Resolving scan failures

Applies To: Forefront Client Security

When a malware scan or an SSA scan fails, the Client Security agent creates an event. If the computer is protected by a Client Security policy of alert level 3, 4, or 5, Client Security generates a "Scanning Failed" alert or a "Security State Assessment Failed" alert, as appropriate.

Researching scan failures

If Client Security created an alert for the scan failure, use the alert's Properties tab to view information about this alert and learn which computer experienced the scan failure.

If Client Security did not create an alert for the scan failure, you can still view the event logged on the collection server. In the MOM Operator console, view the event to learn which computer experienced the scan failure. For more information about viewing events, see Working with events.

For more information about alerts, see Working with alerts.

To resolve a scan failure

1. Using the Computer Detail report, investigate the computer. Make sure it is operating correctly and has resources available. Check the event log for events relevant to the console and resolve any issues found in the log.

2. Perform a scan on the computer. If Client Security detects any issues, resolve them and scan the computer again.

3. After resolving any issues you find on the computer, use the Client Security agent to get any available service and signature updates. In the Client Security agent UI, on the Help menu, click Check for updates.