description: Gets detected malware. external help file: AdminUI.PS.dll-Help.xml Module Name: ConfigurationManager ms.date: 05/02/2019 schema: 2.0.0 title: Get-CMDetectedMalware
Gets detected malware.
Get-CMDetectedMalware [-ThreatCategory <MalwareThreatCategory>] [-ThreatName <String>]
[-DisableWildcardHandling] [-ForceWildcardHandling] [<CommonParameters>]
Get-CMDetectedMalware -Collection <IResultObject> [-ThreatCategory <MalwareThreatCategory>]
[-ThreatName <String>] [-DisableWildcardHandling] [-ForceWildcardHandling] [<CommonParameters>]
Get-CMDetectedMalware -CollectionId <String> [-ThreatCategory <MalwareThreatCategory>] [-ThreatName <String>]
[-DisableWildcardHandling] [-ForceWildcardHandling] [<CommonParameters>]
Get-CMDetectedMalware -CollectionName <String> [-ThreatCategory <MalwareThreatCategory>] [-ThreatName <String>]
[-DisableWildcardHandling] [-ForceWildcardHandling] [<CommonParameters>]
Get-CMDetectedMalware -ThreatId <String> [-DisableWildcardHandling] [-ForceWildcardHandling]
[<CommonParameters>]
The Get-CMDetectedMalware cmdlet gets detected malware.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
PS ABC:\> Get-CMDetectedMalware
This command gets all detected malware.
PS ABC:\> Get-CMDetectedMalware -CollectionName "testCollection"
This command gets all detected malware for the collection named testCollection.
PS ABC:\> Get-CMDetectedMalware -ThreatName "Virus:DOS/EICAR_Test_File"
This command gets all detected malware named Virus:DOS/EICAR_Test_File.
Specifies a collection object. To obtain a collection object, use the Get-CMCollection cmdlet.
Type: IResultObject
Parameter Sets: ByCollection
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: FalseSpecifies the ID of a collection.
Type: String
Parameter Sets: ByCollectionId
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the name of a collection.
Type: String
Parameter Sets: ByCollectionName
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies a malware threat category object. To obtain a malware threat category object, use the Get-CMMalwareThreatCategory cmdlet.
Type: MalwareThreatCategory
Parameter Sets: ByName, ByCollection, ByCollectionId, ByCollectionName
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the ID of a threat.
Type: String
Parameter Sets: ByThreatId
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseSpecifies the name of a threat.
Type: String
Parameter Sets: ByName, ByCollection, ByCollectionId, ByCollectionName
Aliases: Name
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: FalseThis cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.