D
dogbolter
Hope someone can help...
Dell M1330 notebook with Vista Home Premium SP1. All Microsoft Updates
applied.
Problem with Defender is as follows....
Every 3 days or so, if a manual scan has not been run, I get the icon
reminding me that a scan has not been run for several days. Fine so far...
So I look at the WD tools | options | scheduling info and it's set up to run
at 20:00 each evening as a quick scan. Fine so far... the notebook is on at
that time usually.
Investigate the hidden Windows Defender 'MP Scheduled Scan' in Task
Scheduler...
So that's it! The power conditions are set for the task to run only if the
computer is on AC power... well I'll just uncheck that box then so that's not
an issue anymore. While I'm at it, I'll also go into the settings tab and
ensure the task runs as soon as possible after a scheduled start is missed.
So I make the Task Scheduler changes, OK them, exit... I can go back in and
check and everything now looks OK....
But it doesn't run! And you know why? In the history tab of the MP Scheduled
Scan task, it appears that each time, a couple of mins after the notebook is
booted up, User 'NT AUTHORITY\System" deletes the WD scheduled task, and a
second later updates (or recreates) the scheduled task again with the 'AC
power on' check back in, and removes the 'run task as soon as possible after
a start is missed' check from the option!
There's a matching event with the same timestamp in the system windows event
log (id 5007, Windows Defender) where the registry key
HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\ScheduleTime is changed.
Just to add that I've disabled scheduling from within WD, deleted the Task
Scheduler job and then re-enabled automated scans in WD (ensuring that the TS
task is recreated) but the same sequence of events re-occurs.
Can anybody please suggest why this is happening, and what I could do to fix
it?
TIA,
Mike
Dell M1330 notebook with Vista Home Premium SP1. All Microsoft Updates
applied.
Problem with Defender is as follows....
Every 3 days or so, if a manual scan has not been run, I get the icon
reminding me that a scan has not been run for several days. Fine so far...
So I look at the WD tools | options | scheduling info and it's set up to run
at 20:00 each evening as a quick scan. Fine so far... the notebook is on at
that time usually.
Investigate the hidden Windows Defender 'MP Scheduled Scan' in Task
Scheduler...
So that's it! The power conditions are set for the task to run only if the
computer is on AC power... well I'll just uncheck that box then so that's not
an issue anymore. While I'm at it, I'll also go into the settings tab and
ensure the task runs as soon as possible after a scheduled start is missed.
So I make the Task Scheduler changes, OK them, exit... I can go back in and
check and everything now looks OK....
But it doesn't run! And you know why? In the history tab of the MP Scheduled
Scan task, it appears that each time, a couple of mins after the notebook is
booted up, User 'NT AUTHORITY\System" deletes the WD scheduled task, and a
second later updates (or recreates) the scheduled task again with the 'AC
power on' check back in, and removes the 'run task as soon as possible after
a start is missed' check from the option!
There's a matching event with the same timestamp in the system windows event
log (id 5007, Windows Defender) where the registry key
HKLM\SOFTWARE\Microsoft\Windows Defender\Scan\ScheduleTime is changed.
Just to add that I've disabled scheduling from within WD, deleted the Task
Scheduler job and then re-enabled automated scans in WD (ensuring that the TS
task is recreated) but the same sequence of events re-occurs.
Can anybody please suggest why this is happening, and what I could do to fix
it?
TIA,
Mike