PowerUp.ps1:880 - Remove "C:\" False Positives

[Bubbl3H3d]

By default, the C:\ folder has special permissions set that allow unprivileged users to create new folders, but not to create or modify files in C:\ . This special permission set is misinterpreted by the script as a writable folder in the path, even though it is not. The proposed change removes results that return C:\ (subfolders within C:\ are still returned if they are modifiable).

[cnotin]

I had a similar problem with the following service path "C:\Program Files\....\service.exe" /service PowerUp splits this in two possible paths: C:\Program Files\...\service.exe and /service However Get-ModifiablePath tries to get the parent of /service with Split-Path -Parent which returns \ which becomes C:\ after Resolve-Path then it analyzes C:\ and due to its special permissions it becomes a false positive. @Bubbl3H3d, I suppose you encountered the same false positive in a similar situation, right?

Another possible fix is adding a -and ($ParentPath -ne '\\')

[Bubbl3H3d]

Yes, that does sound like a better way of approaching it.