Jump to content

FOR PIETERC Permissions and Windows Defender


Go to solution Solved by Maurice Naggar,

Recommended Posts

  • Replies 108
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

@PieterC             Hi,      My name is Maurice. I will be helping and guiding you, going forward on this case. Let me know what first name you prefer to go by. Please follow my directi

Good afternoon.   I hope you are doing well. I have a new script here.    Please delete the prior file fixlist.txt   on the folder   FRST-tool Save as is  the new attached file fixlist.txt 

Also the results of the WMIC commands WMIC command results.txt

Posted Images

Now a run to get the MS update for September 2020    2020-09 Servicing Stack Update for Windows 10 Version 2004 for x64-based Systems (KB4577266)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2020/09/windows10.0-kb4577266-x64_126987f629769e860cd7985371754db91685ea16.msu

Download & save that fie to the Desktop.   save as is.   after it is all saved, close the browser window

Go to the desktop to the saved file.

Do a right-click on the MSU file   and select OPEN

and let it proceed forward.

Let me know after it has completed.

 

  • Thanks 1
Link to post
Share on other sites

Good afternoon.   I hope you are doing well.

I have a new script here.    Please delete the prior file fixlist.txt   on the folder   FRST-tool

Save as is  the new attached file fixlist.txt  to the  folder   FRST-tool

Close and save any open work before you start this next run.

Start the Windows File Explorer and then, to the  FRST-tool    folder.


RIGHT click on  FRSTENGLISH    and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run.
  to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
IF Windows prompts you about running this, select YES to allow it to proceed.

IF you get a block message from Windows about this tool......
click line More info information on that screen
and click button Run anyway on next screen.

on the FRST window:
Click the Fix button just once, and wait.

frst-fix.jpg.f6a25291b39a03d418acc9a3b7136900.jpg

 

PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick.
If you receive a message that a reboot is required, please make sure you allow it to restart normally.
The tool will complete its run after restart.
When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity  

 

In addition,  look on your Desktop  for these 4 files   & please also attach them.

exp01.txt    exp02.txt    exp03.txt    exp04.txt

fixlist.txt

  • Like 1
Link to post
Share on other sites

Hello.   First, thank you for your remarks.  My motto is to always persevere;  never give up.   😉

It is going to take a while before I can translate the fix-log-result from Dutch to English.

However, I can let you know that the Windows System File Checker app found no issue.   That the Windows DISM tool reported no deficiency.

I can tell you that the Windows Update service is present in the system registry  and that the WUAUSERV  is running.

You should be able to do one quick Check for Updates run  thru the Windows 10 Settings.    Let me know if you can do that  & its  new result.

I will get back with you a bit later about the Microsoft Windows Defender service.

  • Thanks 1
Link to post
Share on other sites

OK.  I am glad to know this.   This means there that the mechanics of Windows update work.

.

This next link listed below is to a registry file  that we need for you to SAVE as is to the Desktop

RIGHT click the link with your mouse-pointer and select SAVE ...as....     & guide the folder for saving to DESKTOP     ( do not double click / do not 'run' the file / nor open  )

https://download.bleepingcomputer.com/win-services/win-10/WinDefend.reg

 

Once it is saved, then we are needing to merge the files onto the system, as follows

With you mouse,  do a RIGHT-click on the file  windefend.reg     and select Merge

Let it do that  & insure it finishes ok. 

[   2     NEXT  ]

Do a Windows RESTART   and then wait for it to settle back in.

 

[  3     NEXT ]

Open an elevated command prompt window i.e. run Command Prompt as an administrator .
It is best to use the Windows Copy ( CTRL+ C )  and paste  ( CTRL+V )  for the whole line, as-is
To Get the elevated command prompt, press Windows-key + X key  and then selected Command prompt ( Admin )
On that command prompt,  Copy & Paste this command
 

WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic"

press Enter-key on keyboard   and watch & write down the result

 

Next    Copy   & Paste this command

WMIC SERVICE WHERE Name="windefend" CALL startservice

press Enter-key on keyboard   and watch & write down the result

  • Like 1
Link to post
Share on other sites

Perhaps later on you may try doing those steps while logged in with Administrator.

For now, lets run a different tool to do a different check.

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • Like 1
Link to post
Share on other sites

Good morning.   Thanks for the TDSSKILLER report.   Good to see it found no tagged item.

This next section is to attempt to do a "Windows 10 repair in place".

The very first things to do,  Do a Windows RESTART  so that the Widows is in a new session.

Plus, if the machine is a notebook or a laptop, be sure it is connected to regular power with a regular power cord.

You should create a Backup Image of your system before proceeding

Then read over the section below.   Then do it.   This will need a working internet connection.

.
You want to be sure to SAVE the download file, ideally to the Desktop.

Download & Save  the Microsoft tool -      click the button marked  "Update nu"   from 
https://www.microsoft.com/nl-nl/software-download/windows10

[  Note, this link is for Dutch language. }

 

The name of the file is Windows10Upgrade9252.exe
Right click the downloaded file and select "Run as administrator". Select the option 
( "Upgrade This PC Now" )  and the process begins.

Answer the questions logically, and when 
asked "what to keep", ensure that both the OS and Apps & Files are both selected.

The procedure requires about an hour to complete. Your PC will restart several times. And 
sometimes it appears to be doing nothing. Be patient.

