[研究]Windows Defender中各 .exe 或 .dll 程式用途

[研究]Windows Defender中各 .exe 或 .dll 程式用途

2024-11-13

下面各 .exe 或 .dll 程式用途 ?

C:\Program Files\Windows Defender\AmMonitoringInstall.mof C:\Program Files\Windows Defender\AMMonitoringProvider.dll C:\Program Files\Windows Defender\AmStatusInstall.mof C:\Program Files\Windows Defender\ClientWMIInstall.mof C:\Program Files\Windows Defender\ConfigSecurityPolicy.exe C:\Program Files\Windows Defender\EppManifest.dll C:\Program Files\Windows Defender\FepUnregister.mof C:\Program Files\Windows Defender\MpAsDesc.dll C:\Program Files\Windows Defender\MpAzSubmit.dll C:\Program Files\Windows Defender\MpClient.dll C:\Program Files\Windows Defender\MpCmdRun.exe C:\Program Files\Windows Defender\MpCommu.dll C:\Program Files\Windows Defender\MpEvMsg.dll C:\Program Files\Windows Defender\MpOAV.dll C:\Program Files\Windows Defender\MpProvider.dll C:\Program Files\Windows Defender\MpRtp.dll C:\Program Files\Windows Defender\MpSvc.dll C:\Program Files\Windows Defender\MsMpCom.dll C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\Windows Defender\MsMpLics.dll C:\Program Files\Windows Defender\NisSrv.exe C:\Program Files\Windows Defender\Offline C:\Program Files\Windows Defender\platform C:\Program Files\Windows Defender\ProtectionManagement.dll C:\Program Files\Windows Defender\ProtectionManagement.mof C:\Program Files\Windows Defender\ProtectionManagement_Uninstall.mof C:\Program Files\Windows Defender\ThirdPartyNotices.txt C:\Program Files\Windows Defender\zh-TW C:\Program Files\Windows Defender\zh-TW\EppManifest.dll.mui C:\Program Files\Windows Defender\zh-TW\MpAsDesc.dll.mui C:\Program Files\Windows Defender\zh-TW\MpEvMsg.dll.mui C:\Program Files\Windows Defender\zh-TW\ProtectionManagement.dll.mui C:\Program Files\Windows Defender\zh-TW\ProtectionManagement.mfl C:\Program Files\Windows Defender\zh-TW\ProtectionManagement_Uninstall.mfl C:\Program Files\Windows Defender Advanced Threat Protection\aadrt.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification C:\Program Files\Windows Defender Advanced Threat Protection\MipDlp.dll C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.dll C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe C:\Program Files\Windows Defender Advanced Threat Protection\RunPsScript.dll C:\Program Files\Windows Defender Advanced Threat Protection\SenseAP.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseAp.ThirdPartyNotice.txt C:\Program Files\Windows Defender Advanced Threat Protection\SenseAPToast.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseCM.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseGPParser.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseIdentity.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseImdsCollector.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseIR.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseNdr.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe C:\Program Files\Windows Defender Advanced Threat Protection\SenseTVM.exe C:\Program Files\Windows Defender Advanced Threat Protection\ThirdPartyNotice C:\Program Files\Windows Defender Advanced Threat Protection\WATPCSP.dll C:\Program Files\Windows Defender Advanced Threat Protection\zh-TW C:\Program Files\Windows Defender Advanced Threat Protection\Classification\cmicarabicwordbreaker.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Configuration C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt C:\Program Files\Windows Defender Advanced Threat Protection\Classification\fastmorph.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\korwbrkr.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mce.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\MpGear.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb7.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb70011.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb70011_v2.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb7001e.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb70404.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\mswb70804.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7data0011.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7data0011_v2.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7data001e.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7data0404.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7data0804.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7lexicons0011.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7lexicons0011_v2.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7lexicons001e.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7lexicons0404.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7lexicons0804.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7models0011.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7models0011_v2.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7models001e.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7models0404.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\nl7models0804.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\NOTICE.txt C:\Program Files\Windows Defender Advanced Threat Protection\Classification\OPCTextExtractorWin.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\SenseCE.exe C:\Program Files\Windows Defender Advanced Threat Protection\Classification\SenseCe.exe.config C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\DocumentFormat.OpenXml.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\ICSharpCode.SharpZipLib.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.External.ExternalClient.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.External.ExternalCore.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.External.FormatDetectionClient.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Common.Configuration.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Common.Interop.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Common.JpegInterop.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Common.LinkDetector.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Common.Metro.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Docx.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Dwg.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.EncOffMetro.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.ExcelGeneric.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.ExcelLegacy.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Filter.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Fluid.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Gif.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.GZip.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Html.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Jpeg.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Json.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Lnk.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Mime.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Msg.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Ocr.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.OfficeXml.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.OneNote.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Pdf.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.PFile.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Plaintext.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Png.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.PointPublishing.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Pptx.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.SevenZip.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.SimpleXml.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Tar.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Vtt.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Xps.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.FormatHandlers.Zip.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.Client.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.Common.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.Core.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.FormatDetector.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.FormatHandler.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.LanguageDetector.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Microsoft.Ceres.DocParsing.Runtime.Plugin.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\MimeKitLite.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\NativeDocumentParsers.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\NativeDprt.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\Newtonsoft.Json.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\SevenZipExtractor.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\System.Buffers.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\System.Memory.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\System.Numerics.Vectors.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\System.Runtime.CompilerServices.Unsafe.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\System.Text.Encodings.Web.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\ThirdPartyNotice.txt C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\UtfUnknown.dll C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\x64 C:\Program Files\Windows Defender Advanced Threat Protection\Classification\Dprt\x64\7z.dll C:\Program Files\Windows Defender Advanced Threat Protection\zh-TW\MsSense.exe.mui

