Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

It's not just you. I just checked two of my laptops after seeing your post. You can see in the screen snip below how many files were scanned and how long the quick scan took earlier today with the last update being done at 7.30am this morning. So I updated the definitions and ran another quick scan. It took a few seconds and as you can see, scanned only 50 files. The other computer scanned 44 and also took seconds on the same definition update number. I'd say the latest virus definition update is dodgy and has broken the quick scan. I haven't tried a full scan.

Earlier Quick Scan on definition version 1.301.1600.0:



Quick scan just done on 1.301.1608.0:



EDIT: Same behaviour doing a full scan - 50 files and 13 secs. I just updated to 1.301.1615.0 but it hasn't fixed it.

 

A whopping two files for me...LOL!

 

I just screen-recorded a scan for a souvenir because it's clearly abnormal. Someone at Microsoft forum reported this was registered at the Feedback Hub, so it's probably being looked into. Now at version 1.301.1622.0 and the scan continues to malfunction, on here: hesitating for about 3 seconds, then "scanning" 8 files and closing. Funky.

 

Thank you for confirming, stapp and catspyjamas!

Maybe this is in response to people's complaints about Defender's high resource usage, combined with too many false positives.

 

MSE on Windows 7 pro 64 bit
Under 1.301.1592.0 regime the screen showed that last scan was Sept.21. Today is Sept.18 here. Believe me.
I ran the update to 1.301.1645.0. Same future event date on the screen.
Then I ran the quick scan. I saw it scanned 18 files and then it was done in a blink of an eye. I missed seeing the final count.
Scan date is now correct = today.

 

are there just noobs working @ microsoft ? more and more bugs in windows and defender.....free OS called Win 10 will become more and more expensive ^^

 

Windows Defender Antivirus Scans Broken After New Update
https://www.bleepingcomputer.com/ne...nder-antivirus-scans-broken-after-new-update/

 

Relax folks!

https://www.zdnet.com/article/windows-defender-malware-scans-are-failing-after-a-few-seconds/


In an email to ZDNet, Microsoft confirmed the bug and said the company was working on a fix. The company said that only manual or scheduled scans were impacted, and that Windows Defender's real-time scanning protection was not impacted, and should detect malware once it reaches a system.

Fortunately, there's a way around this bug, if users need to perform daily scans of sensitive systems. Instead of relying on a Quick or Full scan, users can use the Windows Defender "Custom scan" feature and select the drives of folders they'd like scanned, manually, one by one.

 

Looks like its working now
took several min here and thousands files scanned on quick

 

It's become a bit of a Gong show of late

 

Yes, I'm at the very latest 1.301.1684.0 after forcing this and the scan completed perfectly, at the hoped-for time. Seven minutes, bah humbug!

Spoiler: defender is back!

Thank you for announcing this, Tyreman!

 

After the update, my scan time was back to normal, 1:50 for ~19,000 files.

 

1712 scanned as a normal sched quick scan today. Seems to be working as it should now.

 

If malware can never run, then you don't need any security tools. But you should always cover all kinds of scenarios. What if you get tricked into running malware? Then AV and behavior blocker should come into action. And I don't believe that Win Def has got any behavior blocker, so once malware is allowed to run, it's indeed game over, but feel free to correct me.

 

I see this statement mentioned often in these forums, and I only partially agree with it. It depends on what kinds of security measures the end user has in place, as to whether or not it really is "game over" once malware is allowed to run. In my particular case, malware has to clear a number of hurdles before it can complete its infection stages. That's why I use a layered security approach.

• least privileged account
• UAC at max
• SRP @default-deny for all users
• Windows security
• OSArmor
• Software firewall with default-deny outgoing
• browser hardening
• Group policy hardening
• full system images just in case

Everything above represents a hurdle for malware. I don't buy into the "it's game over" mindset if malware is allowed to run, unless of course it's allowed to bypass all the security measures in place. I'm pretty confident in my own abilities to not allow the latter to occur.

 

I'm afraid you're misunderstanding. I'm talking about a scenario where you allow the malware to run because you trust it, and AV keeps quit. If you don't use any other layers, then it's indeed game over. That's why I have been always been fascinated with behavior blockers/HIPS.

But is this a true behavior blocker, that watches for post execution behavior? Or is it a behavior monitor that helps to determine if a file is malware or not. This is what we call pre-execution, I'm not interested in that, and all AV's offer this.