Export (0) Print
Expand All

Endpoint Protection detects a threat but can't remediate it

Updated: April 1, 2012

Applies To: Forefront Endpoint Protection, System Center 2012 Configuration Manager, System Center 2012 Configuration Manager SP1, System Center 2012 Endpoint Protection, System Center 2012 Endpoint Protection SP1, System Center 2012 R2 Configuration Manager, System Center 2012 R2 Endpoint Protection, Windows Intune

When Endpoint Protection detects a potential threat that's hiding inside a compressed file with a .zip file name extension or within a network share, it tries to deal with the threat by quarantining or removing the threat.

Symptom

You might receive a notice that Endpoint Protection was not able to apply your actions.

Cause

In most cases, this problem occurs because Endpoint Protection doesn't have access to the location where the infection is located.

Solution

Remove or scan the file

  • If the detected threat was in a .zip file, browse to the .zip file, and then either remove the file or scan it by right-clicking the file and selecting Scan with Endpoint Protection. If Endpoint Protection detects additional threats in the file, it notifies you about these threats and enables you to choose an appropriate action.

  • If the detected threat was in a network share, browse to the network share and scan it by right-clicking the file and selecting Scan with Endpoint Protection. If Endpoint Protection detects additional threats in the network share, it notifies you about these threats and enables you to choose an appropriate action.

  • If you're not sure of the file's origin, one of the best solutions is to run a full scan on your computer. (For more information, see Scanning for viruses, spyware, and other potentially unwanted software.) A full scan may take some time to complete, but it makes it possible for Endpoint Protection to look for the source of the infection and clean it.

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft