Windows 8 and 8.1 Forums


Windows Defender isn't protecting me?

  1. #1

    Windows Defender isn't protecting me?


    I'm devastated. I've always had well protected computers.
    On my old computer I used Panda for my av.
    My new pc is running Win 8.1.
    I saw that Windows Defender came highly recommended, so I'm using it.
    It is set for protection and scans.
    I just ran Malwarebytes and it found 74 (!!) infected registry keys.
    Oddly enough, my computer has been running just fine.
    My question is why didn't WD catch these?
    Should I use another AV?
    Thank you for any advice.
    Here is a sampling of what Malwarebytes found:

    Code:
    Registry Keys: 74
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [72e2c8fd72097fb7d9857e5c30d2fb05], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [3b1931942b503600a0592b1209fb49b7], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [f55f3b8a196280b65a0338a25ca606fa], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [f064923384f775c146b47ac3f80ccc34], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [0a4a1fa61f5c14225804b02a6f93cf31], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [ef657d4882f9a3937e7d7ac39d6720e0], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [d87c1ea7a8d370c6c38d7b5fa06214ec], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [83d19b2a5e1d68ceaa5267d6fb09649c], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [a4b03c8932497cba4f0218c2738f3ec2], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [6ee6c005bdbe7bbb837a6bd206feac54], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [50049d282d4e41f5c48e92484cb6dc24], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [450f4d782655989e53ab1924b54f2dd3], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [ca8a9d28d3a86bcbc68e7d5d09f99769], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [ef65e4e115660234d32c211c81838e72], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Quarantined, [83d103c2c7b4dd598d73033be71dbe42], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [83d11ea7f685b185cc89ddfddd259967], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [a0b4299c5c1f4de98a770737bd47fc04], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Quarantined, [96bed4f1fa810036a85a3b03b252e61a], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [d87c4382e59679bd0e488d4da35f758b], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [a1b35b6af883fe38b84bea542ada6c94], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [6aea6c59156641f5ef683b9f56ac1ee2], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [a0b45f66c6b571c51fe544fad4301ae6], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Quarantined, [1c3855707a01ce6845c088b671937e82], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Quarantined, [cf85537264172016e026a09ec341fd03], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [460e21a41764142287d10bcf44be41bf], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [01531fa61b60aa8cb651f6489272f50b], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [c68e8b3abac10c2a1b3ee1f9788a57a9], 
    PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [4c086e57fc7fb87ed731e9559b69758b], 
    Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [b99be1e492e9dd595efcb921c939ae52],
    Last edited by Brink; 11 Aug 2014 at 22:53. Reason: code box

      My System SpecsSystem Spec

  2. #2


    Even MS admitted that Defender is not good enough as main protection so adding a "Real AV" is always a good idea. No AV can make you 100% protected but even free AVs are better than nothing. If you were satisfied with Panda in the past you should continue using it.
      My System SpecsSystem Spec

  3. #3


    Trnava
    Posts : 683
    Win 8.1.1 Pro x64


    No AV catches everything and this is just one virus and probably not even that, since it is PUP.

    What is PUP (potentially unwanted program)? - Definition from WhatIs.com

    Windows Defender has detection only ~90%, so it would better to use something else anyway.

    AV-Comparatives Real-World Protection Test AV-Comparatives
      My System SpecsSystem Spec

  4. #4


    Thank you for the info.
    Thank you Brink for correctly formatting my c/p.
    I still think it's absurd that WD would ignore 74 instances of malware.
    I've switched to another AV.
      My System SpecsSystem Spec

  5. #5


    UK
    Posts : 283
    Windows 8.1


    I have always found this PUP software to be no problem, it is usually add related software that comes pre installed by shareware

    Other AV software also ignore it as it is not really a virus/malware
      My System SpecsSystem Spec

  6. #6


    PUP's are not viruses.... I use Defender as well as MalwareBytes Premium and that has served me well.
      My System SpecsSystem Spec

  7. #7


    Posts : 70
    windows 8.1

    malware?


    My malwarebytes premium is also calling "hijack" for an image file execution options key, which redirects to a "debugger". From what I hear, this is an old school hijack. How can I tell if it's a legit debugger or malware?
      My System SpecsSystem Spec

  8. #8


    Posts : 3
    Windows 8


    Windows Defender is a useless product. It's always turned off on any new system I use and is quickly replaced by a superior product.
      My System SpecsSystem Spec

Windows Defender isn't protecting me?
Related Threads
I posted this thread yesterday about my problem, and I've decided I will factory reset my operating system. I won't make you read the whole other thread, but the main issue is that "Change PC Settings", aka the Metro settings panel, doesn't work, so I can't "Refresh without affecting files". I...
Source: Chromium Blog: Protecting Windows users from malicious extensions
More...
Protecting you from malware in Windows 8 News
More...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook