Windows Defender stuck in a loop?


Wonderwrench

Well-known member
Local time
4:36 PM
Posts
11
OS
Windows 11 Pro
I have been using Malwarebytes Premium without problems for years. Gota use my lifetime license. I always temporarily disable Malwarebytes when testing drive performance and have done so for years without problems. I added another SSD to my system and wanted to see how it performed and did so. Now Windows Defender warns on startup VirToolWin32/DefenderTamperingRestore. This is false and Defender has lost its mind? I have had Defender start actions, performed full scans nothing found. Funny as Malwarebytes is still installed so Defender should be disabled. But on boot or a reboot I get the same warning. Just today I have uninstalled Malwarebytes same problem. Reset Defender in Brinks totorial. Same problem.

More info: Current threats list dates in the past that were never repaired. Same threat, same time stamp listed multiple times. Still shown as active yet there are none per full scan (found nothing)

Any help appreciated
Bill
 
Windows Build/Version
22H2 22621.3007

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    AMD Ryzen 7 5800X
    Motherboard
    ASUS ROG STRIX B550-F GAMING
    Memory
    G.SKILL 32GB 2X16 F4 3600C16-16GTZNC
    Graphics Card(s)
    Zotac GTX1070Ti AMP Extreme
    Sound Card
    High Definition Audio CODEC S1220A
    Monitor(s) Displays
    Dell S2716DG
    Screen Resolution
    1440P @ 120Hz
    Hard Drives
    Samsung 980 Pro 1 TB, Samsung 860 EVO 1 TB, Samsung 860 EVO 2 TB
    PSU
    Seasonic PRIME TX-750 SSR-750TR.
    Case
    Fractal Design Define R5
    Cooling
    NOCTUA NH-U12S
    Keyboard
    Corsair K70 MK2
    Mouse
    Logitech G602
    Internet Speed
    800 Mbps down\24 Mbps up
    Browser
    Firefox
    Antivirus
    Malwarebytes Premium
This detection is for suboptimal configurations that may prevent Windows Defender Antivirus from functioning properly.

How do you know thread is safe?
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP Pavilion
    CPU
    AMD Ryzen 7 5700G
    Motherboard
    Erica6
    Memory
    Micron Technology DDR4-3200 16GB
    Graphics Card(s)
    NVIDIA GeForce RTX 3060
    Sound Card
    Realtek ALC671
    Monitor(s) Displays
    Samsung SyncMaster U28E590
    Screen Resolution
    3840 x 2160
    Hard Drives
    SAMSUNG MZVLQ1T0HALB-000H1
This detection is for suboptimal configurations that may prevent Windows Defender Antivirus from functioning properly.

How do you know thread is safe?
Ah OK? I guess I don't know for sure my PC is not infected. Malwarebytes never found anything. I disabled Malwarebytes to bench the new drive, rebooted once complete and from then on Defender has gone off the rails.
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    AMD Ryzen 7 5800X
    Motherboard
    ASUS ROG STRIX B550-F GAMING
    Memory
    G.SKILL 32GB 2X16 F4 3600C16-16GTZNC
    Graphics Card(s)
    Zotac GTX1070Ti AMP Extreme
    Sound Card
    High Definition Audio CODEC S1220A
    Monitor(s) Displays
    Dell S2716DG
    Screen Resolution
    1440P @ 120Hz
    Hard Drives
    Samsung 980 Pro 1 TB, Samsung 860 EVO 1 TB, Samsung 860 EVO 2 TB
    PSU
    Seasonic PRIME TX-750 SSR-750TR.
    Case
    Fractal Design Define R5
    Cooling
    NOCTUA NH-U12S
    Keyboard
    Corsair K70 MK2
    Mouse
    Logitech G602
    Internet Speed
    800 Mbps down\24 Mbps up
    Browser
    Firefox
    Antivirus
    Malwarebytes Premium
This tread detected by Windows Defender because of the tread use to disable functions of Windows Defender so MalwareBytes may not detect as a tread.

