Hello Community!
It's been two years since I published a script for a OneDrive for Business file check in this community. And even back then I had the code ready that also checks recovered files for possible malware. Of course, Microsoft 365 also has certain mechanisms, which are documented here.
Trust is good, control is better
I have now taken up my idea again and packed it into a new script. The script restores files from the lastest OneDrive for Business restore point and scans them for threats using Windows Defender. A single file can also be restored and scanned.
There is a "beautiful" listing when the scan has detected something.
Please read the README document on my GitHub for more details on how to use the script.
â›”Important!â›” Make sure that there is sufficient disk space in the directory where the files are to be restored. Also use an empty directory to save the data, as the script cleans everything up after execution.
Question to the community
What do you think of a script that restores and scans the attachments from Exchange Online backups? A script that scans attachments of a specific user or all users? Please give your feedback in the comments below.
Happy Scanning
Steve💖