Get-ProcessMitigation
Gets the current process mitigation settings, either from the registry, from a running process, or saves all to a XML.
Syntax
FullPolicy (Default)
Get-ProcessMitigation
[-FullPolicy]
[<CommonParameters>]
NameMode
Get-ProcessMitigation
[-Name] <String>
[-RunningProcesses]
[<CommonParameters>]
IdMode
Get-ProcessMitigation
[-Id] <Int32[]>
[<CommonParameters>]
SaveMode
Get-ProcessMitigation
[-RegistryConfigFilePath <String>]
[<CommonParameters>]
SystemMode
Get-ProcessMitigation
[-System]
[<CommonParameters>]
Description
Gets all process mitigation settings either by process name (either running or from -Registry), or by process ID. Can also save all settings to an XML file.
Examples
Example 1
PS C:\> Get-ProcessMitigation -Name notepad.exe -RunningProcess
Gets the current settings on all running instances of notepad.exe
Example 2
PS C:\> Get-ProcessMitigation -Name notepad.exe
Gets the current settings in the registry for notepad.exe
Example 3
PS C:\> Get-ProcessMitigation -Id 1304
Gets the current settings for the running process with pid 1304
Example 4
PS C:\> Get-ProcessMitigation -RegistryConfigFilePath settings.xml
Gets the all process mitigation settings from the registry and saves them to the xml file settings.xml
Example 5
PS C:\> Get-ProcessMitigation -FullPolicy
Gets all policies for all processes set in the registry.
Example 6
PS C:\> Get-ProcessMitigation -System
Gets the current system process mitigation defaults stored in the registry.
Example 7
PS C:\> Get-Process notepad | Get-ProcessMitigation
Gets the current process mitigation settings for all running instances of notepad.exe
Parameters
-FullPolicy
Returns every processes' current mitigation settings in the registry
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | f |
Parameter sets
FullPolicy
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Id
Process Id to retrieve current running process mitigation settings from
Parameter properties
| Type: | Int32[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
IdMode
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | True |
| Value from pipeline by property name: | True |
| Value from remaining arguments: | False |
-Name
{Current process name to get current running (Or from registry) process mitigation settings from one (Can be more than one instance)
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | n |
Parameter sets
NameMode
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RegistryConfigFilePath
File to save the current registry process mitigation configuration to
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | o |
Parameter sets
SaveMode
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-RunningProcesses
Pull the current process mitigation settings from a running instance instead of the registry.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | r |
Parameter sets
NameMode
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-System
Pulls the current system defaults for process mitigations.
Parameter properties
| Type: | SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | s |
Parameter sets
SystemMode
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.