DefenderMAPS.psm1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
function Test-MapsConnection { <# .Synopsis Test-MapsConnection .DESCRIPTION Use Test-MapsConnection to verify that your client can communicate with the Windows Defender Antivirus cloud service .EXAMPLE Test-MapsConnection The above command verifies connectivity with the Windows Defender Antivirus cloud service (MAPS) #> [CmdletBinding()] Param () Begin { If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole(` [Security.Principal.WindowsBuiltInRole] �Administrator�)) { Write-Warning �You do not have Administrator rights to run this script!`nPlease re-run this script as an Administrator!� Break } } Process { # Find the current most recent path of the Defender mpcmdrun.exe $DefenderPlatformPath = "C:\ProgramData\Microsoft\Windows Defender\Platform" Write-Verbose "Defender Platform Path: $DefenderPlatformPath\..." $mpcmdrunpath = (Get-ChildItem -Path "$DefenderPlatformPath\*\mpcmdrun.exe" | Select-Object * -Last 1).FullName If ([string]::IsNullOrEmpty($mpcmdrunpath)) { Write-Warning "Unable to locate mpcmdrun.exe in path $DefenderPlatformPath\..." $MAPSConnectivity = $false } Else { Write-Verbose "Defender mpcmdrun path: $mpcmdrunpath" $cmdArg = "-validatemapsconnection" $CheckResult = Start-Process -FilePath "$mpcmdrunpath" -ArgumentList "$cmdArg" -WindowStyle Hidden -PassThru -Wait # $CheckResult.ExitCode $MAPSConnectivity = switch ($CheckResult.ExitCode) { 0 { $true} default {$false} } } } End { If ($MAPSConnectivity -eq "True") { Write-verbose "ValidateMapsConnection successfully established a connection to MAPS" } Else { $MapsErrorDetail = ($CheckResult.ExitCode).ToString() Write-Verbose "ValidateMapsConnection failed: $MapsErrorDetail" } $MAPSConnectivity } } |