Using Endpoint Protection to remove potentially harmful software


Updated: April 1, 2012

Applies To: System Center 2012 Configuration Manager, System Center 2012 R2 Configuration Manager, System Center 2012 Endpoint Protection SP1, System Center 2012 Configuration Manager SP1, System Center 2012 Endpoint Protection, Windows Intune, Forefront Endpoint Protection, System Center 2012 R2 Endpoint Protection

To remove all unwanted or potentially harmful items that Endpoint Protection detects quickly and easily, use the Clean computer option.

  1. When you see the notification message that Endpoint Protection displays in the Notification area after it detects potential threats, click Clean computer.

  2. Endpoint Protection removes the potential threat (or threats), and then notifies you when it's finished cleaning your computer.

  3. To learn more about the detected threats, click the History tab, and then select All detected items.

  4. If you don't see all the detected items, click View details. If you're prompted for an administrator password or confirmation, type the password or confirm the action. On systems running Windows XP, you may need to log on as an administrator on this computer.


During computer cleanup, whenever possible, Endpoint Protection removes only the infected part of a file, not the entire file.