In this article we use the Get-MpComputerStatus to retrieve information about the status of any antimalware software that may be running on the computer.
Syntax
Get-MpExamples
Get-MpComputerStatus
Get-MpComputerStatus | Format-List
you should see something similar to this
AMEngineVersion : 1.1.18800.4
AMProductVersion : 4.18.2111.5
AMRunningMode : Normal
AMServiceEnabled : True
AMServiceVersion : 4.18.2111.5
AntispywareEnabled : True
AntispywareSignatureAge : 0
AntispywareSignatureLastUpdated : 30/01/2022 06:31:15
AntispywareSignatureVersion : 1.355.2778.0
AntivirusEnabled : True
AntivirusSignatureAge : 0
AntivirusSignatureLastUpdated : 30/01/2022 06:31:17
AntivirusSignatureVersion : 1.355.2778.0
BehaviorMonitorEnabled : True
ComputerID : 5CC8CCDB-2E43-4EDB-8423-7ECAF82C6EDD
ComputerState : 0
DeviceControlDefaultEnforcement : N/A
DeviceControlPoliciesLastUpdated : 30/01/2022 03:16:44
DeviceControlState : N/A
FullScanAge : 4294967295
FullScanEndTime :
FullScanStartTime :
IoavProtectionEnabled : True
IsTamperProtected : True
IsVirtualMachine : False
LastFullScanSource : 0
LastQuickScanSource : 2
NISEnabled : True
NISEngineVersion : 1.1.18800.4
NISSignatureAge : 0
NISSignatureLastUpdated : 30/01/2022 06:31:17
NISSignatureVersion : 1.355.2778.0
OnAccessProtectionEnabled : True
QuickScanAge : 5
QuickScanEndTime : 25/01/2022 03:20:02
QuickScanStartTime : 25/01/2022 03:16:39
RealTimeProtectionEnabled : True
RealTimeScanDirection : 0
TamperProtectionSource : Signatures
TDTMode : N/A
TDTStatus : N/A
TDTTelemetry : N/A
PSComputerName :
Get-MpComputerStatus | Select-Object AMProductVersion, AMServiceEnabled, AntispywareSignatureVersion, AntivirusEnabled
you should see something similar to this
AMProductVersion AMServiceEnabled AntispywareSignatureVersion AntivirusEnabled ---------------- ---------------- --------------------------- ---------------- 4.18.2111.5 True 1.355.2778.0 True
There are other useful cmdlets and these are as follows, we will look at some of these in other articles in more detail
| Add-MpPreference | Modifies settings for Windows Defender. |
| Get-MpComputerStatus | Gets the status of antimalware software on the computer. |
| Get-MpPreference | Gets preferences for the Windows Defender scans and updates. |
| Get-MpThreat | Gets the history of threats detected on the computer. |
| Get-MpThreatCatalog | Gets known threats from the definitions catalog. |
| Get-MpThreatDetection | Gets active and past malware threats that Windows Defender detected. |
| Remove-MpPreference | Removes exclusions or default actions. |
| Remove-MpThreat | Removes active threats from a computer. |
| Set-MpPreference | Configures preferences for Windows Defender scans and updates. |
| Start-MpScan | Starts a scan on a computer. |
| Start-MpWDOScan | Starts a Windows Defender offline scan. |
| Update-MpSignature | Updates the antimalware definitions on a computer. |
