Microsoft Safty Scanner Powershell One Liner

Read Time:2 Minute, 9 Second

A client called in and told me a line of information that made me concerned about security. I ran a webroot scan, and wanted to give another level of scan. I am partial to the Microsoft Safty scanner. It runs well in connectwise backstage. So, lets look at this oneliner.

if (!(Test-Path "c:\Temp")) { New-Item -Path "c:\" -Name Temp -ItemType Directory }; invoke-webrequest -Uri -OutFile c:\temp\mss.exe -UseBasicParsing; c:\temp\mss.exe /Q /F:Y

The first part of this little script is to test and create the folder that will hold our file. We are doing this by using test-path. Then if the file doesn’t exist, aka !. Then we create it with the new-item.

if (!(Test-Path "c:\Temp")) { New-Item -Path "c:\" -Name Temp -ItemType Directory }

The next part is we are going to download the microsoft security scanner from microsoft directly. The link is the direct download. We use invoke-webrequest to download the file. The -outfile flag tells us whatever we are grabbing will be placed here. In this case we are going to name it something simple. Mss.exe inside our temp folder. We use the -usebasicparsing because most machines only have powershell 5.

invoke-webrequest -Uri -OutFile c:\temp\mss.exe -UseBasicParsing

Then we run the command needed. We start the command with the path. C:\temp\mss.exe. We want it to be quiet and we want to force it. So we use the /Q to quiet, and /F:Y to force.

c:\temp\mss.exe /Q /F:Y

The system will not prompt for any kind of approval. It will run and delete what it needs to delete. This is a simple, deploy and walk away one-liner. So, add it to your deployment scripts and enjoy scanning with a Microsoft safety scanner.

You Might Also Like

Leave a Reply

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.