[研究][BAT, PowerShell]顯示Windows Defender版本 (Windows 10、Windows Server 2019)
2024-03-31
Windows 10
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v EngineVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
EngineVersion REG_SZ 1.1.24020.9
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v AVSignatureVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
AVSignatureVersion REG_SZ 1.407.837.0
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v SignaturesLastUpdated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
SignaturesLastUpdated REG_BINARY 4053753C1483DA01
C:\> |
********************************************************************************
Windows Server 2019
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v EngineVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
EngineVersion REG_SZ 1.1.24020.9
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v AVSignatureVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
AVSignatureVersion REG_SZ 1.407.860.0
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v SignaturesLastUpdated
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
SignaturesLastUpdated REG_BINARY 78BCCB9FC083DA01
C:\> |
Windows Server 2019
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender
ProductAppDataPath REG_SZ C:\ProgramData\Microsoft\Windows Defender
ProductLocalizedName REG_EXPAND_SZ @%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
ProductType REG_DWORD 0x2
InstallTime REG_BINARY 76AD4B991B87D601
InstallLocation REG_SZ C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\
ProductStatus REG_DWORD 0x0
OOBEInstallTime REG_BINARY CB846CC81B87D601
ManagedDefenderProductType REG_DWORD 0x0
DisableAntiSpyware REG_DWORD 0x0
DisableAntiVirus REG_DWORD 0x0
BackupLocation REG_SZ C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0
HybridModeEnabled REG_DWORD 0x0
VerifiedAndReputableTrustModeEnabled REG_DWORD 0x0
RpcServerUseEndpointMapper REG_DWORD 0x0
IsServiceRunning REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\CoreService
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Device Control
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Diagnostics
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\DLP Configs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\DLP Websites
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Miscellaneous Configuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\MpEngine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\MpWatchDog
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\NIS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Quarantine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Remediation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Reporting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Scan
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Threats
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\UX Configuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\WCOS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard
C:\> |
Windows Server 2019 PowerShell
Windows PowerShell 著作權 (C) Microsoft Corporation. 著作權所有,並保留一切權利。 PS C:\Users\Administrator> Get-MpComputerStatus AMEngineVersion : 1.1.24020.9 AMProductVersion : 4.18.24020.7 AMRunningMode : Normal AMServiceEnabled : True AMServiceVersion : 4.18.24020.7 AntispywareEnabled : True AntispywareSignatureAge : 0 AntispywareSignatureLastUpdated : 2024/4/1 上午 01:20:29 AntispywareSignatureVersion : 1.407.860.0 AntivirusEnabled : True AntivirusSignatureAge : 0 AntivirusSignatureLastUpdated : 2024/4/1 上午 01:20:28 AntivirusSignatureVersion : 1.407.860.0 BehaviorMonitorEnabled : True ComputerID : C52B17C8-3C04-443F-B2D2-E2B3242BA540 ComputerState : 0 DefenderSignaturesOutOfDate : False DeviceControlDefaultEnforcement : DeviceControlPoliciesLastUpdated : 2023/3/27 上午 08:00:13 DeviceControlState : Disabled FullScanAge : 4294967295 FullScanEndTime : FullScanOverdue : False FullScanRequired : False FullScanSignatureVersion : FullScanStartTime : InitializationProgress : ServiceStartedSuccessfully IoavProtectionEnabled : True IsTamperProtected : False IsVirtualMachine : False LastFullScanSource : 0 LastQuickScanSource : 2 NISEnabled : True NISEngineVersion : 1.1.24020.9 NISSignatureAge : 0 NISSignatureLastUpdated : 2024/4/1 上午 01:20:28 NISSignatureVersion : 1.407.860.0 OnAccessProtectionEnabled : True ProductStatus : 524288 QuickScanAge : 0 QuickScanEndTime : 2024/4/1 上午 06:31:50 QuickScanOverdue : False QuickScanSignatureVersion : 1.407.844.0 QuickScanStartTime : 2024/4/1 上午 05:43:45 RealTimeProtectionEnabled : True RealTimeScanDirection : 0 RebootRequired : False SmartAppControlExpiration : SmartAppControlState : Off TamperProtectionSource : N/A TDTCapable : N/A TDTMode : N/A TDTSiloType : N/A TDTStatus : N/A TDTTelemetry : N/A TroubleShootingDailyMaxQuota : TroubleShootingDailyQuotaLeft : TroubleShootingEndTime : TroubleShootingExpirationLeft : TroubleShootingMode : TroubleShootingModeSource : TroubleShootingQuotaResetTime : TroubleShootingStartTime : PSComputerName : PS C:\Users\Administrator> |
(完)
相關
沒有留言:
張貼留言