 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP Pavilion
    CPU
    AMD Ryzen 7 5700G
    Motherboard
    Erica6
    Memory
    Micron Technology DDR4-3200 16GB
    Graphics Card(s)
    NVIDIA GeForce RTX 3060
    Sound Card
    Realtek ALC671
    Monitor(s) Displays
    Samsung SyncMaster U28E590
    Screen Resolution
    3840 x 2160
    Hard Drives
    SAMSUNG MZVLQ1T0HALB-000H1

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    AMD Ryzen 7 5800X
    Motherboard
    ASUS ROG STRIX B550-F GAMING
    Memory
    G.SKILL 32GB 2X16 F4 3600C16-16GTZNC
    Graphics Card(s)
    Zotac GTX1070Ti AMP Extreme
    Sound Card
    High Definition Audio CODEC S1220A
    Monitor(s) Displays
    Dell S2716DG
    Screen Resolution
    1440P @ 120Hz
    Hard Drives
    Samsung 980 Pro 1 TB, Samsung 860 EVO 1 TB, Samsung 860 EVO 2 TB
    PSU
    Seasonic PRIME TX-750 SSR-750TR.
    Case
    Fractal Design Define R5
    Cooling
    NOCTUA NH-U12S
    Keyboard
    Corsair K70 MK2
    Mouse
    Logitech G602
    Internet Speed
    800 Mbps down\24 Mbps up
    Browser
    Firefox
    Antivirus
    Malwarebytes Premium
The clean-install is the one of the best way to make sure detected infections are gone forever.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP Pavilion
    CPU
    AMD Ryzen 7 5700G
    Motherboard
    Erica6
    Memory
    Micron Technology DDR4-3200 16GB
    Graphics Card(s)
    NVIDIA GeForce RTX 3060
    Sound Card
    Realtek ALC671
    Monitor(s) Displays
    Samsung SyncMaster U28E590
    Screen Resolution
    3840 x 2160
    Hard Drives
    SAMSUNG MZVLQ1T0HALB-000H1
The clean-install is the one of the best way to make sure detected infections are gone forever.
I was joking ha ha! I followed the instructions in the link you supplied and found nothing. I did some research and as I suspected Defender got out of wack when I disabled malwarebytes. All that was needed was to delete the scan history manually. Some how Defender was stuck looking at history as if it was real time so some expletive. See fix here Redirecting Must be done in safe mode how to here. Start your PC in safe mode in Windows - Microsoft Support
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    AMD Ryzen 7 5800X
    Motherboard
    ASUS ROG STRIX B550-F GAMING
    Memory
    G.SKILL 32GB 2X16 F4 3600C16-16GTZNC
    Graphics Card(s)
    Zotac GTX1070Ti AMP Extreme
    Sound Card
    High Definition Audio CODEC S1220A
    Monitor(s) Displays
    Dell S2716DG
    Screen Resolution
    1440P @ 120Hz
    Hard Drives
    Samsung 980 Pro 1 TB, Samsung 860 EVO 1 TB, Samsung 860 EVO 2 TB
    PSU
    Seasonic PRIME TX-750 SSR-750TR.
    Case
    Fractal Design Define R5
    Cooling
    NOCTUA NH-U12S
    Keyboard
    Corsair K70 MK2
    Mouse
    Logitech G602
    Internet Speed
    800 Mbps down\24 Mbps up
    Browser
    Firefox
    Antivirus
    Malwarebytes Premium
This is the recommended setup to have the best of both worlds if you decide to start over with Windows.

Unfortunately, you cannot register Malwarebytes with Security Center and still have Windows Defender active. This is because Microsoft does not allow Windows Defender to remain active if any other program is registered with Security Center as antivirus protection. To use Malwarebytes with Windows Defender still active you need to turn off the option in Malwarebytes for Malwarebytes to register in the Windows Security Center.

1707374796012.png



You actually can turn it on to get Defender as an additional layer of real-time protection and it shouldn't conflict with Malwarebytes (we have many customers running the software in this very combination). To do so, simply open Malwarebytes and click the small gear icon located in the upper right area of the main Malwarebytes UI, then select the Security tab, then scroll down until you find the Windows Security Center and disable the option just beneath it so that Malwarebytes does not register with the Windows Security Center/Action Center, then restart your system and Windows Defender should now be enabled alongside Malwarebytes. The only difference is that Windows Security Center/Defender will no longer display Malwarebytes as your active AV protection even though both programs are fully active. Malwarebytes will of course continue to monitor itself so if it is ever too out of date, any protection component is disabled or there is any other issue with the software, Malwarebytes itself will still notify you about it.
 

My Computer

System One

  • OS
    Windows 10
This is the recommended setup to have the best of both worlds if you decide to start over with Windows.

Unfortunately, you cannot register Malwarebytes with Security Center and still have Windows Defender active. This is because Microsoft does not allow Windows Defender to remain active if any other program is registered with Security Center as antivirus protection. To use Malwarebytes with Windows Defender still active you need to turn off the option in Malwarebytes for Malwarebytes to register in the Windows Security Center.

View attachment 86389



You actually can turn it on to get Defender as an additional layer of real-time protection and it shouldn't conflict with Malwarebytes (we have many customers running the software in this very combination). To do so, simply open Malwarebytes and click the small gear icon located in the upper right area of the main Malwarebytes UI, then select the Security tab, then scroll down until you find the Windows Security Center and disable the option just beneath it so that Malwarebytes does not register with the Windows Security Center/Action Center, then restart your system and Windows Defender should now be enabled alongside Malwarebytes. The only difference is that Windows Security Center/Defender will no longer display Malwarebytes as your active AV protection even though both programs are fully active. Malwarebytes will of course continue to monitor itself so if it is ever too out of date, any protection component is disabled or there is any other issue with the software, Malwarebytes itself will still notify you about it.
That is the default setting as far as I know and the way mine was set up. I really dislike Defender because it's so dumbed down. It also has way to may false positives. It flags many tools that are 100% clean and even having the wrong file name can cause a false positive. I almost swear that Defender will flag a file if its not in it's database. Example I have a older game that came on CD and the CD was required to play. The game developer later came out with a patch to allow the game to be played without the CD. Guess what Defender thinks its a virus.

I'm a hoarder and keep all kinds of old stuff around that defender thinks are infected. Example I have all versions of windows boot disks from DOS 6.22 through Win Me, Windows install disks from Windows 1.1 though Windows 3.11 for work groups. UBCD and UBCD for Windows, Bart PE etc. Depending on the day Defender flags at least one of them. The trouble now is Defender will not allow me to allow files without loosing its mind. I get a warning notification on every boot bitching about the file or files I have allowed. Since I have external backups of said files I had Defender attempt to remove the files which it does but since these files are in history and Defender still warns on every boot about files that do not exist! What a POS!

I'm going to reinstall Malwarebytes but since Defender warns when I disable Malwarebytes when doing hardware testing and then saves to Scan history which sets Defender up to bitch about it on every boot not sure what to do. Its way to much BS to boot to safe mode to delete can history every time. It used to be so easy. I could disable Malwarebytes, Defender would take over while I was testing. Once done turn Malwarebytes back on and I was good to go.

Other thoughts: I have been looking into security programs and it seems Malwarebytes is falling behind the curve, I'm willing to spend money but want low overhead and good protection which looks to greatly reduce the options. Not sure what people are using these days.
 

My Computer

System One

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self built
    CPU
    AMD Ryzen 7 5800X
    Motherboard
    ASUS ROG STRIX B550-F GAMING
    Memory
    G.SKILL 32GB 2X16 F4 3600C16-16GTZNC
    Graphics Card(s)
    Zotac GTX1070Ti AMP Extreme
    Sound Card
    High Definition Audio CODEC S1220A
    Monitor(s) Displays
    Dell S2716DG
    Screen Resolution
    1440P @ 120Hz
    Hard Drives
    Samsung 980 Pro 1 TB, Samsung 860 EVO 1 TB, Samsung 860 EVO 2 TB
    PSU
    Seasonic PRIME TX-750 SSR-750TR.
    Case
    Fractal Design Define R5
    Cooling
    NOCTUA NH-U12S
    Keyboard
    Corsair K70 MK2
    Mouse
    Logitech G602
    Internet Speed
    800 Mbps down\24 Mbps up
    Browser
    Firefox
    Antivirus
    Malwarebytes Premium
Back
Top Bottom