Last month I’ve published an article on MS Defender and Nagios, on a similar topic this week I used the MS Defender Powershell module and wrote a helper function to scan on-demand a file using mpcmd.exe. Continue reading “How to run on-demand AV scanning on a file with MS Defender using Powershell”
In this article, I will use a PowerShell one-liner script to generate a test file to test if the Anti-Virus runtime solution installed is working as expected.
Recently I’ve encountered a strange issue that affected one Windows workstation with Sophos AV (Endpoint) software installed. Sometimes this software creates some temporary files with ‘$$$’ extension and apparently it never removes them.
I thought that the process of analysis and implementing a solution for this edge case was perfect for an article and it is applicable to many similar situations when scripting is required to collect information or mitigate.