Bluebomber4evr

And here's the log. Thanks again! kprm-20240301155016.txt

Okay, updated a couple of apps (IrfanView and Winamp), Windows update and a security update for Windows Defender, which it successfully downloaded and installed. It looks like everything is working again. I think this may have been a bad Windows Insider update, but I'm thankful you were willing to go through these logs just make sure. Once again, thank you SO much! :)

Okay, all done. Here's the log: mbst-grab-results.zip

Notifications have been turned off in Chrome. Here is the log: Fixlog.txt

Ah okay, I went ahead and did that, then, using the Quad9 Public DNS Also, I just learned that the reason system restore was turned off was because the windows update I ran earlier was an upgrade.

Yes, I saw that system restore was turned off. That is a little disturbing, because I never turned it off. I have re-enabled it and created a new restore point. As for the DNS servers, unfortunately AT&T, the maker of my router, does not allow those settings to be changed: https://forums.att.com/conversations/att-fiber-equipment/dns-settings-on-bgw320505/5f57cb2d35f40c3919f414d4 The new MBST logs are attached mbst-grab-results.zip

So I had a Windows Update scheduled to run later today, so I went ahead and ran it after restarting. Upon logging in, Windows Defender was completely restored and enabled, but it immediately flagged the securitycheck program as Trojan:Win32/Znyonm and removed it. I went ahead and did scans with the Farbar tools, though: FSS.txt FRST.txt Addition.txt

Well after about a 20-hour scan, it found no viruses, malware, etc. msert.log

Okay, reinstalled MBAM and ran a scan. It did not find anything. Below are the results of the MBST/FRST: mbst-grab-results.zip

Hi, a few weeks ago I was having some trouble with MBAM and Win Defender working together: This was resolved and things seemed to be fine, until today. Now Windows Defender keeps getting shut off and can't update. I get the error 800106ba when I try to update Windows Defender. I have not reinstalled MBAM yet. Please help!

Done! kprm-20240216172635.txt

Done. Here's the log: SecurityCheck.txt

I ran it, but it looks like it couldn't delete everything. I'm attaching a photo (sorry for the huge size, I took it with my phone). That being said, it seems to be working fine. I will look into enabling Secure Boot on my own (now that I think about it, it's never shown up in Windows, just the BIOS, so it's not a new problem).

I tried that, but that didn't change anything, unfortunately. I've been looking into it and it's apparently a common issue that is both confusing and complicated: https://answers.microsoft.com/en-us/windows/forum/all/secure-boot-enabled-in-bios-but-not-windows-11/e092b33d-4211-4c51-beaa-f6927e37871e https://www.reddit.com/r/gigabyte/comments/v4t5an/secure_boot_enabled_but_not_active/ Given that, I won't take up your time with it, as it involves things specific to my motherboard model. I'll try to see if any friends who work in IT are free to come over and work on my machine in-person. I will try the the history clean up, though.

There is one thing that is worrying me. I have secure boot enabled in my BIOS, but it does not show up on the device security page (see screenshot below). Is it because I don't have it set up properly? Or do I possibly have rootkit?

I ran a full Windows Defender Scan overnight and it found this threat. I removed it:

I'm able to scan for Windows Updates, but there weren't any new ones to download or install. I did install a few earlier this afternoon without issue, though. Windows Defender is still working and not detecting any threats. I've attached a screenshot of the DISM

Here's the log: Fixlog.txt

I don't understand what happened. Should I run a full Windows Defender Scan?

Here they are: Addition.txt FRST.txt

Here you go: FSS.txt

Yes it works great! No more issues with Windows Defender! I'll look into fixing the DISM issue. Not sure why it's not using Windows Update

Okay, fix is done. Here's the log: Fixlog.txt

So I'm trying to look into this and I'm having some issues. The first option on elevenforum's instructions looks like the easiest, hassle-free option, but it requires being in the Windows Insider program. Their instructions say that the beta channel has the "fix problems using Windows Update" feature, and since the beta channel is stable (I'm not willing to use the Canary channel or Dev channel because I'm not going to risk stability issues), I signed up for the Windows Insider Beta Channel, but it did not make "fix problems using Windows Update" available upon install/restart. So elevenforum's instructions are out of date. Downloading an ISO, the second option, apparently only works for the same version/build or better, but now that I am in the Beta channel, I don't have the same build as the ISOs available, and leaving the Windows Insider program does a wipe of all your data, and I'm not willing to do that. So I'm in a bit of a bind here. That being said, the logs that I posted last night (and the WD errors listed on them)were made before Windows Defender repaired itself. Windows Defender now says that no actions are needed and I ran a scan within the last hour and it did not detect any threats. The tampering restore entries are no longer listed in the history. I've attached new FarBar scans that I just ran. There are no error entries for Defender past the ones that were generated last night before it was repaired. My priorities right now are mainly to make sure my system is safe and secure. Ideally I'd like to run MBAM and Windows Defender side-by-side, but if that's not possible at the moment, I can live with Windows Defender alone until such time as both can run together without conflicts. So, based on these newest logs, do I still need to repair? And what are my options now to do that? Is there a more granular approach to fix the specific broken services that does not involve data loss? FSS.txt FRST.txt Addition.txt

Also, it appears as if Windows Defender was able to correct this issue on its own without any input from me since removing MBAM