When it is finished, your "sign in" 
screen will appear. Your PC will be just as it was before the procedure, but hopefully without the issue at hand.

 

NOTE:  If the monitor screen goes all dark,  do not panic.  You should be able to  go to the mouse or trackpad  & make moving circular motions  with the aim to get the display to refresh.

Sincerely.
 

  • Thanks 1
Link to post
Share on other sites

So I'm back.

Did all the steps.

Launched Windows10Upgrade9252.exe as administrator.

Got immediate answer screen thanking me for having upgraded to newest version.

Obviously nothing happened. Curiouser and curiouser...

Link to post
Share on other sites

Correction: something happened:

After reboot, I was now able to access, on the screen "Virus and security" the Defender page for upgrading virus definitions.

I have tried that and got the message that the service had now been stopped. (no update)

After that the situation was back to before the latest steps. 

Small change perhaps, but I can  not estimate its importance and that's why I bother you with it.

Link to post
Share on other sites

I had expected the exe-tool to actually do some work  & go thru and actually do some updates.

But I surmise it did not do much since it found that the system was already on Version 2004 of Windows 10.

.

You can try a different method.   This will need to use a USB-flash-thumb drive of at least 8 GB

You may do a Windows 10 "repair install" by following a guide article at Tenforums.
The title is "How to Do a Repair Install of Windows 10 with an In-place Upgrade"
https://www.tenforums.com/tutorials/16397-repair-install-windows-10-place-upgrade.html

 

Study that article first.  Get familiar with it.
Read the top of the article.  & also study all of step 6

You will need a USB-thumb-flash drive.   Where you will use the Microsoft Media Creation tool.
( which will be where the Windows 10 setup media will be saved ).
You will do the download from Microsoft.

You will do  step 6: To do a repair install of Windows 10 with Media Creation Tool.

Essentially this repair is intended to be done in-place over the current Windows install.
You want to select "Upgrade this pc"
You want to "keep personal files and apps"
( all of this is shown and described in the article )

  • Like 1
Link to post
Share on other sites

Good morning,

 

It appears not to be a slow server, but a refusal to download further than a few files.

Download percentages halts on 0%.

Looking at the download subdirectory C:\$WINDOWS.~BT, I find in the Panther subdirectory this setupact.log that may be of use to you.

Problem with "Footprint"?

setupact.log

Link to post
Share on other sites

Hello PieterC.

Regret to read this last bit of news.  I had hoped that the run would succeed.   Alas, no such luck.

There is one other way to attempt to get the registry modified by only just double-clicking on a REG file.   I had 2 of them  that I suggest we try.

Take your time as you do this.    You should already have windefend.reg  on the Desktop.

I need for you to get another file.

RIGHT click the link with your mouse-pointer and select SAVE ...as....     & guide the folder for saving to DESKTOP     ( do not double click / do not 'run' the file / nor open  )

https://www.winhelponline.com/fileasso/reg_fix_w10.zip

 

That is a ZIP file.    Unzip the file and extract the .REG file to Desktop.

Double-click the REG file  with the goal being to get it merged.

 

Alternately, you can open the Registry Editor   ( Regedit.exe  )   and then using the Import option from the File menu, to merge the REG file contents.

 

Next, go to where you had saved windefend.reg

With you mouse,  double-click on the file  windefend.reg     and  allow it to proceed if prompted

Let it do that  & insure it finishes ok. 

[   3     NEXT  ]

Do a Windows RESTART   and then wait for it to settle back in.

 

[  4     NEXT ]

Open an elevated command prompt window i.e. run Command Prompt as an administrator .
It is best to use the Windows Copy ( CTRL+ C )  and paste  ( CTRL+V )  for the whole line, as-is
To Get the elevated command prompt, press Windows-key + X key  and then selected Command prompt ( Admin )
On that command prompt,  Copy & Paste this command
 

WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic"

press Enter-key on keyboard   and watch & write down the result

 

Next    Copy   & Paste this command

WMIC SERVICE WHERE Name="windefend" CALL startservice

press Enter-key on keyboard   and watch & write down the result

  • Thanks 1
Link to post
Share on other sites

So, at least the reg_fix_w10 merge succeeded.   It still remains a mystery why the failure or perhaps access fail just to add the one entry for the Windefend.   I would note that that was not a install.  But simply an attempt to merge to the registry.

Lets see about getting a different report, please.There is a report tool named OTL , Oldtimer's ListIt

⦁    Please download OTL from this this link
⦁    Save it to your desktop. 

Now use File Explore to the Desktop
⦁    Double click on the   OTL   icon on your desktop. 
⦁    Reply YES when prompted by Windows whether to allow it to Run 
⦁    Click the "Scan All Users" checkbox. 
⦁    Push the  "Run Scan"     button. 
⦁    Please have Lots of Patience as this report my well take several minutes.  Let it run. 
⦁    Two reports will open, please Attach the 2 files with your Reply: 
⦁    OTL.txt <-- Will be opened 
⦁    Extra.txt <-- Will be minimized 

  
 

  • Like 1
Link to post
Share on other sites

Merge indeed, not install: my bad choice of words. We mean the same.

I took a look in the WinDefend.reg and saw that it looked for a registrykey: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDefend]

Then I looked via regedit.exe in the registry and found that this key does not exist. Just a remark.

 

The OTL produced the files you mentioned and they are attached.

Extras.Txt OTL.Txt

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.