deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 04:43:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #2864 from MicrosoftDocs/repo_sync_working_branch

Browse Source 
Confirm merge from repo_sync_working_branch to master to sync with https://github.com/MicrosoftDocs/windows-itpro-docs (branch public)
This commit is contained in:
Gary Moore
2020-05-22 15:32:40 -07:00
committed by GitHub
parent 4591fe433d 8d084ea888
commit 649359fd77
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
View File

@ -30,19 +30,19 @@ ms.topic: article
Run the following PowerShell script on a newly onboarded machine to verify that it is properly reporting to the Microsoft Defender ATP service. Run the following PowerShell script on a newly onboarded machine to verify that it is properly reporting to the Microsoft Defender ATP service.
1. Create a folder: 'C:\test-WDATP-test'. 1. Create a folder: 'C:\test-MDATP-test'.
2. Open an elevated command-line prompt on the machine and run the script: 2. Open an elevated command-line prompt on the machine and run the script:
a. Go to **Start** and type **cmd**. 1. Go to **Start** and type **cmd**.
b. Right-click **Command Prompt** and select **Run as administrator**. 1. Right-click **Command Prompt** and select **Run as administrator**.
![Window Start menu pointing to Run as administrator](images/run-as-admin.png) ![Window Start menu pointing to Run as administrator](images/run-as-admin.png)
3. At the prompt, copy and run the following command: 3. At the prompt, copy and run the following command:
``` ```powershell
powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-WDATP-test\\invoice.exe');Start-Process 'C:\\test-WDATP-test\\invoice.exe' powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden $ErrorActionPreference= 'silentlycontinue';(New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-MDATP-test\\invoice.exe');Start-Process 'C:\\test-MDATP-test\\invoice.exe'
``` ```
The Command Prompt window will close automatically. If successful, the detection test will be marked as completed and a new alert will appear in the portal for the onboarded machine in approximately 10 minutes. The Command Prompt window will close automatically. If successful, the detection test will be marked as completed and a new alert will appear in the portal for the onboarded machine in approximately 10 minutes.