Windows 10: New Windows Defender


  1. Posts : 340
    Windows 10 Pro 64 bit
       15 Apr 2017 #1

    New Windows Defender


    I cant get the new WD Security Center to scan just one file like the old one did.
      My ComputersSystem Spec


  2. Posts : 17,612
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       15 Apr 2017 #2

    Click image for larger version. 

Name:	Image 003.png 
Views:	14 
Size:	440.0 KB 
ID:	130256
      My ComputersSystem Spec


  3. Posts : 340
    Windows 10 Pro 64 bit
    Thread Starter
       15 Apr 2017 #3

    That doesn't work. This is what I get when I R click and choose Scan with WD.
    Click image for larger version. 

Name:	WDe1.PNG 
Views:	87 
Size:	29.4 KB 
ID:	130290
    Click image for larger version. 

Name:	WDe2.PNG 
Views:	1 
Size:	19.9 KB 
ID:	130291
      My ComputersSystem Spec

  4.    15 Apr 2017 #4

    It ends up at that screen after doing the file scan. It could be made clearer what's happening in my view.
      My ComputersSystem Spec


  5. Posts : 25,240
    64-bit Windows 10 Pro build 17040
       15 Apr 2017 #5

    Hey Clint,

    In your "Windows Defender Security Center" screenshot, it shows 0 threats found in the 2 files scanned from what you right clicked on.


    If you like, you might see if the context menu in Option Two of the tutorial below may work better for you for this.

    Scan with Windows Defender Context Menu - Add in Windows 10 - Windows 10 Customization Tutorials
      My ComputersSystem Spec


  6. Posts : 340
    Windows 10 Pro 64 bit
    Thread Starter
       15 Apr 2017 #6

    Brink said: View Post
    Hey Clint,

    In your "Windows Defender Security Center" screenshot, it shows 0 threats found in the 2 files scanned from what you right clicked on.


    If you like, you might see if the context menu in Option Two of the tutorial below may work better for you for this.

    Scan with Windows Defender Context Menu - Add in Windows 10 - Windows 10 Customization Tutorials
    Brink, I get that screen on every file that I try to scan. It always shows 2 files. I download the reg file in option 2 It does the same.
      My ComputersSystem Spec


  7. Posts : 4,509
    10 Home x64 (1709) (10 Pro on 2nd pc)
       15 Apr 2017 #7

    Clint said: View Post
    I get that screen on every file that I try to scan. It always shows 2 files...
    I've tried a Defender scan on various files, including a .png (1 file scanned), .txt (1), Add_Scan_with_Windows_Defender-UI.reg (3) and Reset_Microsoft_Edge.zip from this tutorial (3). That last one is informative, because if I extract the .ps1 file it contains and scan that it then says 2 files were scanned.

    The number of 'files' scanned seems to depend on what Defender finds looking inside the file, and what else may need to be scanned as a consequence. In the case of the zip v. extracted file, the zip container would be the one extra file in the first scan. Typically Defender will individually scan every file packed inside a .exe that is a Setup package.

    Exactly what type of file are you trying to scan?



    Edit: I have just restored the 1607 image for my test machine (System Two in my 'specs') and scanned the same 'Reset_Microsoft_Edge.zip' as above. This said 2 items for the .zip file, one when scanning the extracted .ps1.

    It may be that the Creators' Defender has new functions to scan 'system' related items if found in such text-based files.
    Last edited by Bree; 15 Apr 2017 at 21:36. Reason: Additional test.
      My ComputersSystem Spec

  8.    16 Apr 2017 #8

    Works fine here Clint and never seen this bug + not able to reproduce it. See if the old user interface may cause this, never know? In Task Manager/Details/MSASCuiL.exe/End task/End Process.

    Regards,
      My ComputerSystem Spec


  9. Posts : 4,509
    10 Home x64 (1709) (10 Pro on 2nd pc)
       16 Apr 2017 #9

    @Clint, I have a full explanation of 'why' (it is actually correct behaviour) and a simple 'how' that will fix it.

    On my Creators Update the old and the new UI show the same number 'two' with a custom scan of a folder containing the single file Reset_Microsoft_Edge.ps1

    Click image for larger version. 

Name:	scan 1703.PNG 
Views:	2 
Size:	120.1 KB 
ID:	130504


    However, I have discovered how to turn this file into a file that Defender sees as only being one file/item. The clue was when I copied to a USB to scan it on another machine, the copy only scanned as one item - even when copied back to the original machine. This was because the file was no longer marked as 'This file came from another computer and may be blocked to help protect this computer'.

    The way a file is blocked is that it has a Zone Identifier recorded in an alternate data stream. This is an independent data stream alongside the file contents data. Alternate data streams have been a feature of the ntfs file system since XP. You can read it with the Streams utility from Sysinternals.

    Code:
    C:\TEMP>streams Reset_Microsoft_Edge.ps1
    
    Streams v1.56 - Enumerate alternate NTFS data streams
    Copyright (C) 1999-2007 Mark Russinovich
    Sysinternals - www.sysinternals.com
    
    C:\TEMP\Reset_Microsoft_Edge.ps1:
       :Zone.Identifier:$DATA       72


    Defender was quite correct in saying it had scanned two files - the first was the content of the file and the second was the alternate data stream.

    Copying this 'blocked' file to an ntfs formatted USB and scanning it with Defender on a 1607 PC again shows two items were scanned. This is not a new feature or bug. It is correct behaviour and has always been that way.

    Bottom line: All 'blocked' files will have two items for Defender to scan. You can remove the second by unblocking the file.
    Last edited by Bree; 16 Apr 2017 at 20:02.
      My ComputersSystem Spec


  10. Posts : 340
    Windows 10 Pro 64 bit
    Thread Starter
       17 Apr 2017 #10

    Well, I guess every thing is alright then. Thanks to all that replied. I will mark it solved.
      My ComputersSystem Spec


 

Related Threads
Solved Windows Defender in AntiVirus, Firewalls and System Security
Hi! I currently use Norton 360 for virus control. To renew, Norton is asking 100+ bucks, I can not nor will pay that amount. Is Defender enough to control malware on my laptop? Norton does ok, but I do not want to pay 100 bucks to renew Thank...
Windows 10 Defender in AntiVirus, Firewalls and System Security
Hello, Have learned that on my system is built-in 'defender', made a search in the searc box and came with this (screenshot) result, got a notice that it is turned off, however, the buttonts are Gray, cannot move them to on position. Built in is...
Hello. Using BitDefender. Cant seem to activate Windows Defender (also). Does Bit Defender prohibit Windows Defender from being activated ? Any idea why I can't activate ? Assuming I can, somehow, do I want both ?
Windows Defender in AntiVirus, Firewalls and System Security
I'm having problems with this, too. Or rather I'm worried I may not be protected. I downloaded Windows 10 yesterday. When I go into programs, I don't see Windows Defender in there. Why not? Shouldn't it be there? I've been reading on the net...
Solved Windows Defender in AntiVirus, Firewalls and System Security
windows defender is turned of on my computer but every time I boot my system windows defender is telling me its turned of is there a way to stop this (I am using windows 10 pro insider preview build 10074)
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:16.
Find Us