Reporting suspicious software to Microsoft Active Protection Service


Updated: April 1, 2012

Applies To: System Center 2012 Configuration Manager, System Center 2012 R2 Configuration Manager, System Center 2012 Endpoint Protection SP1, System Center 2012 Configuration Manager SP1, System Center 2012 Endpoint Protection, Windows Intune, Forefront Endpoint Protection, System Center 2012 R2 Endpoint Protection

If Endpoint Protection detects software on your computer that has not yet been classified for risks, you might be asked to send a sample of the software to Microsoft Active Protection Service for analysis. When you're prompted to send a sample, Endpoint Protection displays a list of files that can help analysts determine if the software is malicious. You can choose to send some or all of the files in the list. For information on Microsoft Active Protection Service, see Changing your Microsoft Active Protection Service community membership.

To send files to Microsoft Active Protection Service

If Endpoint Protection detects a file or program on your computer that might be malicious or harmful, you can send it to Microsoft.

To submit a malicious software sample

  1. On the Help menu, click Submit malicious software sample.

  2. The Microsoft Malware Protection Center site opens. Follow the instructions, and submit the sample.

To report software that might be incorrectly classified

If Endpoint Protection alerts you about software that you don't believe is malicious or unwanted, you can report the problem to Microsoft by completing the False Positive Report Form on the Microsoft Web site (