In this article we use the Get-MpComputerStatus to retrieve information about the status of any antimalware software that may be running on the computer.

Syntax

Get-MpComputerStatus
   [-CimSession <CimSession[]>]
   [-ThrottleLimit <Int32>]
   [-AsJob]
   [<CommonParameters>]

Examples

 

Get-MpComputerStatus

 

 

Get-MpComputerStatus | Format-List

 

you should see something similar to this

AMEngineVersion : 1.1.18800.4
AMProductVersion : 4.18.2111.5
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.2111.5
AntispywareEnabled : True
AntispywareSignatureAge : 0
AntispywareSignatureLastUpdated : 30/01/2022 06:31:15
AntispywareSignatureVersion : 1.355.2778.0
AntivirusEnabled : True
AntivirusSignatureAge : 0
AntivirusSignatureLastUpdated : 30/01/2022 06:31:17
AntivirusSignatureVersion : 1.355.2778.0
BehaviorMonitorEnabled : True
ComputerID : 5CC8CCDB-2E43-4EDB-8423-7ECAF82C6EDD
ComputerState : 0
DeviceControlDefaultEnforcement : N/A
DeviceControlPoliciesLastUpdated : 30/01/2022 03:16:44
DeviceControlState : N/A
FullScanAge : 4294967295
FullScanEndTime :
FullScanStartTime :
IoavProtectionEnabled : True
IsTamperProtected : True
IsVirtualMachine : False
LastFullScanSource : 0
LastQuickScanSource : 2
NISEnabled : True
NISEngineVersion : 1.1.18800.4
NISSignatureAge : 0
NISSignatureLastUpdated : 30/01/2022 06:31:17
NISSignatureVersion : 1.355.2778.0
OnAccessProtectionEnabled : True
QuickScanAge : 5
QuickScanEndTime : 25/01/2022 03:20:02
QuickScanStartTime : 25/01/2022 03:16:39
RealTimeProtectionEnabled : True
RealTimeScanDirection : 0
TamperProtectionSource : Signatures
TDTMode : N/A
TDTStatus : N/A
TDTTelemetry : N/A
PSComputerName :

 

Get-MpComputerStatus | Select-Object AMProductVersion, AMServiceEnabled, AntispywareSignatureVersion, AntivirusEnabled

you should see something similar to this

AMProductVersion AMServiceEnabled AntispywareSignatureVersion AntivirusEnabled
---------------- ---------------- --------------------------- ----------------
4.18.2111.5                  True 1.355.2778.0                            True

There are other useful cmdlets and these are as follows, we will look at some of these in other articles in more detail

Add-MpPreference Modifies settings for Windows Defender.
Get-MpComputerStatus Gets the status of antimalware software on the computer.
Get-MpPreference Gets preferences for the Windows Defender scans and updates.
Get-MpThreat Gets the history of threats detected on the computer.
Get-MpThreatCatalog Gets known threats from the definitions catalog.
Get-MpThreatDetection Gets active and past malware threats that Windows Defender detected.
Remove-MpPreference Removes exclusions or default actions.
Remove-MpThreat Removes active threats from a computer.
Set-MpPreference Configures preferences for Windows Defender scans and updates.
Start-MpScan Starts a scan on a computer.
Start-MpWDOScan Starts a Windows Defender offline scan.
Update-MpSignature Updates the antimalware definitions on a computer.

Related posts:

  1. Powershell and wmi examples
  2. Empty the recycle bin using powershell
  3. PowerShell: how to generate random passwords
  4. REST API and PowerShell’s Invoke-RestMethod examples