I usually include a Parameter section for each one. Here are a few screenshots of the command in action.įinally, as I was working on this I stumbled across a PowerShell “feature” I didn’t know about.įor stand-alone functions like this one, I always write comment-based help. But you can see everything with the -All parameter. By default only enabled products are displayed since I figured that would be more useful. At the end of the function, the results are written to the pipeline. You’ll notice that I used multiple parameter sets to collect the “raw” antivirus product information from WMI and format it with custom properties that reflect decoding the ProductState. Once I have a basic command I can build a PowerShell function to turn it into a reusable tool.īecause the function uses Get-CimInstance I wrote it to support computer names and CIMSessions either as parameter values or via the pipeline.
Converting the status on the ESET product gives me a value of 0x41000 which decodes as enabled and up to date. That’s where I think the TimeStamp property comes in handy. However, in this case, I think this means that the last time this product was enabled it was up to date. The last 2 parts, 00, will indicate if the product is up to date or not. With this, I can see that Windows Defender is not enabled. If this matches ’10’ then the product is enabled. Next, we can look at the middle two parts of this value, 01. I converted the Windows Defender status for a value of 0圆0100. The first step to decode it is to convert it to hex. Well, actually you can but you need to decode the product state property.
What you can’t tell is the status of each product. On my computer, which is running Windows 8.1, you can see two products. I don’t recall exactly which version of Windows where this changed to Securit圜enter2 but hopefully this works for you and you see something like this: In earlier versions of Windows, this information was stored in the Securit圜enter namespace. Try this command: Get-CimInstance -Namespace root/Securit圜enter2 -ClassName AntivirusProduct ManageEngine ADManager Plus - Download Free TrialĮxclusive offer on ADManager Plus for US and UK regions. Manage and Report Active Directory, Exchange and Microsoft 365 with
0 kommentar(er)