ChatGPT 說：

這些檔案和程式都與 Windows Defender 和 Windows Defender Advanced Threat Protection (ATP) 有關。以下是這些檔案和程式的主要用途和功能說明：

AmMonitoringInstall.mof, AmStatusInstall.mof, FepUnregister.mof, ClientWMIInstall.mof

這些檔案是 WMI (Windows Management Instrumentation) 相關的管理檔案，主要用於安裝、設定及註冊 Windows Defender 的監控和管理模組。

AMMonitoringProvider.dll

用於 Windows Defender 的監控功能，協助在 WMI 事件中提供監控服務。

ConfigSecurityPolicy.exe

用於設定安全政策，可能會與 Windows Defender 的策略設定和防護措施相關。

EppManifest.dll

可能是 Windows Defender 設定檔案，涉及端點保護（Endpoint Protection）的配置和管理。

MpCmdRun.exe

是 Windows Defender 的命令行工具，允許用戶通過命令列執行防病毒掃描、更新病毒定義、移除惡意軟件等操作。

MpClient.dll

提供與 Windows Defender 的客戶端功能交互，可能涉及掃描和防護的核心功能。

MpSvc.dll, MsMpEng.exe

是 Windows Defender 的主要服務檔案，負責啟動和運行防病毒引擎，執行實時保護和防病毒掃描。

MsMpCom.dll, MsMpLics.dll

用於 Windows Defender 與其他系統服務或組件的通信，支援防病毒引擎的正常運行。

NisSrv.exe

這是 Windows Defender 的網路入侵防護服務，負責監控網路上的威脅活動。

Offline 和 platform 資料夾

包含離線檔案和平台支援文件，與 Windows Defender 的運行環境和更新相關。

ProtectionManagement.dll

涉及保護管理，這可能與 Windows Defender 的策略、管理或防護配置有關。

MsSense.exe, MsSense.dll

這是 Windows Defender ATP 的主要執行檔案，負責更高階的威脅防護和進階的安全防禦功能。

SenseAP.exe, SenseAp.ThirdPartyNotice.txt

這些文件與 Windows Defender ATP 的感知引擎（Sense Engine）相關，負責高階的威脅檢測和報告。

WATPCSP.dll

這個 DLL 檔案涉及 Windows Defender ATP 的進階威脅防護功能，可能與端點防護、漏洞管理或其他檢測功能相關。

Classification 資料夾

這包含了大量的文件，這些文件與文件格式分類和處理有關，可能涉及 Windows Defender ATP 在檢測文檔中的威脅或進行高級分類處理。

Dprt 資料夾及相關檔案

這是 Windows Defender ATP 的文檔解析引擎，支持各種文件格式的處理，包括 Office 檔案、PDF、圖像檔案等，並可檢測其中的潛在威脅。

SenseCE.exe, SenseCe.exe.config

與 Windows Defender ATP 的感知引擎（Sense Engine）相關，負責從端點收集資訊並進行威脅分析。

zh-TW 資料夾

包含中文（繁體）語言的相關本地化檔案，支持 Windows Defender 和 ATP 在繁體中文環境下的運行。

總結來說，這些檔案主要是 Windows Defender 和 Windows Defender Advanced Threat Protection (ATP) 的核心組件，包含病毒防護、威脅檢測、高級端點防護等功能，旨在提供全面的安全防護。

(完)

相關