We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
Just throwing this here for now so it's all consolidated in one place.
Check Windows Defender Controlled Folder Access status: (1 = enabled)
Get-MpPreference | Select-Object EnableControlledFolderAccess EnableControlledFolderAccess ---------------------------- 0
Check if user's Documents folder is "pinned" in Onedrive: (very rough and ugly, needs work)
$FILE_ATTRIBUTE_PINNED = 0x00080000 $path = "$env:OneDrive\Documents" $folder = Get-Item $path $attributes = $folder.Attributes If (($attributes -band $FILE_ATTRIBUTE_PINNED) -eq 0) { Write-Output "not pinned" } else { Write-Output "pinned" } pinned
Display a list of recently blocked Windows Defender items:
Get-MpThreatDetection | Select-Object -ExpandProperty resources file:_C:\WINDOWS\system32\Drivers\RwDrv.sys