ALL browser downloads report as viruses

Mine is nothing more than an export of the Win 7 registry settings for the Defender service.

Not sure of the source of that link you gave, but it doesn't match with mine.
 
Last edited:
Bubbajoe said:
Mine is nothing more than an export of the Win 7 registry settings for the Defender service.

Not sure of the source of that link you gave, but it doesn't match with mine.
Click to expand...

Ok, but this is a vista machine and I'm not sure if the reg info is the same, I know most of it would be but things change in the registry from Win to Win versions.
 
If you aren't going to let me connect and play would you post a reg dump of the following locations for me:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
HKEY_CURRENT_USER\Environment
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

Don't let what im asking for get you tied up, I could be completely off base.

edit: whats with the weird spaces that keep getting added
 
Last edited:
I know you said you ran the AV uninstallers but, I had this same problem last week and fixed it by running Avast and Norton's uninstallers. I ran them one after the other so I'm not sure which one did the trick. Might be worth another shot.
 
YOCS said:
I know you said you ran the AV uninstallers but, I had this same problem last week and fixed it by running Avast and Norton's uninstallers. I ran them one after the other so I'm not sure which one did the trick. Might be worth another shot.
Click to expand...

Run them twice ? Well, I suppose it can't hurt but I don't see anything remaining in files, folders or registry so I don't think this is the issue. I am waiting to close so I can poke around WMI and do some deeper poking around.
 
Actually now that I think of it. I might have thrown tweaking.com s all in one Windows repair right after the AV uninstalls.
 
Jimbo, you might want to check Windows Defender's program dir - seems a very similar if not exact problem you are having was for the most part solved on my forums here, where he says the defender program dir had it's files / subdirs replaced with shortcuts and symbolic links to system32\config.

Seems replacing the dir with known good files/subs from a working system fixed it for him. Note it's better to rename the existing dir first instead of an outright delete attempt (since it's pointing to system32\config!) until you destroy the symlinks, which you can use the NTFS Junctions in d7 for (tweaks > all versions)
 
Last edited:
Ok....might be a little off the wall.....

But did/could you try a registry cleaner such as the one with Ccleaner?

I've found this to be a relatively safe one to use.

I'm not advocating the use of registry cleaners, just an option.

Make a backup of the registry first and you can always restore back to what you had if it doesn't help.

Keep a log of what is "fixed", so you can review it later and see what the culprit may have been.

MAKE SURE TO BACKUP THE REGISTRY FIRST, as we all know what registry cleaners are capable of not fixing.

Might find/fix something you are overlooking.
 
FoolishTech said:
Jimbo, you might want to check Windows Defender's program dir - seems a very similar if not exact problem you are having was for the most part solved on my forums here, where he says the defender program dir had it's files / subdirs replaced with shortcuts and symbolic links to system32\config.

Seems replacing the dir with known good files/subs from a working system fixed it for him. Note it's better to rename the existing dir first instead of an outright delete attempt (since it's pointing to system32\config!) until you destroy the symlinks, which you can use the NTFS Junctions in d7 for (tweaks > all versions)
Click to expand...

It's funny, yesterday I went in there and I think all the icons looked ok but I tried to go into the en_us folder and got a permission denied. I decided to leave it until today so I will go in later and see if that's the issue. Last night when I got home I remember the "en_us" thing and was able to go into it on two machines. This really looks like the issue, but I wont be in until later.
 
HFultzjr said:
Ok....might be a little off the wall.....

But did/could you try a registry cleaner such as the one with Ccleaner?
Click to expand...

Yes, Ccleaner is one of the first things I use after getting the machine under control. I kill anything wacky in the "startup" section of "Tools" as well as all the tabs under "startup" and then I clean the registry. I use D7 to do the major cleanup of temp related files and folders but then ALSO use the Ccleaner version after as it seems to get some things that D7 Doesn't.
 
NYJimbo said:
It's funny, yesterday I went in there and I think all the icons looked ok but I tried to go into the en_us folder and got a permission denied. I decided to leave it until today so I will go in later and see if that's the issue. Last night when I got home I remember the "en_us" thing and was able to go into it on two machines. This really looks like the issue, but I wont be in until later.
Click to expand...

interesting, let us know, give us details.

Edit: Hey you did try setting that scan file registry entry to 3 right? I only ask cause i was wondering if it still does the defender scan on top of the AV scan when that setting is enabled.
 
Last edited:
Ok, mine is a bit different I see all the normal files in the windows defender folder but I cannot access "en_us".

I renamed the bad "windows defender" folder and copied the whole structure off from another machine to this one, rebooted and its working now. I then went to control panel and clicked on Windows Defender and told it to update to make sure it was ok and it did and looks fine. I can now download as normal.

So for some reason only part of the defender folders structure got affected. I see from foolishtech's forum the other person had problems during SFC/scannow. I did not. So either this is some earlier variant OR it could not do all the damage it wanted to for some reason, but its very close to the same.

It looks like I will have to keep a copy of "c:\program files\windows defender" handy in case this happens again. Note that I was able to take the structure from a Vista Basic machine and put it on a Vista Home Premium just in case any of you are stuck with the same problem.
 
You must log in or register to reply here.

Similar threads

frase
Acer Swift 3 SF314-41 Charging Issue
Replies
14
Views
779
NviGate Systems
NviGate Systems
Billed1954
HP Pavilion All-in-One - 24-k0024 BIOS and CMOS Issues
Replies
8
Views
900
Billed1954
Billed1954
thecomputerguy
Client email all the sudden swarmed with spam (O365)
Replies
8
Views
872
Sky-Knight
Sky-Knight
britechguy
Anyone ever have a touchpad "spontaneously die" only for pointer movement, and when not in use?
Replies
14
Views
827
Philippe
Philippe
britechguy
Outlook 365 - What's all this?!
2
Replies
34
Views
3K
britechguy
britechguy
Back
Top