• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Windows Defender isn't protecting me?


Posts
2
#1
I'm devastated. I've always had well protected computers.
On my old computer I used Panda for my av.
My new pc is running Win 8.1.
I saw that Windows Defender came highly recommended, so I'm using it.
It is set for protection and scans.
I just ran Malwarebytes and it found 74 (!!) infected registry keys.
Oddly enough, my computer has been running just fine.
My question is why didn't WD catch these?
Should I use another AV?
Thank you for any advice.
Here is a sampling of what Malwarebytes found:

Code:
Registry Keys: 74
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [72e2c8fd72097fb7d9857e5c30d2fb05], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bitguard.exe, Quarantined, [3b1931942b503600a0592b1209fb49b7], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [f55f3b8a196280b65a0338a25ca606fa], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bprotect.exe, Quarantined, [f064923384f775c146b47ac3f80ccc34], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [0a4a1fa61f5c14225804b02a6f93cf31], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\bpsvc.exe, Quarantined, [ef657d4882f9a3937e7d7ac39d6720e0], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [d87c1ea7a8d370c6c38d7b5fa06214ec], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserdefender.exe, Quarantined, [83d19b2a5e1d68ceaa5267d6fb09649c], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [a4b03c8932497cba4f0218c2738f3ec2], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browserprotect.exe, Quarantined, [6ee6c005bdbe7bbb837a6bd206feac54], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [50049d282d4e41f5c48e92484cb6dc24], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\browsersafeguard.exe, Quarantined, [450f4d782655989e53ab1924b54f2dd3], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [ca8a9d28d3a86bcbc68e7d5d09f99769], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\dprotectsvc.exe, Quarantined, [ef65e4e115660234d32c211c81838e72], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\jumpflip, Quarantined, [83d103c2c7b4dd598d73033be71dbe42], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [83d11ea7f685b185cc89ddfddd259967], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\protectedsearch.exe, Quarantined, [a0b4299c5c1f4de98a770737bd47fc04], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchinstaller.exe, Quarantined, [96bed4f1fa810036a85a3b03b252e61a], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [d87c4382e59679bd0e488d4da35f758b], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotection.exe, Quarantined, [a1b35b6af883fe38b84bea542ada6c94], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [6aea6c59156641f5ef683b9f56ac1ee2], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchprotector.exe, Quarantined, [a0b45f66c6b571c51fe544fad4301ae6], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings.exe, Quarantined, [1c3855707a01ce6845c088b671937e82], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\searchsettings64.exe, Quarantined, [cf85537264172016e026a09ec341fd03], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [460e21a41764142287d10bcf44be41bf], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\snapdo.exe, Quarantined, [01531fa61b60aa8cb651f6489272f50b], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [c68e8b3abac10c2a1b3ee1f9788a57a9], 
PUP.Optional.IFEO.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst32.exe, Quarantined, [4c086e57fc7fb87ed731e9559b69758b], 
Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\stinst64.exe, Quarantined, [b99be1e492e9dd595efcb921c939ae52],
 
Last edited by a moderator:

My Computer

System One

  • OS
    Win 8.1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Dell
    Browser
    Firefox
    Antivirus
    Window Defender

CountMike

Well-Known Member
VIP Member
Guru
Belgrade , Serbia

Posts
4,664
#2
Even MS admitted that Defender is not good enough as main protection so adding a "Real AV" is always a good idea. No AV can make you 100% protected but even free AVs are better than nothing. If you were satisfied with Panda in the past you should continue using it.
 

