Antivirus Client Overview
Microsoft System Center Endpoint Protection (SCEP)
District Owned Computers
All Butte campus computers have the Microsoft System Center Endpoint Protection (SCEP) Antivirus/Malware application installed. This application allows for IT to provide timely updates for antivirus settings, and also allows us to proactively monitor virus and malware activity across campus.
Personally Owned Computers
Every personally owned computer used on campus is required to have current operating system patches and antivirus protection. There are many free antivirus programs available for use--district technical support personnel cannot make recommendations on antivirus programs for use on personally owned devices.
Endpoint Protection for Windows
The System Center Endpoint Protection (SCEP) application for Windows has four main tabs. The tabs are Home, Update, History, and Settings. We have determined predefined settings and only allow some settings to be defined by the user. If the setting is greyed out then this means the setting can not be changed by the user.
Your PC is protected if you see the following icon in your system tray:
We are working hard to secure your computer so you don't have to worry about having up-to-date antivirus and system patches. You shouldn't have to do much in your Antivirus program as IT manages it for you as part of our SUDS Program.
Virus Warning Window
On the rare occasion a virus is detected, you will be presented with a window similar to the following. It is best to apply the recommended action. If you are unsure what to do, please contact User Support Services for assistance at 895-2888.
Allows you to choose to run a Quick, Full, or Custom scan.
- Quick scan – checks the areas that malicious software, including viruses, spyware, and unwanted software are most likely to affect.
- Full scan – checks all files on your hard disk and checks all running programs. Depending on your system this scan may take more than one hour.
- Custom scan – checks only the locations and files that you select.
Shows the following:
- If the Real-time protection is On or Off.
- If the Virus and spyware definitions are Up to date.
- Allows you manually update definitions
- Shows the following:
- Definitions created on: Date and Time
- Definitions last updated: Date and Time
- Virus definitions version: Version Number
- Spyware definition version: Version Number
Allows you to view the following items:
- Quarantined Items – Items that have been deemed as malicious software, virus, or spyware.
- Allowed Items – Items that you choose as acceptable files.
- All detected items – Items that were detected on your computer.
- View Details – Shows more information about the items that have been quarantined and allowed items. You will need to click on this to view any of the items.
Allows you to set the following items where allowed:
- Scheduled Scan– Sets the time when a scan should be run on the computer.
- Scan Type – Allows Quick, Full, or Customer scan be chosen.
- When – Choose the day the scan will run.
- Around – Time the scan runs.
- Daily quick scan time around: – Allows you to set a time to run a quick scan.
- Check for the latest virus and spyware definitions before running a scheduled scan – This option sets the ability to run a definitions update before running a scan.
- Start the scheduled scan only when my PC is on but not in use – Setting for the scan to only run while your computer is on. If the computer is in hibernation or sleep mode the scan will not run.
- Limit CPU usage during scan to – The sets the limit for the amount or percentage of Central Processing Unit used to run the scan.
- Default actions – Allows you to set a default action to take when System Center Endpoint Protection finds a potential or known threat based on alert level. There are four threat levels, Severe, High, Medium, and Low. You are able to set whether SCEP will Remove, Quarantine, or Allow a threat for the level.
- Real-time protection – This setting allows the user to turn on real time protection meaning the SCEP will run and protect the computer while in use. This will allow you to check the options to scan downloads, monitor file and program activity, enable behavior monitoring, and enable Network Inspection System.
- Excluded files and locations – Allows a user to set certain file types and locations where the files are stored to be excluded from the scan. Some file types are already preset if you are using the managed client.
- Excluded file types – Allows you to set the specific file types that you would like to be excluded from the scan.
- Excluded processes – Allows you to set the specific processes to exclude from the scan.
- Scan archive files – Allows archive files to be included during the scan.
- Scan removable drives – Allows removable drives such as (usb or external HDD) to be scanned.
- Create a System Restore point – This option creates a restore point that can be used by SCEP to return to in case the items deleted or removed from the system cause an issue.
- Allow all users to view the full History Results – Allows all the users of the computer to see the history results for that computer (We don't recommend to set this.)
- Microsoft Active Protection Service (MAPS) – This setting allows you to control what information is sent to Microsoft about the current potentially unwanted software, malware, and viruses. The recommend setting is Basic membership and is the default setting for Managed client users.