Windows-7
通過腳本對 Microsoft Security Essentials 進行上次定義更新的時間戳
有沒有辦法通過 VBScript 或 Powershell 來檢查這個?我已經簡要地查看了
SecurityCenter和SecurityCenter2WMI 類,但它們看起來都不是特別有用。似乎最簡單的方法是通過 WMI 中的後者確定什麼值,productState以獲取一些意味著 AV 認為沒問題的消息。 還有其他想法嗎?
您可能需要根據已安裝的版本更改 FCS_REGKEY_ROOT。這適用於最新版本。從這里拉出來的。
Option Explicit const FCS_REGKEY_ROOT = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware" Dim SCAN_KEY, SIGNATUREUPDATES_KEY Dim AV_VERSION_VALUE, AS_VERSION_VALUE, ENGINE_VERSION_VALUE, AV_DATE, AS_DATE Dim LAST_SCAN_TIME, LAST_SCAN_TYPE, INSTALL_PATH_VALUE SCAN_KEY=FCS_REGKEY_ROOT & "\Scan" SIGNATUREUPDATES_KEY = FCS_REGKEY_ROOT & "\Signature Updates" INSTALL_PATH_VALUE= FCS_REGKEY_ROOT & "\InstallLocation" AV_VERSION_VALUE= SIGNATUREUPDATES_KEY &"\AVSignatureVersion" AS_VERSION_VALUE= SIGNATUREUPDATES_KEY &"\ASSignatureVersion" ENGINE_VERSION_VALUE= SIGNATUREUPDATES_KEY &"\EngineVersion" AV_DATE= SIGNATUREUPDATES_KEY &"\AVSignatureApplied" AS_DATE= SIGNATUREUPDATES_KEY &"\ASSignatureApplied" LAST_SCAN_TIME= SCAN_KEY & "\LastScanRun" LAST_SCAN_TYPE= SCAN_KEY & "\LastScanType" '************ MAIN ************ Dim AV_Version, AS_Version, EngineVersion, ProductVersion Dim AV_BuildDate, AS_BuildDate, LastScanTime, LastScanType Dim objShell set objShell = CreateObject("WScript.Shell") '============ Get current info ============ AV_Version = objShell.RegRead(AV_VERSION_VALUE) AS_Version = objShell.RegRead(AS_VERSION_VALUE) EngineVersion = objShell.RegRead(ENGINE_VERSION_VALUE) AV_BuildDate = BinaryToDate( objShell.RegRead(AV_DATE) ) AS_BuildDate = BinaryToDate( objShell.RegRead(AS_DATE) ) ProductVersion = GetProductVersion(INSTALL_PATH_VALUE) LastScanTime = BinaryToDate( objShell.RegRead(LAST_SCAN_TIME) ) LastScanType = GetScanType( objShell.RegRead(LAST_SCAN_TYPE) ) '============ Display summary info ============ WScript.echo "Microsoft Forefront Client Security version: " & ProductVersion WScript.echo "Engine version: " & EngineVersion WScript.echo "Antivirus Definition: Version " & AV_Version & " created on " & AV_BuildDate WScript.echo "Antispyware Definition: Version " & AS_Version & " created on " & AS_BuildDate WScript.echo "Last scan: " & LastScanTime & " (" & LastScanType & ")" '************ END MAIN ************ '=============================================================== 'Function BinaryToDate will covert a binary DATE_TIME structure into a Variant date set to the local time ' Parameter: bArray - a VARIANT array of bytes ' Return: a VARIANT date Function BinaryToDate(bArray) dim Seconds,Days,dateTime Set dateTime = CreateObject("WbemScripting.SWbemDateTime") Seconds = bArray(7)*(2^56) + bArray(6)*(2^48) + bArray(5)*(2^40) + bArray(4)*(2^32) _ + bArray(3)*(2^24) + bArray(2)*(2^16) + bArray(1)*(2^8) + bArray(0) Days = Seconds/(1E7*86400) dateTime.SetVarDate CDate(DateSerial(1601, 1, 1) + Days ), false BinaryToDate = dateTime.GetVarDate () End Function '=============================================================== 'Function GetProductVersion will query a registry key for the file location and then return the version from the filesystem ' Parameter: strRegPath - path to the registry pointing to the installation location ' Return: a VARIANT string containing the product version Function GetProductVersion(regPath) const FILE_TO_CHECK = "\msmpeng.exe" dim strFilePath, objFSO strFilePath = objShell.RegRead(regPath) & FILE_TO_CHECK Set objFSO = CreateObject("Scripting.FileSystemObject") GetProductVersion = objFSO.GetFileVersion(strFilePath) Set objFSO = Nothing End Function '=============================================================== 'Function GetScanType will return a string with the scan type that corresponds to the enum ' Parameter: iScanType - type of scan ' Return: a VARIANT string containing text type of scan Function GetScanType(iScanType) Select case(iScanType) Case 1 : GetScanType= "Quick Scan" Case 2 : GetScanType= "Full Scan" Case Else GetScanType= "Invalid Scan type" End Select End FunctionC:>cscript frontalstatus.vbs
Microsoft Forefront Client Security 版本:3.0.8107.0
引擎版本:1.1.6502.0
防病毒定義:版本 1.97.905.0 創建於 2011 年 2 月 2 日上午 6:10:51
防間諜軟體定義:版本 1.97.905.0 創建於 2011 年 2 月 6 :10:51 AM
最後一次掃描:2/2/2011 2:26:34 AM(快速掃描)