Endpoint Protection detects a threat but can't remediate it
Updated: April 1, 2012
Applies To: System Center 2012 Configuration Manager, System Center 2012 R2 Configuration Manager, System Center 2012 Endpoint Protection SP1, System Center 2012 Configuration Manager SP1, System Center 2012 Endpoint Protection, Windows Intune, Forefront Endpoint Protection, System Center 2012 R2 Endpoint Protection
When Endpoint Protection detects a potential threat that's hiding inside a compressed file with a .zip file name extension or within a network share, it tries to deal with the threat by quarantining or removing the threat.
Symptom
You might receive a notice that Endpoint Protection was not able to apply your actions.
Cause
In most cases, this problem occurs because Endpoint Protection doesn't have access to the location where the infection is located.
Solution
Remove or scan the file
-
If the detected threat was in a .zip file, browse to the .zip file, and then either remove the file or scan it by right-clicking the file and selecting Scan with Endpoint Protection. If Endpoint Protection detects additional threats in the file, it notifies you about these threats and enables you to choose an appropriate action.
-
If the detected threat was in a network share, browse to the network share and scan it by right-clicking the file and selecting Scan with Endpoint Protection. If Endpoint Protection detects additional threats in the network share, it notifies you about these threats and enables you to choose an appropriate action.
-
If you're not sure of the file's origin, one of the best solutions is to run a full scan on your computer. (For more information, see Scanning for viruses, spyware, and other potentially unwanted software.) A full scan may take some time to complete, but it makes it possible for Endpoint Protection to look for the source of the infection and clean it.