する」というのは分かった。手動で定義ファイルを引っ張ってきたときのコマンドでの更新はあるのか？

c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware>MpCmdRun
.exe
Microsoft Forefront Client Security Command Line Utility (c)2006 Microsoft Corp Use this tool to automate and troubleshoot Microsoft Forefront Client Security

Usage:
mpcmdrun.exe [command] [-options]

Command Description
-? / -h Displays all available options for this tool
-Trace [-Grouping] [-Level] Starts diagnostic tracing
-RemoveDefinitions [-All] Restores the installed signature definitions
to a previous backup copy or to the original
default set of signatures
-RestoreDefaults Resets the registry values for
Microsoft Forefront Client Security
settings to known good defaults
-SignatureUpdate Checks for new definition updates
-Scan [-ScanType] Scans for malicious software
-GetSWE Exports information about software installed
on your computer
-GetFiles Collects support information

Additional Information:

Support information will be in the following directory:
C:\ProgramData\Microsoft\Microsoft Forefront\Client Security\Client\Antimalware\ Support

-Scan [-ScanType]
0 Default, according to your configuration
1 Quick scan
2 Full system scan

-Trace [-Grouping] [-Level]
Begins tracing Microsoft Forefront Client Security's actions.
You can specify the components for which tracing is enabled and
how much information is recorded.
If no component is specified, all the components will be logged.
If no level is specified, the Error, Warning and Informational levels
will be logged. The data will be stored in the support directory
as a file having the current timestamp in its name and bearing
the extension BIN.

[-Grouping]
0x1 Service
0x2 Malware Protection Engine
0x4 User Interface
0x8 Real-Time Protection
0x10 Scheduled actions

[-Level]
0x1 Errors
0x2 Warnings
0x4 Informational messages
0x8 Function calls
0x10 Assertions

-GetFiles
Gathers the following log files and packages them together in a
compressed file in the support directory

- Any trace files from Microsoft Forefront Client Security
- The Windows Update history log
- All FCSAM or FCSAMRtp events from the
System and Application event log
- All relevant Microsoft Forefront Client Security registry locations
- All software information from Software Explorer

-RemoveDefinitions
Restores the last set of signature definitions

-RemoveDefinitions -All
Rolls the signature definitions back to the default signature set
and removes any installed signature and engine files.Use this
option if you have difficulties trying to update signatures.

-RestoreDefaults
Resets all configuration options to their default values; this is the
equivalent of running Microsoft Forefront Client Security setup
unattended.

-GetSWE
Exports the contents of Software Explorer into a file named MPSWE.txt
in the support directory

c:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware>

ただのコピペ、いまいち。MpCmdRun.exeのオプション（セカンドノート）を参照した方が良さゲ。

　
アップデートを行いたいのやってみた。

MpCmdRun.exe -SignatureUpdate
Signature Update started...
Signature Update finished.

しまった、定義ファイルのバージョンとか未確認で実行してしまったので出来ているかどうか分からん。