Home
»
Discussion Forums
»
Scripts & Agent Procedures
»
Windows Dender - Install/Un-install, Update Defs, Scan
Subscribe via RSS
Share this
Similar Posts
Can we update the defs on kserver for installs?
by
Ken Curtis
on
May 5, 2011
Not Answered
Script to force KES to Update Def.
by
LegacyPoster
on
Feb 25, 2009
Script for Windows Xp Update scan
by
LegacyPoster
on
Feb 27, 2008
Installing Select Windows Updates
by
Christopher
on
Jun 23, 2016
Check if Windows Update Installed
by
eperson
on
Jun 13, 2013
Suggested Answer
View More
Details
7
Replies
0
Subscribers
Posted
over 14 years ago
Scripts & Agent Procedures
Windows Dender - Install/Un-install, Update Defs, Scan
Posted by
LegacyPoster
on
May 26, 2006 2:17 AM
InstallDefender.txt
Hello!
I have been putting together a bunch of Windows Defender Scripts. Help me improve these! This is my first try at trying to get some mana.
Be easy on me, I have only been using Kaseya for a week!
InstallDefender.txt
- Installs Defender
Script Name: Windows Defender Install
Script Description: This will install windows defender beta 2.
IF True
THEN
Write Script Log Entry
Parameter 1 : Starting Script, Downloading File
OS Type : 0
Write File
Parameter 1 : %systemdrive%tempWindowsDefB2.msi
Parameter 2 : VSASharedFiles.WindowsDefB2.msi
OS Type : 0
Write Script Log Entry
Parameter 1 : File Downloaded, Now Install
OS Type : 0
Execute File
Parameter 1 : %systemroot%system32msiexec.exe
Parameter 2 : /i %systemdrive%tempWindowsDefB2.msi /qn
Parameter 3 : 3
OS Type : 0
Write Script Log Entry
Parameter 1 : Win Defender Installed
OS Type : 0
ELSE
Un-InstallDefender.txt
- Un-installs Defender
Script Name: Windows Defender Uninstall
Script Description: Un-install windows defender.
IF True
THEN
Write Script Log Entry
Parameter 1 : Starting the removal of Windows Defender
OS Type : 0
Execute Shell Command
Parameter 1 : MsiExec.exe /X {CAB99E06-B92F-4AE0-89AD-D9AC5991046F} /L *vx /Log c:wdf.log /quiet
Parameter 2 : 0
OS Type : 0
Write Script Log Entry
Parameter 1 : Removed Windows Defender
OS Type : 0
ELSE
WD-UpdateDefs.txt
- Updates the definitions of defender from the internet
Script Name: Windows Defender Update Defs
Script Description:
IF Test File
Parameter 1 : C
rogram FilesWindows DefenderMpCmdRun.exe
Exists :
THEN
Write Script Log Entry
Parameter 1 : Windows Defender Found. Updating Definitions
OS Type : 0
Execute File
Parameter 1 : C
rogram FilesWindows DefenderMpCmdRun.exe
Parameter 2 : signatureupdate
Parameter 3 : 1
OS Type : 0
Write Script Log Entry
Parameter 1 : Windows Defender Updated
OS Type : 0
ELSE
Write Script Log Entry
Parameter 1 : Windows Defender not installed. Please install before updating.
OS Type : 0
Windows Defender Full Scan.txt
- This will do a full system scan.
Script Name: Windows Defender Full Scan
Script Description:
IF Test File
Parameter 1 : C
rogram FilesWindows DefenderMpCmdRun.exe
Exists :
THEN
Write Script Log Entry
Parameter 1 : Windows Defender Installed. Scanning Computer.
OS Type : 0
Execute File
Parameter 1 : C
rogram FilesWindows DefenderMpCmdRun.exe
Parameter 2 : scan
Parameter 3 : 0
OS Type : 0
ELSE
Write Script Log Entry
Parameter 1 : Windows Defender is not installed.
