Windows Defender stuck in a loop?

I have been using Malwarebytes Premium without problems for years. Gota use my lifetime license. I always temporarily disable Malwarebytes when testing drive performance and have done so for years without problems. I added another SSD to my system and wanted to see how it performed and did so. Now Windows Defender warns on startup VirToolWin32/DefenderTamperingRestore. This is false and Defender has lost its mind? I have had Defender start actions, performed full scans nothing found. Funny as Malwarebytes is still installed so Defender should be disabled. But on boot or a reboot I get the same warning. Just today I have uninstalled Malwarebytes same problem. Reset Defender in Brinks totorial. Same problem.

More info: Current threats list dates in the past that were never repaired. Same threat, same time stamp listed multiple times. Still shown as active yet there are none per full scan (found nothing)

Any help appreciated
Bill

This detection is for suboptimal configurations that may prevent Windows Defender Antivirus from functioning properly.

How do you know thread is safe?

FreeBooter said:

This detection is for suboptimal configurations that may prevent Windows Defender Antivirus from functioning properly.

How do you know thread is safe?

Click to expand...

Ah OK? I guess I don't know for sure my PC is not infected. Malwarebytes never found anything. I disabled Malwarebytes to bench the new drive, rebooted once complete and from then on Defender has gone off the rails.

This tread detected by Windows Defender because of the tread use to disable functions of Windows Defender so MalwareBytes may not detect as a tread.

FreeBooter said:

This tread detected by Windows Defender because of the tread use to disable functions of Windows Defender so MalwareBytes may not detect as a tread.

Remove Win32/DefenderTamperingRestore Trojan [Virus Removal]

Win32/DefenderTamperingRestore is a heuristic detection designed to generically detect a Trojan Horse.

malwaretips.com

Click to expand...

Wow looks like a windows reinstall would be easier. I still think Defender is busted.

The clean-install is the one of the best way to make sure detected infections are gone forever.

FreeBooter said:

The clean-install is the one of the best way to make sure detected infections are gone forever.

Click to expand...

I was joking ha ha! I followed the instructions in the link you supplied and found nothing. I did some research and as I suspected Defender got out of wack when I disabled malwarebytes. All that was needed was to delete the scan history manually. Some how Defender was stuck looking at history as if it was real time so some expletive. See fix here Redirecting Must be done in safe mode how to here. Start your PC in safe mode in Windows - Microsoft Support

This is the recommended setup to have the best of both worlds if you decide to start over with Windows.

Unfortunately, you cannot register Malwarebytes with Security Center and still have Windows Defender active. This is because Microsoft does not allow Windows Defender to remain active if any other program is registered with Security Center as antivirus protection. To use Malwarebytes with Windows Defender still active you need to turn off the option in Malwarebytes for Malwarebytes to register in the Windows Security Center.





You actually can turn it on to get Defender as an additional layer of real-time protection and it shouldn't conflict with Malwarebytes (we have many customers running the software in this very combination). To do so, simply open Malwarebytes and click the small gear icon located in the upper right area of the main Malwarebytes UI, then select the Security tab, then scroll down until you find the Windows Security Center and disable the option just beneath it so that Malwarebytes does not register with the Windows Security Center/Action Center, then restart your system and Windows Defender should now be enabled alongside Malwarebytes. The only difference is that Windows Security Center/Defender will no longer display Malwarebytes as your active AV protection even though both programs are fully active. Malwarebytes will of course continue to monitor itself so if it is ever too out of date, any protection component is disabled or there is any other issue with the software, Malwarebytes itself will still notify you about it.

Porthos said:

This is the recommended setup to have the best of both worlds if you decide to start over with Windows.

Unfortunately, you cannot register Malwarebytes with Security Center and still have Windows Defender active. This is because Microsoft does not allow Windows Defender to remain active if any other program is registered with Security Center as antivirus protection. To use Malwarebytes with Windows Defender still active you need to turn off the option in Malwarebytes for Malwarebytes to register in the Windows Security Center.

View attachment 86389



You actually can turn it on to get Defender as an additional layer of real-time protection and it shouldn't conflict with Malwarebytes (we have many customers running the software in this very combination). To do so, simply open Malwarebytes and click the small gear icon located in the upper right area of the main Malwarebytes UI, then select the Security tab, then scroll down until you find the Windows Security Center and disable the option just beneath it so that Malwarebytes does not register with the Windows Security Center/Action Center, then restart your system and Windows Defender should now be enabled alongside Malwarebytes. The only difference is that Windows Security Center/Defender will no longer display Malwarebytes as your active AV protection even though both programs are fully active. Malwarebytes will of course continue to monitor itself so if it is ever too out of date, any protection component is disabled or there is any other issue with the software, Malwarebytes itself will still notify you about it.

Click to expand...

That is the default setting as far as I know and the way mine was set up. I really dislike Defender because it's so dumbed down. It also has way to may false positives. It flags many tools that are 100% clean and even having the wrong file name can cause a false positive. I almost swear that Defender will flag a file if its not in it's database. Example I have a older game that came on CD and the CD was required to play. The game developer later came out with a patch to allow the game to be played without the CD. Guess what Defender thinks its a virus.

I'm a hoarder and keep all kinds of old stuff around that defender thinks are infected. Example I have all versions of windows boot disks from DOS 6.22 through Win Me, Windows install disks from Windows 1.1 though Windows 3.11 for work groups. UBCD and UBCD for Windows, Bart PE etc. Depending on the day Defender flags at least one of them. The trouble now is Defender will not allow me to allow files without loosing its mind. I get a warning notification on every boot bitching about the file or files I have allowed. Since I have external backups of said files I had Defender attempt to remove the files which it does but since these files are in history and Defender still warns on every boot about files that do not exist! What a POS!

I'm going to reinstall Malwarebytes but since Defender warns when I disable Malwarebytes when doing hardware testing and then saves to Scan history which sets Defender up to bitch about it on every boot not sure what to do. Its way to much BS to boot to safe mode to delete can history every time. It used to be so easy. I could disable Malwarebytes, Defender would take over while I was testing. Once done turn Malwarebytes back on and I was good to go.

Other thoughts: I have been looking into security programs and it seems Malwarebytes is falling behind the curve, I'm willing to spend money but want low overhead and good protection which looks to greatly reduce the options. Not sure what people are using these days.