Please - read the question in its entirety
- I can get half baked, ill thought, incomplete answers anywhere for free, but chose here in the hope of some accurate well considered professional answers.
Windows Defender picked up a number of infections affecting a large number of files on a pc. I hit two problems using defender (i don't have much experience with it coming from the enterprise side of things) and could not work out how to achieve what I needed.
- How do I produce a report of the files affected when the files are in the hundreds - clicking on the results window is not practical with hundreds of files impacted by multiple infections. The end user is a business who trusted Defender to be their solution. If your answer is the list is the only method then give it a try. you'll be back with the same concern as me.
- Where do we go to see review what the infection/malware has done (e.g. been recording keystrokes, mining bitcoin, encrypting files...)? I tried to advise the user on what had been happening while the malware was present but couldn't not locate any details. If its only hijacked the machine for bitcoin mining the impact is less than if the machine malware has been recording logins etc for a period and requires the passwords on literally hundreds of platforms then it wise to provide specific advice. If you say everything then your probably not experienced enough or not put much thought into your answer. .