locked
Intune not reporting details of malware detection RRS feed

  • Question

  • Hi all,

    My intune has flagged one of my clients with Malware.
    However it appears not to be showing the details of the Malware. (Filename & location), or giving me any options to deal with it.
    It tells me the name of the Malware but nothing else. [about as much use as a chocolate teapot]
    So given this how do I..::

    1. identify the filename and location (folder) of the offending item/file.
    2. permit/approve/allow/authorize (or whatever you want to call it) to override the false detection of systems administration tools as Malware.
    3. Initiate removal/delete/quarantine process..
      (All I seem to be able to do is initiate a full scan which just reports that I have this Malware)

    Many thanks
    David (Nobby) Barnes

    Saturday, May 25, 2013 1:58 PM

Answers

All replies

  • Hi David,

    You'll need to remediate the malware on the local machine and/or setup local exceptions.   However you can setup a few Anti-Malware policy settings under the policy workaround to prevent certain locations/file types from being scanned.  http://technet.microsoft.com/en-US/library/jj676574.aspx

    A full scan after infection is recommended as it will typically remove/clean any malware off the machine that is found.

    Thanks.


    Jon L. - MSFT - This posting is provided "AS IS" with no warranties and confers no rights.

    Saturday, May 25, 2013 7:00 PM
  • Hi Jon,

    Thanks for replying so promptly..

    Hmmmm... seems like this is one of those "oh bugger" moments..
    the machine in question is a laptop 'on the road' (so to speak)... it's rarely online for any length of time..
    In fact we are quite impressed that Intune manages to keep this machine updated etc given its fleeting presence online..
    oh double drat..

    Is there any way in the reports or such on the intune console to identify the malware source (the file detected) ??

    Thanks
    David

    Saturday, May 25, 2013 10:23 PM
  • Yes, I know this is an old post, but I’m trying to clean them up. Did you solve this problem, if so what was the solution?


    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Wednesday, March 11, 2015 1:51 PM
  • No real resolution.

    Intune seems to detect malware, report the fact it has detected but no details of WHAT it has detected.

    Seems to me to be a functional/design feature/flaw/issue


    Friday, March 13, 2015 10:04 AM
  • At this point I would suggest post a suggestion/bug to either the Connect site or the uservoice site for intune/SCCM. This way it might get fixed.

    https://connect.microsoft.com/

    https://microsoftintune.uservoice.com/


    Garth Jones | My blogs: Enhansoft and Old Blog site | Twitter: @GarthMJ

    Saturday, June 20, 2015 3:00 PM