Microsoft Defender keeps giving notice of a historic threat


For a short while, Defender seemed adamant that it couldn’t co-exist with a legitimate program

A while ago (see “I’ve had enough of Norton spam“) I purged all my computers of Norton 365 (even though I still had an active subscription) because I was tired of its own popups trying to sell me something else. I’ve gone back to Microsoft Defender.

For the most part, it’s fine, although it does seem to be starting to get a bit “verbose” as well. What I had always liked about Defender was that it just got on with the job without constantly reminding me of how clever it’s been in protecting me in a dangerous world.

Threat found
Defender kept reporting the same old “threat”
Apart from the “creeping verbosity”, though, it had also recently developed an annoying habit. It kept telling me that it had found a threat when, in fact, it was talking about an old, historic, issue that had been dealt with ages ago. As it happens, the “threat” it had identified was a legitimate program that I knew was present and which was doing a legitimate job. Nevertheless, I wasn’t unhappy that Defender had spotted it because it might have been doing something naughty behind my back.

What I didn’t want, though, was constant reminders about the same thing over and over again when I’d already told Defender to ignore it. For a short while I thought that this was a battle of wills between Defender and myself in which Defender was trying to assert its inflexible certitude that the program in question mustn’t be present on my system.

Clean scan
.. but the summary report said everything was clean
When I looked in the summary of Defender’s actions, however, it told me that everything was clean (see illustration above), so this suggested that there was a bit of a glitch somewhere. A bit of research flagged up that this was, indeed, something that could happen in both Windows 10 and 11.

Luckily, it’s easy to remedy when you know how. Just go to Windows Explorer and then navigate to:

C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service

Then just delete all the files inside the “Service” folder. If you feel a bit nervous about doing this, you could copy the files elsewhere first so that you could put them back if necessary.

I took this action about four weeks ago and I’m happy to report that the issue has gone away and stayed away.

I realise that this little tip might not be useful to many people, but I know how annoyed I was starting to get at the same threat seeming to recur, so if this helps anyone at all then it will have been worthwhile 😀.

And, if you don’t want to take my word for it, here’s where I found the solution: