Browse Source
Merge pull request #431 from alan-null/issue/430
#430 | DefenderServices check (edge-cases)
pull/437/head
Dmitry Nefedov
2 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with
66 additions and
108 deletions
-
src/Sophia_Script_for_Windows_10/Module/Sophia.psm1
-
src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1
-
src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1
-
src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1
-
src/Sophia_Script_for_Windows_11/Module/Sophia.psm1
-
src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1
|
|
|
@ -289,24 +289,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") |
|
|
|
|
|
|
|
@ -271,24 +271,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/microsoft/windows/defender).AntispywareEnabled) |
|
|
|
|
|
|
|
@ -271,24 +271,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/microsoft/windows/defender).AntispywareEnabled) |
|
|
|
|
|
|
|
@ -289,24 +289,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") |
|
|
|
|
|
|
|
@ -298,24 +298,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/microsoft/windows/defender).AntispywareEnabled) |
|
|
|
|
|
|
|
@ -298,24 +298,17 @@ function Checks |
|
|
|
} |
|
|
|
|
|
|
|
# Checking services |
|
|
|
@("Windefend", "SecurityHealthService", "wscsvc") | ForEach-Object -Process { |
|
|
|
if ($null -eq (Get-Service -Name $_ -ErrorAction Ignore)) |
|
|
|
{ |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
else |
|
|
|
{ |
|
|
|
if ((Get-Service -Name $_).Status -eq "running") |
|
|
|
try |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $true |
|
|
|
$Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop |
|
|
|
} |
|
|
|
else |
|
|
|
catch [Microsoft.PowerShell.Commands.ServiceCommandException] |
|
|
|
{ |
|
|
|
$Script:DefenderServices = $false |
|
|
|
} |
|
|
|
} |
|
|
|
$Localization.WindowsBroken |
|
|
|
exit |
|
|
|
} |
|
|
|
[array]$notRunning = $Services | Where-Object -FilterScript {$_.Status -ne "running"} |
|
|
|
$Script:DefenderServices = $notRunning.Count -eq 0 |
|
|
|
|
|
|
|
# Specifies whether Antispyware protection is enabled |
|
|
|
if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/microsoft/windows/defender).AntispywareEnabled) |
|
|
|
|
