????
Your IP : 3.12.151.104

Current Path : C:/Program Files/Windows Defender/en-US/
Current File : C:/Program Files/Windows Defender/en-US/ProtectionManagement.dll.mui
MZ����@���	�!�L�!This program cannot be run in DOS mode.

$��<߱�R���R���R�U�����R�U�P���R�Rich��R�PEL�!�

�
a@ ��8.rdata�@@.rsrc� �@@��
T88��$��8.rdata8x.rdata$zzzdbg .rsrc$01%�.rsrc$02 ��+l��T�V�
��+`0_���픟қ����0�H���0�H�`�x�����������	�
 �8�P�
h������������� �!(�@�X�	p	�	�	�	�	�	�	�	�			 	0	@	P	`	p	�	�	�	�	�	�	��$���%
��*��p1��h8��4:���;&��=b�\?��C���EX�H�N�(S���f	�p�	��y.��}�
�����D���������؝��Ȣ��MUI���yI\k���g0�g�
����v��NmuB�}���MUIen-US5This is an abstract class that shows the base status.Computer ID created by MAPSThe current computer state
CleanStatePendingFullScan
PendingRebootPendingManualStepsPendingOfflineScanCriticalFailure/Product version (major, minor, build, revision)/Service version (major, minor, build, revision)AThe Antispyware Signature version (major, minor, build, revision)kAntispyware Signature age in days - if signatures have never been updated you will see an age of 65535 daysiAntispyware Last updated local time. If this has never updated you will see a null value in this property?The Antivirus Signature version (major, minor, build, revision)PAhAntivirus Signature age in days- if signatures have never been updated you will see an age of 65535 dayshAntivirus Last updated local time - If this has never updated you will see a null value in this property9The NRI Signature version (major, minor, build, revision)bNRI Signature age in days- if signatures have never been updated you will see an age of 65535 daysbNRI Last updated local time - If this has never updated you will see a null value in this propertycTime of last Full Scan start - If this has never updated you will see a null value in this propertyaTime of last Full Scan end - If this has never updated you will see a null value in this propertycLast full scan age in days- if signatures have never been updated you will see an age of 65535 daysLast scan sourceUnknownUserSystem	Real-timeIOAV$Real-time scan direction enumerationBothIncoming	OutcomingdTime of last Quick Scan start - If this has never updated you will see a null value in this propertybTime of last Quick Scan end - If this has never updated you will see a null value in this propertyeLast quick scan age in days- if signatures have never been updated you will see an age of 65535 days.5The AM Engine version (major, minor, build, revision)If the AM Engine is enabledWSpecifies whether the computer is monitoring file and program activity on your computer)Scan all downloaded files and attachments0Specifies whether behavior monitoring is enabled1Specifies whether Antivirus protection is enabled3Specifies whether Antispyware protection is enabled2Specifies whether the machine is a virtual machine6Specifies whether the machine has tamper protection on1Specifies whether real-time protection is enabled2NRI Engine version (major, minor, build, revision)PAIf the NRI Engine is enabledThe Schema VersionUnique Detection IDThe name of the threatSeverity ID - EnumerationLowModerateHighSevereCategory ID - EnumerationINVALIDADWARESPYWAREPASSWORDSTEALERTROJANDOWNLOADERWORMPABACKDOORREMOTEACCESSTROJANTROJANEMAILFLOODER	KEYLOGGERDIALERMONITORINGSOFTWAREBROWSERMODIFIERCOOKIE
BROWSERPLUGIN
AOLEXPLOITNUKERSECURITYDISABLERJOKEPROGRAMHOSTILEACTIVEXCONTROLSOFTWAREBUNDLERPASTEALTHNOTIFIERSETTINGSMODIFIERTOOLBARREMOTECONTROLSOFTWARE	TROJANFTPPOTENTIALUNWANTEDSOFTWARE
ICQEXPLOITTROJANTELNETFILESHARINGPROGRAMMALWARE_CREATION_TOOLREMOTE_CONTROL_SOFTWARETOOLTROJAN_DENIALOFSERVICETROJAN_DROPPERTROJAN_MASSMAILERTROJAN_MONITORINGSOFTWAREPATROJAN_PROXYSERVERVIRUSKNOWNUNKNOWNSPPBEHAVIOR
VULNERABILTIYPOLICYType ID - Enumeration	Known BadBehavior
Known GoodNRIThreat Rollup StatusThreatCleanRebootRequiredPAOfflineScanRequiredManualStepsRequiredFullScanRequiredReinfectionLoopExecuted(List of resources affected by the threat Specifies if threat has executed!Specifies if the threat is activeVThis is a singleton that represents the Microsoft Antimalware service infection status7This class represents the catalog of recognized threatsUnique Threat ID The name of the process involved"The user who requested remediation&Detection Source Type ID - EnumerationELAMLocalAttestationPARemoteAttestation+List of resources affected by the detection!The initial threat detection time0The most recent time of the threat status changeThe time of the remediation.!Execution Status ID - EnumerationBlockedAllowed	ExecutingNotExecuting"The Threat Status ID - EnumerationDetectedCleanedQuarantinedRemovedCleanFailedPAQuarantineFailedRemoveFailedAllowFailed	Abandoned
BlockedFailedThe threat status error code!The cleaning action - EnumerationClean
