[研究][BAT, PowerShell]顯示Windows Defender版本 (Windows 10、Windows Server 2019)
2024-03-31
Windows 10
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v EngineVersion HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates EngineVersion REG_SZ 1.1.24020.9 C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v AVSignatureVersion HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates AVSignatureVersion REG_SZ 1.407.837.0 C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v SignaturesLastUpdated HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates SignaturesLastUpdated REG_BINARY 4053753C1483DA01 C:\> |
********************************************************************************
Windows Server 2019
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v EngineVersion HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates EngineVersion REG_SZ 1.1.24020.9 C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v AVSignatureVersion HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates AVSignatureVersion REG_SZ 1.407.860.0 C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v SignaturesLastUpdated HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates SignaturesLastUpdated REG_BINARY 78BCCB9FC083DA01 C:\> |
Windows Server 2019
C:\>Reg Query "HKLM\SOFTWARE\Microsoft\Windows Defender" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender ProductAppDataPath REG_SZ C:\ProgramData\Microsoft\Windows Defender ProductLocalizedName REG_EXPAND_SZ @%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 ProductType REG_DWORD 0x2 InstallTime REG_BINARY 76AD4B991B87D601 InstallLocation REG_SZ C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\ ProductStatus REG_DWORD 0x0 OOBEInstallTime REG_BINARY CB846CC81B87D601 ManagedDefenderProductType REG_DWORD 0x0 DisableAntiSpyware REG_DWORD 0x0 DisableAntiVirus REG_DWORD 0x0 BackupLocation REG_SZ C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0 HybridModeEnabled REG_DWORD 0x0 VerifiedAndReputableTrustModeEnabled REG_DWORD 0x0 RpcServerUseEndpointMapper REG_DWORD 0x0 IsServiceRunning REG_DWORD 0x1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\CoreService HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Device Control HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Diagnostics HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\DLP Configs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\DLP Websites HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Miscellaneous Configuration HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\MpEngine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\MpWatchDog HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\NIS HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Remediation HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Reporting HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Scan HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Signature Updates HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Threats HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\UX Configuration HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\WCOS HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard C:\> |
Windows Server 2019 PowerShell
Windows PowerShell 著作權 (C) Microsoft Corporation. 著作權所有,並保留一切權利。 PS C:\Users\Administrator> Get-MpComputerStatus AMEngineVersion : 1.1.24020.9 AMProductVersion : 4.18.24020.7 AMRunningMode : Normal AMServiceEnabled : True AMServiceVersion : 4.18.24020.7 AntispywareEnabled : True AntispywareSignatureAge : 0 AntispywareSignatureLastUpdated : 2024/4/1 上午 01:20:29 AntispywareSignatureVersion : 1.407.860.0 AntivirusEnabled : True AntivirusSignatureAge : 0 AntivirusSignatureLastUpdated : 2024/4/1 上午 01:20:28 AntivirusSignatureVersion : 1.407.860.0 BehaviorMonitorEnabled : True ComputerID : C52B17C8-3C04-443F-B2D2-E2B3242BA540 ComputerState : 0 DefenderSignaturesOutOfDate : False DeviceControlDefaultEnforcement : DeviceControlPoliciesLastUpdated : 2023/3/27 上午 08:00:13 DeviceControlState : Disabled FullScanAge : 4294967295 FullScanEndTime : FullScanOverdue : False FullScanRequired : False FullScanSignatureVersion : FullScanStartTime : InitializationProgress : ServiceStartedSuccessfully IoavProtectionEnabled : True IsTamperProtected : False IsVirtualMachine : False LastFullScanSource : 0 LastQuickScanSource : 2 NISEnabled : True NISEngineVersion : 1.1.24020.9 NISSignatureAge : 0 NISSignatureLastUpdated : 2024/4/1 上午 01:20:28 NISSignatureVersion : 1.407.860.0 OnAccessProtectionEnabled : True ProductStatus : 524288 QuickScanAge : 0 QuickScanEndTime : 2024/4/1 上午 06:31:50 QuickScanOverdue : False QuickScanSignatureVersion : 1.407.844.0 QuickScanStartTime : 2024/4/1 上午 05:43:45 RealTimeProtectionEnabled : True RealTimeScanDirection : 0 RebootRequired : False SmartAppControlExpiration : SmartAppControlState : Off TamperProtectionSource : N/A TDTCapable : N/A TDTMode : N/A TDTSiloType : N/A TDTStatus : N/A TDTTelemetry : N/A TroubleShootingDailyMaxQuota : TroubleShootingDailyQuotaLeft : TroubleShootingEndTime : TroubleShootingExpirationLeft : TroubleShootingMode : TroubleShootingModeSource : TroubleShootingQuotaResetTime : TroubleShootingStartTime : PSComputerName : PS C:\Users\Administrator> |
(完)
相關