Windows 10: Windows defender is not Identifying Malware

Discus and support Windows defender is not Identifying Malware in AntiVirus, Firewalls and System Security to solve the problem; Hello there, I ran an online scan today using one recognized AV provider and found 6 trojans/malwares in my machine where some of them were not able... Discussion in 'AntiVirus, Firewalls and System Security' started by pixelbotz, Dec 15, 2020.

  1. pixelbotz Win User

    Windows defender is not Identifying Malware


    Hello there,


    I ran an online scan today using one recognized AV provider and found 6 trojans/malwares in my machine where some of them were not able to detect by Defender.


    The windows 10 is up-to-date with latest updates. Build 1909. I have enabled UAC and protected folder access.


    Just looking for help in these areas.


    1. In protected folder access, will specifying a drive letter i.e C: or D: protect the entire drive from malicious program access or do I have to specify folder path as well ?


    2. C:\Users\Username\Appdata\local\packages\ > This folder contains several folders with long names most of them starting with Windows and Microsoft. One of the infected files were inside these folders called <microsoft.windowscommunicationsapps_8wekyb3d8bbwe>. The file was a paypal scam PDF. I ran a manual Defender scan on the folder but it was not detected by it but the online scanner detected same as PDF/Phishing.A.Gen trojan.


    Inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe> folder there were other folders and the infected file was inside <microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Localstate\Files\S0\4\Attachments\.


    Similar path exist for other users too on the same machine. And all the files seems to be related to email attachments but in duplicate form with incremental number at the end of the filename;


    Q1: Is the folders and files inside \\packages folder is required by the system or can they be deleted ?

    Q2: If I have marked email attachments as spam using my mobile email app, how it has been delivered to my local machine's attachments folder ? In this case, I suspect the above path relates to email attachments, namely Windows 10 Mail app.


    Thank you in advance.


    Pixel

    :)
     
    pixelbotz, Dec 15, 2020
    #1

  2. Windows Defender has identified a severe malware program on my computer, but can't remove it.

    Computer using Windows 10. Malware identified by windows defender: "Trojan:Win32/dynamer!ac"

    Container File D:\preload\install.Wim

    File D:\preload\install.Wim->(image 12803)\program files (x86)\HPGames\FATE the Cursed King\Fate-WT.exe(EXEEmb)->(EXEEmb)

    File: D:\preload\install.Wim->(image24793)\SWSetup\HPGames

    There are several more lines of program installation for this malware, but I think the above should be enough to identify the malware on my computer. I have run Windows Defender Quick Scan, Full Scan and Offline Scan and Windows Defender has identified the
    malware shown above, but hasn't been able to remove it.

    I have downloaded and run Malwarebytes Anti-Malware free trial edition and HitmanPro free trial edition and neither program identified any malware on my system.

    Suggestions?

    fu
     
    Misi68&amp;76, Dec 15, 2020
    #2
  3. Windows Defender Fails Malware Test

    Naw... I'll just stick by Windows Server 2003 SP #1 fully hotfix patched (& current on that note), for now @ least, & doing what I do, to get THIS kind of security analysis score:


    Windows defender is not Identifying Malware APKBelarcAdvisor5of10ScoreBETTERThan417Before.jpg


    I never suck in virus' either! The 2 the times I thought I did, the past 15 years now? They were my own fault (running 2 antivirus once, & another I don't know WHAT caused it, or I can't recall specifics anymore) in "false positives"!

    Ever since I started implementing a BOAT LOAD of things ANYONE can do, if they take 45 min. - 1 hr. running, or doing:

    • BELARC advisor
    • Using some security & speed oriented .reg file hacks
    • gpedit.msc (altering various policies for better security)
    • secpol.msc (hardening default security policies)
    • lusrmgr.msc (hardening default userrights)
    • regedit.exe (registry hive ACL rights)
    • explorer.exe (NTFS rights)
    • Turning off java/javascript & ActiveX/ActiveScripting in browsers
    • Using Tcp/IP ports filtrating (easy to do in IP properties)
    • Turning off Services I do NOT use that may have holes
    • AntiVirus (AntiVir, NOD32, AVG, or Norton Corporate 10.2 edition (my favs @ least - I keep 1 resident, & one other as a 2nd opinion))
    • AntiSpyware program (I like AdAware & SpyBot + use both, 2nd opinion stuff again)
    • SEVERAL AntiRootkit programs (GMER, AVG, BitDefender, BlackLight, Rootkit Buster, Rootkit Revealer, AntiRootKit, Rootkit Hook Analyzer, Sophos - all many doctors opinions from what I feel IS the biggest threat out there now, rootkits)
    • + using a hardware NAT firewall in combination w/ a software firewall (ZoneAlarm used to be good, & the native Windows firewall isn't bad, except for noting outgoing packets)
    • Keeping up on Microsoft security patches to the OS & programs from them I use
    • Being SMART about not opening email attachments & also using TEXT or RTF as my email reading format too
    • After trimming services I do NOT use (& even the ones I don't as well, set disabled or not), I secure them ALL, per this thread:
    Securing Windows 2000/XP/Server 2003 services HOW TO

    • Using adbanner blocking HOSTS files (adbanners have been found to hold malicious code more than a few times the past 4-5 years now mind you)
    *HARD TO BELIEVE ON THAT NOTE OF ADBANNERS HOUSING MALWARES IN SCRIPT & MORE?