QuarantineRemoveAllowUserDefinedNoActionBlock/Specifies if the cleaning action was successfulAAdditional actions required to complete remediation - EnumerationNoneFullScanAndRebootRequiredFullScanAndManualStepsRequiredRebootAndManualStepsRequired'FullScanAndRebootAndManualStepsRequiredFullScanAndOfflineScanRequiredRebootAndOfflineScanRequired'FullScanAndRebootAndOfflineScanRequired!ManualStepsAndOfflineScanRequired,FullScanAndManualStepsAndOfflineScanRequired*RebootAndManualStepsAndOfflineScanRequired5FullScanAndRebootAndManualStepsAndOfflineScanRequiredFThis is a class that represents the current detailed state of a threathAllows an administrator to specify if Automatic Exclusions feature for Server SKUs should be turned off.[Allows an administrator to explicitly disable a scan from checking any of the paths listed.`Allows an administrator to explicitly disable a scan from checking any of the extensions listed._Allows an administrator to explicitly disable a scan from checking any of the processes listed.TIndicates how many days items should kept in Quarantine folder before being removed.&Real-time scan direction - EnumerationZIndicates what day of the week to perform the scheduled full scan to complete remediation.	Every DaySundayMondayTuesday	WednesdayThursdayFridaySaturdayNeverOIndicates what time to perform the scheduled full scan to complete remediation.=Configure timeout for detections requiring additional action.zTime in minutes for a detection in the 'critically failed' state to move to either 'additional action' or 'cleared' state.PAUTime in minutes for a detection in the 'failed' state to move to the 'cleared' state.OSpecify the maximum percentage of CPU utilization during a scan. This policy setting allows you to configure the maximum percentage CPU utilization permitted during a scan. Valid values for this setting are a percentage represented by the integers 5 to 100. A value of 0 indicates that there should be no throttling of CPU utilization.
When set, Microsoft Defender Antivirus will check for new signatures before running a scan.  If new signatures are found they will be downloaded and installed before the scan begins.  If no new signatures are found, the scan will start based on the existing signatures.CTurn on removal of items from scan history folder. This setting defines the number of days items should be kept in the scan history folder before being permanently removed. The value represents the number of days to keep items in the folder. If set to zero, items will be kept forever and will not be automatically removed.+Run scheduled scans only if system is idle.2Specify the scan type to use for a scheduled scan.
Quick Scan	Full Scan4Specify the day of the week to run a scheduled scan.6Specify the time of day to run a scheduled quick scan.0Specify the time of day to run a scheduled scan.eAborts any service-initiated update immediately after first install by the configured amount of time.�Overrides CheckForSignatureBeforeRunningScan.  Aborts any service-initiated update if signature was updated successfully within this amount of time. Time in minutes.�Defines the file shares for downloading security intelligence updates. setting allows you to configure UNC file share sources for downloading security intelligence updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources. For example: {\unc1 | \unc2 }. The list is empty by default.�When set to true, AM Service will not initiate security intelligence update on start-up, regardless of whether an Engine is present or not.�Define the order of sources for downloading security intelligence updates. This setting allows you to define the order in which different security intelligence update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources in order. Possible values are: 'InternalDefinitionUpdateServer'  'MicrosoftUpdateServer'  'MMPC'  'FileShares' �Indicates the day of the week in which security intelligence updates occur. If set to zero (0x0) then security intelligence update occurs daily.�Specifies the time at which security intelligence update check happens. By default the signatures are checked before the scheduled scan.�Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up;  1 = 1 day;  2 = 2 days, etc.�The time value is represented as the number of hours between update checks. Valid values range from 1 (every hour) to 24 (once per day).Join Microsoft MAPS.DisabledBasicAdvancedConsent for sample submission.AlwaysPromptSendSafeSamples	NeverSendSendAllSamplesDisable the privacy mode.�This setting allows you to enable or disable randomization of the scheduled scan start time and the scheduled security intelligence update start time. This setting is used to distribute the resource impact of scanning. For example, it could be used in guest virtual machines sharing a host, to prevent multiple guest virtual machines from undertaking a disk-intensive operation at the same time.Disable behavior monitoring.$Disable intrusion prevention system.Disable IOAV protection.Disable real-time monitoring.Disable script scanning.Disable archive scanning.�Disable catch-up full scan.  A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.�Disable catch-up quick scan.  A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.Disable email scanning.!Disable removable drive scanning.Disables restore point.3Disable running full scan on mapped network drives. Disables scanning network files.Enable UI Lockdown mode.�The Ids of threats upon which default action should not be taken when detected. The actions in ThreatIDDefaultAction_Actions need to be specified in the same order as the Ids in ThreatIDDefaultAction_Ids�Default actions for threats upon which default action should not be taken when detected. The actions need to be in the same order as their respective Ids specified in the ThreatIDDefaultAction_Ids property.#Default action for unknown threats.PA(Default action for low severity threats.-Default action for moderate severity threats.)Default action for high severity threats.+Default action for severe severity threats.>Specify PUA(Potentially Unwanted Application) protection mode.Enabled	AuditModeDisable block at first seen.!Configure cloud protection level.DefaultHigh+Zero tolerance:Configure extended cloud check. Valid values 0-50 seconds.FConfigure Microsoft Defender Exploit Guard network protection feature.