My Computer

System One

  • OS
    Windows 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Home made
    CPU
    AMD Ryzen7 2700x
    Motherboard
    Asus Prime x470 Pro
    Memory
    16GB Kingston 3600
    Graphics Card(s)
    Asus strix 570 OC 4gb
    Hard Drives
    Samsung 960 evo 250GB
    Silicon Power V70 240GB SSD
    WD 1 TB Blue
    WD 2 TB Blue
    Bunch of backup HDDs.
    PSU
    Sharkoon, Silent Storm 660W
    Case
    Raidmax
    Cooling
    CCM Nepton 140xl
    Internet Speed
    40/2 Mbps
    Browser
    Firefox
    Antivirus
    WD

TairikuOkami

Be nice to all, please?!
Pro User
Trnava

Posts
683
#3

My Computer

System One

  • OS
    Win 8.1.1 Pro x64
    Computer type
    Laptop
    System Manufacturer/Model
    Lenovo E525
    CPU
    AMD A4-3300M @ 2,0GHz
    Memory
    6GB DDR3 1333MHz
    Graphics Card(s)
    AMD Radeon HD 6480G 512MB shared
    Sound Card
    Creative Sound Blaster X-Fi Surround 5.1
    Screen Resolution
    1366x768
    Hard Drives
    WD 465GB
    Cooling
    Fusion Tweaker
    Keyboard
    Logitech K360
    Mouse
    Logitech M705
    Internet Speed
    50/50 MBps
    Browser
    Yandex
    Antivirus
    No AV & No Firewall
    Other Info
    Headphones: Sennheiser RS170
Posts
2
#4
Thank you for the info.
Thank you Brink for correctly formatting my c/p.
I still think it's absurd that WD would ignore 74 instances of malware.
I've switched to another AV.
 

My Computer

System One

  • OS
    Win 8.1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Dell
    Browser
    Firefox
    Antivirus
    Window Defender

paulsalter

Member
Power User
UK

Posts
278
#5
I have always found this PUP software to be no problem, it is usually add related software that comes pre installed by shareware

Other AV software also ignore it as it is not really a virus/malware
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Dell Inspiron 3521
    CPU
    i5
    Memory
    4 GB
    Graphics Card(s)
    AMD Radeon
    Browser
    IE

azasadny

Moved to ten*****s.com
VIP Member
Guru
#6
PUP's are not viruses.... I use Defender as well as MalwareBytes Premium and that has served me well.
 

My Computer

System One

  • OS
    Win 10 Pro 64bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Home built Intel i7-3770k-based system
    CPU
    Intel i7-3770k, Overclocked to 4.6GHz (46x100) with Corsair H110i GT cooler
    Motherboard
    ASRock Z77 OC Formula 2.30 BIOS
    Memory
    32GB DDR3 2133 Corsair Vengeance Pro
    Graphics Card(s)
    GeForce GTX 980ti SC ACS 6GB DDR5 by EVGA
    Sound Card
    Creative Sound Blaster X-Fi Titanium HD, Corsair SP2500 speakers and subwoofer
    Monitor(s) Displays
    LG 27EA33 [Monitor] (27.2"vis) HDMI
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung SSD 850 EVO 250GB (system drive)
    WD 6TB Red NAS hard drives x 2 in Storage Spaces (redundancy)
    PSU
    Corsair 750ax fully modular power supply with sleeved cables
    Case
    Corsair Air 540 with 7 x 140mm fans on front, rear and top panels
    Cooling
    Corsair H110i GT liquid cooled CPU with 4 x 140" Corsair SP "push-pull" and 3 x 140mm fans
    Keyboard
    Thermaltake Poseidon Z illuminated keyboard
    Mouse
    Corsair M65 wired
    Internet Speed
    85MBps DSL
    Browser
    Chrome and Edge
    Antivirus
    Windows Defender, MalwareBytes Pro and CCleaner Pro
    Other Info
    Client of Windows Server 2012 R2 10 PC's, laptops and smartphones on the WLAN.

    1GBps Ethernet ports

Migotop

Member
Member
Posts
70
#7
malware?

My malwarebytes premium is also calling "hijack" for an image file execution options key, which redirects to a "debugger". From what I hear, this is an old school hijack. How can I tell if it's a legit debugger or malware?
 

My Computer

System One

  • OS
    windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    ASUS
    Browser
    firefox
    Antivirus
    avast

Users Who Are Viewing This Thread (Users: 0, Guests: 1)