OS Type : 0
Windows Defender - Install, Update, Scan.txt
- Installs defender if missing, updates the defs, and then scans the computer. If defender is already installed it updates the defs and then scans.
Script Name: Windows Defender - Install, Update, Scan
Script Description:
IF Test File
Parameter 1 : C
rogram FilesWindows DefenderMpCmdRun.exe
Absent :
THEN
Execute Script
Parameter 1 : Windows Defender Install (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 0
Execute Script
Parameter 1 : Windows Defender Update Defs (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 0
Execute Script
Parameter 1 : Windows Defender Full Scan (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 0
ELSE
Write Script Log Entry
Parameter 1 : Windows Defender Already Installed, Updating Defs
OS Type : 0
Execute Script
Parameter 1 : Windows Defender Update Defs (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 0
Execute Script
Parameter 1 : Windows Defender Full Scan (NOTE: Script reference is NOT imported. Correct manually in script editor.
Parameter 2 :
Parameter 3 : 0
OS Type : 0
Enjoy!
Legacy Forum Name: Windows Dender - Install/Un-install, Update Defs, Scan,
Legacy Posted By Username: far182
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
Mar 28, 2006 4:34 AM
I still wonder if there is a way to keep the windows defender from blocking VNC.
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: seangoss
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 24, 2006 8:29 AM
I first tried the Update script, but it failed. The Script Log said that I didn't have Windows Defender installed. I know it was installed, and so I did some checking. I have had this installed since Microsoft bought out Giant, and so its path is different than your script was expecting. Also, there is no file named "MpCmdRun.exe" on my machine.
Next, I tried to run the install script on a separate PC, but of course it failed. I don't have the WindowsDefB2.msi file. Doh! Where can I get this file? I tried MS's website and got no response, and then I tried to Google it, and got zero responses. Any help?
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: mbtimmons
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 24, 2006 10:27 PM
This link looks like detailed instructions on how to create the MSI package for deployment. I haven't played with it. Let us know how it works out.
http://www.appdeploy.com/packages/detail.asp?id=698
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: dlowenth
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 25, 2006 2:20 AM
There is another post on DEFINDER on the forums here that explains in detail, but basically you start the normal Windows Defender Install and when you get to the license agreement window.. look in your systemroot\documents and settings\userprofile\localsetting\temp. There will be a new MSI file and this will be the defender install without the license agreement.
-Farzon
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: far182
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 25, 2006 12:14 PM
Checkout this thread -
http://www.kaseya.com/kforum/view_topic.php?id=634&forum_id=14
Regards, Ian
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: TechOnline
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 25, 2006 11:18 PM
There is, Defender seems to translate an allowed executable to a code number (ex. 5690) in the registry. Found it while trying to figure out how to install and manage the thing. I shelved it for the time being. I discovered the numbers that associate w/ the apps in a /log filein this directory: C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support
It appears that defender logs it's scans and results here. Mine only showed 2 apps it wanted to stop, RealVNC and Dameware Remote control. The rest of the stuff was classified as unknown so they all seemed to share the same "number" identifying that particular app.
[Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Threats\ThreatIDDefaultAction]
"7480"=dword:00000006"]
If you save the text inbrackets (remove the brackets)to a .reg file, and run it against the pc's w/ Window Defender, this will add RealVNC to the allwed apps in Defender.
The numbers in the registryshow up when you allow apps (RealVNC in this case) Hope this helps someone. Please post back if anyone really cracks how to install this thing and manage it from Kaseya, I'll do the same. Todd
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: realtime-it
You have posted to a forum that requires a moderator to approve posts before they are publicly available.
Posted by
LegacyPoster
on
May 26, 2006 2:17 AM
We are managing it from Kaseya. To around 200 clients. No problems. The scripts I provided work but they only show you how todo it for yourself.
Legacy Forum Name: Spyware Scripts,
Legacy Posted By Username: far182
You have posted to a forum that requires a moderator to approve posts before they are publicly available.