Bluebomber4evr
-
Posts
36 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Bluebomber4evr
-
-
Okay, updated a couple of apps (IrfanView and Winamp), Windows update and a security update for Windows Defender, which it successfully downloaded and installed.
It looks like everything is working again. I think this may have been a bad Windows Insider update, but I'm thankful you were willing to go through these logs just make sure.
Once again, thank you SO much! :)
-
Okay, all done. Here's the log:
-
-
47 minutes ago, AdvancedSetup said:
The Changes to DNS are within Windows - not your router. If you point it to another DNS then your system should honor those settings
Ah okay, I went ahead and did that, then, using the Quad9 Public DNS
Also, I just learned that the reason system restore was turned off was because the windows update I ran earlier was an upgrade.
-
Yes, I saw that system restore was turned off. That is a little disturbing, because I never turned it off. I have re-enabled it and created a new restore point.
As for the DNS servers, unfortunately AT&T, the maker of my router, does not allow those settings to be changed: https://forums.att.com/conversations/att-fiber-equipment/dns-settings-on-bgw320505/5f57cb2d35f40c3919f414d4
The new MBST logs are attached
-
So I had a Windows Update scheduled to run later today, so I went ahead and ran it after restarting.
Upon logging in, Windows Defender was completely restored and enabled, but it immediately flagged the securitycheck program as Trojan:Win32/Znyonm and removed it.
I went ahead and did scans with the Farbar tools, though:
-
Well after about a 20-hour scan, it found no viruses, malware, etc.
-
Okay, reinstalled MBAM and ran a scan. It did not find anything.
Below are the results of the MBST/FRST:
-
Hi, a few weeks ago I was having some trouble with MBAM and Win Defender working together:
This was resolved and things seemed to be fine, until today. Now Windows Defender keeps getting shut off and can't update. I get the error 800106ba when I try to update Windows Defender. I have not reinstalled MBAM yet. Please help!
-
-
Done. Here's the log:
-
I ran it, but it looks like it couldn't delete everything. I'm attaching a photo (sorry for the huge size, I took it with my phone).
That being said, it seems to be working fine.
I will look into enabling Secure Boot on my own (now that I think about it, it's never shown up in Windows, just the BIOS, so it's not a new problem).
-
4 minutes ago, AdvancedSetup said:
Click on thee Core isolation details link
Then come back and see if it now shows or not
I tried that, but that didn't change anything, unfortunately. I've been looking into it and it's apparently a common issue that is both confusing and complicated:
https://www.reddit.com/r/gigabyte/comments/v4t5an/secure_boot_enabled_but_not_active/
Given that, I won't take up your time with it, as it involves things specific to my motherboard model. I'll try to see if any friends who work in IT are free to come over and work on my machine in-person.
I will try the the history clean up, though.
-
There is one thing that is worrying me.
I have secure boot enabled in my BIOS, but it does not show up on the device security page (see screenshot below).
Is it because I don't have it set up properly? Or do I possibly have rootkit?
-
I ran a full Windows Defender Scan overnight and it found this threat. I removed it:
-
I'm able to scan for Windows Updates, but there weren't any new ones to download or install. I did install a few earlier this afternoon without issue, though.
Windows Defender is still working and not detecting any threats.
I've attached a screenshot of the DISM
-
-
I don't understand what happened. Should I run a full Windows Defender Scan?
-
-
-
Yes it works great! No more issues with Windows Defender!
I'll look into fixing the DISM issue. Not sure why it's not using Windows Update
-
Okay, fix is done. Here's the log:
-
So I'm trying to look into this and I'm having some issues.
The first option on elevenforum's instructions looks like the easiest, hassle-free option, but it requires being in the Windows Insider program. Their instructions say that the beta channel has the "fix problems using Windows Update" feature, and since the beta channel is stable (I'm not willing to use the Canary channel or Dev channel because I'm not going to risk stability issues), I signed up for the Windows Insider Beta Channel, but it did not make "fix problems using Windows Update" available upon install/restart. So elevenforum's instructions are out of date.
Downloading an ISO, the second option, apparently only works for the same version/build or better, but now that I am in the Beta channel, I don't have the same build as the ISOs available, and leaving the Windows Insider program does a wipe of all your data, and I'm not willing to do that.
So I'm in a bit of a bind here.
That being said, the logs that I posted last night (and the WD errors listed on them)were made before Windows Defender repaired itself. Windows Defender now says that no actions are needed and I ran a scan within the last hour and it did not detect any threats. The tampering restore entries are no longer listed in the history. I've attached new FarBar scans that I just ran. There are no error entries for Defender past the ones that were generated last night before it was repaired.
My priorities right now are mainly to make sure my system is safe and secure. Ideally I'd like to run MBAM and Windows Defender side-by-side, but if that's not possible at the moment, I can live with Windows Defender alone until such time as both can run together without conflicts.
So, based on these newest logs, do I still need to repair? And what are my options now to do that? Is there a more granular approach to fix the specific broken services that does not involve data loss?
-
Also, it appears as if Windows Defender was able to correct this issue on its own without any input from me since removing MBAM
Windows Defender unable to update, gets turned off, no other antivirus
in Resolved Malware Removal Logs
Posted
And here's the log. Thanks again!
kprm-20240301155016.txt