Monthly Archives: November 2013

CDXML: Module Manifest

Last time we created a module using CDXML to wrap the Win32_Bios WMI class. This gave us a cmdlet – Get-Bios.  As the intention is to create a number of modules that expose the WMI classes related to hardware we … Continue reading

Posted in CDXML, CIM, Modules, PowerShell and WMI, PowerShell V3, PowerShell v4 | Leave a comment


Its been stated many times that over 60% of the modules in PowerShell 3 & 4 are created using CDXML – objects-over-cmdlets. This involves taking a WMI class and wrapping it in XML to create a PowerShell module. At this … Continue reading

Posted in CDXML, PowerShell and WMI, PowerShell V3, PowerShell v4 | Leave a comment

Defender Module: Threat Catalog

You can see the threats that defender is testing against Get-MpThreatCatalog | select SeverityID, ThreatName You get a long list like this 5 TrojanDownloader:Win32/Agent.A4 TrojanDownloader:Win32/Holistyc2 Dialer:Win32/EPlugin5 Backdoor:Win32/Fxsvc2 Adware:Win32/Networkone This is the important one: Get-MpThreatDetection You want this to return nothing … Continue reading

Posted in Powershell, Windows 8.1 | Leave a comment

Mac Address

No not where you go for a burger! I saw a post on the forum about getting the MAC address fro remote machines. The original post was using a fixed filter on NetConnectionID which assumes that all of your machines … Continue reading

Posted in Networking, PowerShell and WMI | Leave a comment

Clearing the Trusted Hosts list

This post rounds out the remoting series and shows you how to clear the trusted hosts list

Posted in Powershell | Leave a comment

Windows 8.1 Defender module

Windows 8.1 includes a module – Defender for working with the anti-malware engine on the machine.  I’m presuming this means Windows Defender only The starting point is Get-MpComputerStatus £> Get-MpComputerStatus AMEngineVersion                 : 1.1.10100.0AMProductVersion                : 4.3.9600.16384AMServiceEnabled                : TrueAMServiceVersion                : 4.3.9600.16384AntispywareEnabled              : … Continue reading

Posted in PowerShell and WMI, PowerShell v4, Windows 8.1 | Leave a comment

Remoting series

My remoting series on the Scripting Guy blog has finished.  The full set of posts is:

Posted in Powershell | Leave a comment