Hi all,

My intune has flagged one of my clients with Malware.
However it appears not to be showing the details of the Malware. (Filename & location), or giving me any options to deal with it.
It tells me the name of the Malware but nothing else. [about as much use as a chocolate teapot]
So given this how do I..::

1. identify the filename and location (folder) of the offending item/file.
2. permit/approve/allow/authorize (or whatever you want to call it) to override the false detection of systems administration tools as Malware.
3. Initiate removal/delete/quarantine process..
   (All I seem to be able to do is initiate a full scan which just reports that I have this Malware)

Many thanks
David (Nobby) Barnes

Hi David,

You'll need to remediate the malware on the local machine and/or setup local exceptions.   However you can setup a few Anti-Malware policy settings under the policy workaround to prevent certain locations/file types from being scanned.  http://technet.microsoft.com/en-US/library/jj676574.aspx

A full scan after infection is recommended as it will typically remove/clean any malware off the machine that is found.

Thanks.

Hi Jon,

Thanks for replying so promptly..

Hmmmm... seems like this is one of those "oh bugger" moments..
the machine in question is a laptop 'on the road' (so to speak)... it's rarely online for any length of time..
In fact we are quite impressed that Intune manages to keep this machine updated etc given its fleeting presence online..
oh double drat..

Is there any way in the reports or such on the intune console to identify the malware source (the file detected) ??

Thanks
David