Silently scan a machine remotely with Microsoft Security Essentials (Windows Defender)

Kaseya offers (depending on which package you have with us) not one, but two powerful Anti-virus modules (Kaspersky or AVG). There is also the anti-malware module (Malwarebytes). But sometimes, for whatever reason, you may not decide to be using the built in AV modules. Perhaps you didn’t build it into your budget, or perhaps you’re looking for a lighter solution. Microsoft Security Essentials (now known as Windows Defender in Windows 8) is a pretty nice option as far as Anti-Virus goes if you need a simple solution.

Security Essentials is included in Windows 8 by default as a module in Windows Defender, but in Vista and 7 it is super easy to deploy via a script we have written. We have several Securityessentials scripts available here.

Now, once installed, lets say your user calls you up and says that their machine is not running well. Running a quick scan is super easy! You can run MSE from the command line. This means that you can actually run an AV scan on the machine without bothering the user at all.

Windows Security Essentials Through Live ConnectThe secret lies in Live Connect. Using live connect you can bring up a connection to the machine that you want to operate (simply click on the icon next to the machine which needs a scan).

Once you’ve pulled up live connect, you can navigate to the command line option and then enter one of the two following commands:

For Windows Vista / 7:

"C:\Program Files\Microsoft Security Client\Antimalware\mpcmdrun.exe" -Scan -ScanType 1

For Windows 8:

"C:\Program Files\Windows Defender\MpCmdRun.exe" -Scan -ScanType 1

This prompts a “quick scan” of the machine. To do a full scan, simply change the scan type from “1” to “2”. This increases the time it takes to run the scan, but also how deep it scans (obviously).

Of course you can easily turn this into a script, and I’m sure we’ll have a script up eventually which runs this scan and can differentiate between machines. If we do write it, I’ll try to update this entry to link to the script as well.