Windows PowerShell command on Get-command Get-ProcessMitigation

NAME

Get-ProcessMitigation

SYNOPSIS

Gets the current process mitigation settings, either from the registry, from a running process, or saves all to a XML.

SYNTAX

Get-ProcessMitigation [-FullPolicy] []

Get-ProcessMitigation [-Id] []

Get-ProcessMitigation [-Name] [-RunningProcesses] []

Get-ProcessMitigation [-RegistryConfigFilePath ] []

Get-ProcessMitigation [-System] []

DESCRIPTION

Gets all process mitigation settings either by process name (either running or from -Registry), or by process ID.

Can also save all settings to an XML file.

PARAMETERS

-FullPolicy []

Returns every processes' current mitigation settings in the registry Required? false Position? named Default value False Accept pipeline input? False Accept wildcard characters? false

-Id

Process Id to retrieve current running process mitigation settings from Required? true Position? 0 Default value None

Accept pipeline input? True (ByPropertyName, ByValue)

Accept wildcard characters? false

-Name

Current process name to get current running (Or from registry) process mitigation settings from one (Can be more than one instance) Required? true Position? 0 Default value None Accept pipeline input? False Accept wildcard characters? false

-RegistryConfigFilePath

File to save the current registry process mitigation configuration to Required? false Position? named Default value None Accept pipeline input? False Accept wildcard characters? false

-RunningProcesses []

Pull the current process mitigation settings from a running instance instead of the registry. Required? false Position? named Default value False Accept pipeline input? False Accept wildcard characters? false

-System []

Pulls the current system defaults for process mitigations. Required? false Position? named Default value False Accept pipeline input? False Accept wildcard characters? false This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).

INPUTS

System.Int32[]

OUTPUTS

System.Object

NOTES

Example 1

PS C:\> Get-ProcessMitigation -Name notepad.exe -RunningProcess

Gets the current settings on all running instances of notepad.exe

Example 2

PS C:\> Get-ProcessMitigation -Name notepad.exe

Gets the current settings in the registry for notepad.exe

Example 3

PS C:\> Get-ProcessMitigation -Id 1304

Gets the current settings for the running process with pid 1304

Example 4

PS C:\> Get-ProcessMitigation -RegistryConfigFilePath settings.xml

Gets the all process mitigation settings from the registry and saves them to the xml file settings.xml

Example 5

PS C:\> Get-ProcessMitigation -FullPolicy

Gets all policies for all processes set in the registry.

Example 6

PS C:\> Get-ProcessMitigation -System

Gets the current system process mitigation defaults stored in the registry.

Example 7

PS C:\> Get-Process notepad | Get-ProcessMitigation

Gets the current process mitigation settings for all running instances of notepad.exe