    CHECK THIS, DATED TODAY 02/21/2007:

    Microsoft apologises for serving malware

    APC's Christmas issue is on sale now! | TechRadar

    *Smile Windows defender is not Identifying Malware :)

    * YOU DO ALL OF THAT? Yes, You CAN be safe online & use Windows, just takes a bit of work... 1 hr. implementing it all, & maybe another 1/2 hr. testing it (like when you secure services - I did a BIG list, but not every possible service under the sun, because I have not run them ALL!)

    MS ships their Operating Systems 'generic' enough to run on anything FULL FUNCTION, right outta the box... this can be its 'problem' too!

    APK

    P.S.=> Funny thing is though, I don't think we'll EVER be "110% solid secure" unless we go OFFLINE... @ least not for another 5 yrs. or so & then I think we'll be REALLY close @ least!

    Microsoft's taking the RIGHT steps, in the RIGHT direction in their apps & OS, & so are other vendors too... this is a GREAT trend!

    Heck - funny thing is? Snort turned up a security hole the other day... a program you CAN use to defend yourself... mistakes & oversights get made is all, still now even.

    Today? It's the "Wild West" still, not as bad as it used to be in the earlier days/decades, but still 'risky' to an extent... still in the Stone Age guys, you'll miss these days, when they are gone... apk
     
    Alec§taar, Dec 15, 2020
    #3
  4. Windows defender is not Identifying Malware

    Windows Defender notification of malware detection

    Hello,

    Thank you for keeping us posted and we appreciate your continued patience on this issue.

    At this point, I suggest you to update the Windows Defender program and check if it helps.

    To check for new Windows Defender definitions manually:

    • Open Windows Defender.
    • Click the arrow next to the Help button, and then click Check for updates. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

    Also, check if the detection is of the same malware file or not. Again, see if it is any specific program or a file you try to access which triggers the detection.

    Additionally, view the log in Event Viewer to check if the malware is removed every time it is prompted.

    To open the Event Viewer. To do so, follow the below steps.
    • Go to the Control Panel and choose to click on the
      Administrative Tools icon.
    • The above action will open up a new window of the Administrative Tools where you will see the
      Event Viewer.
    You can view Windows Defender "Operational" events in Event Viewer under Applications and Services Logs -> Microsoft -> Windows -> Windows Defender.

    Kindly keep us posted, for us to be able to assist you further.

    Thank you.
     
    Sayan_Ghosh, Dec 15, 2020
    #4
Thema:

Windows defender is not Identifying Malware

Loading...
  1. Windows defender is not Identifying Malware - Similar Threads - defender Identifying Malware

  2. Malware over windows defender

    in Windows 10 Software and Apps
    Malware over windows defender: A malware has added itself in windows defender exclusions folder... Can't remove it from there...And I'm not able to install any other Antivirus,It says "program blocked by administrator - contact your administrator"I can't even open "Program data" Folder.. It closes...
  3. Malware over windows defender

    in AntiVirus, Firewalls and System Security
    Malware over windows defender: A malware has added itself in windows defender exclusions folder... Can't remove it from there...And I'm not able to install any other Antivirus,It says "program blocked by administrator - contact your administrator"I can't even open "Program data" Folder.. It closes...
  4. Windows Defender deleted by malware

    in Windows 10 Gaming
    Windows Defender deleted by malware: Few days ago, I tried installing a video game from the internet, after the installation my PC began to over heat, I received various pop up on the screen.. I went to my windows Defender but the error message was that my defenders was not found, I had to reinstall a new...
  5. Windows Defender deleted by malware

    in Windows 10 Software and Apps
    Windows Defender deleted by malware: Few days ago, I tried installing a video game from the internet, after the installation my PC began to over heat, I received various pop up on the screen.. I went to my windows Defender but the error message was that my defenders was not found, I had to reinstall a new...
  6. Cisco Firesight IDS signatures identified as Malware when scanned by Windows Defender

    in AntiVirus, Firewalls and System Security
    Cisco Firesight IDS signatures identified as Malware when scanned by Windows Defender: My organizations policy is to virus scan files prior to placing them into our labs. Cisco Firesight IDS signatures are being identified/quarantined by windows defender as malware when scanned. Emails with Cisco support indicates that the issue is a false positive. We are...
  7. Windows Defender Malware Detection

    in AntiVirus, Firewalls and System Security
    Windows Defender Malware Detection: I get a notice into about half way through a quick scan that preliminary results show malware or unwanted programs may be on your computer. Results will be shown in Details after scan completes. I get this now on every scan I do including full scan. At completion there is...
  8. Malware removes Windows Defender

    in AntiVirus, Firewalls and System Security
    Malware removes Windows Defender: Hi! About two weeks ago I've got a virus, which not only wasn't found or blocked by Windows Defender but it has completely deleted Defender from system! I've used Malwarebytes to delete malware and then I used system restore to have Defender back. But two days ago the same...
  9. Windows Defender Misses Malware

    in AntiVirus, Firewalls and System Security
    Windows Defender Misses Malware: I'm writing to you about an anti-virus that missed 79 threats. Sad. =( I would like to receive a report... Malwarebytes www.malwarebytes.com -Данные журнала- Дата проверки: 28.01.2019 Время проверки: 23:31 Файл журнала: 2361c266-2344-11e9-b13b-00ff12859955.json...
  10. Windows Defender claims malware

    in AntiVirus, Firewalls and System Security
    Windows Defender claims malware: Just by starting up I.E., Windows defender claims that it is taking action to clean delete malware. I have ran WD, Malwarebytes etc with no problems. Antisuperspyware claims "Trojan agent/gen-downloader" and adware.dealply/variant claims they were removed. Subsequent runs no...