Unblock-CMDetectedMalware
Unblocks detected malware.
Syntax
Unblock-CMDetectedMalware
[-Force]
-Threat <IResultObject>
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
-Collection <IResultObject>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
-CollectionId <String>
[-Force]
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
-CollectionName <String>
[-Force]
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
[-Force]
-ThreatId <String>
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
[-Force]
-ThreatName <String>
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Unblock-CMDetectedMalware
[-Force]
-UnblockAction <UnblockDetectedMalwareAction>
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Unblock-CMDetectedMalware cmdlet unblocks malware that has been blocked from running.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
Examples
Example 1: Unblock all detected malware
PS ABC:\> Unblock-CMDetectedMalware -UnblockAction AllowThreatThis command unblocks all detected malware.
Example 2: Unblock detected malware by getting a threat object
PS ABC:\> $Threat = Get-CMDetectedMalware -CollectionName "All Desktop and Server Clients"
PS ABC:\> Unblock-CMDetectedMalware -Threat $Threat -UnblockAction AllowThreatThe first command gets the detected malware object for the collection named All Desktop and Server Clients and stores the object in the $Threat variable.
The second command unblocks the threat stored in $Threat.
Example 3: Unblock detected malware by getting a collection object
PS ABC:\> $Collection = Get-CMCollection -CollectionType Device -Name "All Desktop and Server Clients"
PS ABC:\> Unblock-CMDetectedMalware -Collection $Collection -UnblockAction AllowThreatThe first command gets the device collection object named All Desktop and Server Clients and stores the object in the $Collection variable.
The second command unblocks the malware for the collection stored in $Collection.
Parameters
-Collection
Specifies a collection object. To obtain a collection object, use the Get-CMCollection cmdlet.
| Type: | IResultObject |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-CollectionId
Specifies the ID of a collection.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CollectionName
Specifies the name of a collection.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Threat
Specifies a detected malware object. To get a detected malware object, use the Get-CMDetectedMalware cmdlet.
| Type: | IResultObject |
| Aliases: | InputObject |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ThreatId
Specifies the ID of a threat.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ThreatName
Specifies the name of a threat.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-UnblockAction
Specifies the unblock action the cmdlet takes on the threat. Valid values are:
- AllowThreat
- RestoreOnly
- RestoreAndAllow
| Type: | UnblockDetectedMalwareAction |
| Accepted values: | AllowThreat, RestoreOnly, RestoreAndAllow |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet doesn't run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.ConfigurationManagement.ManagementProvider.IResultObject
Outputs
System.Object