Audit Mode/Configure the Controlled folder access feature.PABlockDiskModificationOnlyAuditDiskModificationOnly?Specify the exclusions for Attack Surface Reduction Rules(ASR).�Specify Attack Surface Reduction Rule(ASR) Ids. The rule Ids need to be in the same order as their respective actions specified in the AttackSurfaceReductionRules_Actions property.�Default actions for Attack Surface Reduction Rule(ASR). The actions need to be in the same order as their respective rule Ids specified in the AttackSurfaceReductionRules_Ids property.AAdd allowed applications to the Controlled folder access feature.>Add protected folders to the Controlled folder access feature.GDefines a file share for security intelligence in virtual environments.HConfigure whether low cpu priority should be used during scheduled scan.2Enables or disables file hash computation feature.�Define the order of sources for downloading security intelligence updates This setting allows you to define the order in which different security intelligence update sources should be contacted. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources in order. Possible values are: 'InternalDefinitionUpdateServer'  'MicrosoftUpdateServer'  'MMPC'  'FileShares' �Indicates the day of the week in which security intelligence updates occur. If set to zero then security intelligence update occurs daily.�Defines the number of days after which a catch-up signature is warranted. Works with SignatureUpdateLastChecked. 0 = no catch-up,  1 = 1 day,  2 = 2 days, etc.Disable privacy mode.�A user confirmation is sought by default by this cmdlet. If -Force is specified, the default confirmation is not sought from the user.:Specify the exclusions for Attack Surface Reduction Rules.PAODefines a file share for security intelligence updates in virtual environments.1.0.Microsoft Defender Antivirus Preferences Class+The Microsoft Defender Antivirus Scan Class0The Microsoft Defender Antivirus Signature ClassCategory of Notification.ScanStateNotificationsThreatStateNotificationsSignatureStateNotificationsComputerStateNotificationsDetailed Scan Notifications.
ErrorOccurred
ScanCompletedDetailed Threat Notifications.SuccessfulRemediationNonCriticalFailure!Detailed Signature Notifications.SignaturesOutOfDate Detailed Computer Notifications.ScansOutOfDateComponentsChangedStateRecovered)Date and time the WMI Event was generated�Additional Data. At the moment, the only use is when the CategoryDiscriminant is equal to ThreatStateNotificationsthen this value will contains the ThreatID3Microsoft Defender Antivirus Event Indication Class/The Microsoft Defender Antivirus WDO Scan Class1The Microsoft Defender Antivirus Heart Beat ClassPA%1!s! is scanning your deviceBThis might take some time, depending on the type of scan selected. Scan was completed successfully.;Errors were encountered when attempted to scan your device.Custom Scan	Full Scan
Quick Scan%1!s! %2!s!&Updating virus and spyware definitions[%1!s! updates your virus and spyware definitions automatically to help protect your device.@Virus and spyware definitions update was completed successfully.?Virus and spyware definitions update was completed with errors.Virus and spyware definitions2Operation failed with the following error: 0x%1!x!:ScanPath parameter is required when running a custom scan.-A scan is already in progress on this device.KVirus and spyware definitions update is already in progress on this device.@Items detected as potentially harmful are already being cleaned.EThere are currently no active detected items on your device to clean.WErrors were encountered while attempted to clean items detected as potentially harmful.gA ThreatIDDefaultAction_Actions value should be specified for each ThreatIDDefaultAction_Ids parameter.:Failed to get default action for threat id. Error: 0x%1!x!TOperation failed with the following error: 0x%1!x!. Operation: %2!s!. Target: %3!s!.EYou don't have enough permissions to perform the requested operation.FErrors were encountered when attempted to run WDO scan on your device.�����There was an error %1 in the %2 WMI provider instance retrieval methods.%0

�There was an error %1 in the %2 WMI provider static method.%0

�There was an error %1 in the %2 WMI provider FireEvent method.%0

|There was an error %1 when attempted to register for %2 WMI provider notifications from all the active computer sessions. Only notifications from the current session will be received.%0

�There was an error %1 when attempted to create event monitoring thread for %2 WMI provider.%0

�There was an error %1 when attempted to register %2 WMI provider for monitoring antimalware notifications.%0

�4VS_VERSION_INFO��@s@s?LStringFileInfo(040904B0LCompanyNameMicrosoft Corporationr%FileDescriptionProtection Management WMIv2 Providern'FileVersion4.18.1907.16384 (WinBuild.160101.0800)JInternalNameProtectionManagement�.LegalCopyright� Microsoft Corporation. All rights reserved.bOriginalFilenameProtectionManagement.dll.muij%ProductNameMicrosoft� Windows� Operating SystemDProductVersion4.18.1907.16384DVarFileInfo$Translation	�PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPAD