![]() If your computer has been offline or not connected to the College’s wired network for an extended period, you can manually check for protection updates by following these steps: IT Solutions performs Windows Defender protection updates on a daily basis, and all College‑issued computers will automatically receive these updates. (To view quarantined items, on the Virus & threat protection screen, click the Threat history link.) If after one month the quarantined file is still visible in your quarantined items, please see the ITS Service Desk website to submit a Service Desk ticket. The full scan takes all day on my computer with tons of files, so that extra indication would be very informative.NOTE: If the scan identifies an issue, it will quarantine the suspect file for one month before deleting it. That would help me to estimate how much longer it will take to complete. I assume it's using a different heuristic each time or something, but a better indication of how many heuristics or how many scans it needs would be nice. ![]() Even if I start it on a scan of just the C drive, it seems to scan it multiple times. That would reassure users that the suspicious files will be further evaluated to determine if they are actually infected, so the final result of no infections will not be so contradictory that it leads to posts being created on Microsoft forums.Īnd since I'm already in here giving unsolicited advice about how to improve an already useful tool, it would be helpful if there was some indication of what it is doing when it starts the progress bar over again. ![]() The scan progress screen should show "Suspicious files: 12" - not "Files Infected: 12"Īdditionally, based on the description Deng gave of what the tool actually does, the description at the top of the scan progress screen should be modified to say something like this: "After this operation completes, the tool will send any suspicious files to Microsoft to determine if they are viruses, spyware, or other potentially unwanted software and report the results." I agree with Clegg here about the contradictory messaging. Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. If the Answer is helpful, please click " Accept Answer" and upvote it. So what actually happened is that the scanner found possible malware fragments, communicated with the MAPS servers and confirmed there weren't any active malware that it can identify running and completed its operation by reporting these final results as well as uploading its reporting to MAPS as a record.īack to your case, according to the screenshots there's nothing truly wrong with what the Safety Scanner found. Near the end of the scanning process, say 95% complete, the Microsoft scanners all perform a MAPS (Microsoft Active Protection Service) request via internet to the the Microsoft cloud servers in order to upload their initial findings and request confirmation that these findings are either truly malware or instead possible false positive detections or incomplete fragments of inactive malware. In many cases these specific items have been found in the past to be related to malware, but they are all really just small fragments that have matched signatures, but aren't yet truly confirmed as the specific malware that might include them. The "Files Infected" count displayed on the Microsoft Safety Scanner, scan in progress screen or any of their other security products for that matter, is actually just a preliminary status indication that there are items which may contain malware. ![]() To truly answer your question, you need to understand how the Microsoft security apps actually operate, since that's part of why this sort of situation can be confusing to those who don't.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |