Jump to content

Windows Defender blocking Malwarebytes and Support tool download / install


Recommended Posts

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

This is intended to attempt to turnj off some MS Defender related things.

The custom script on this post is ONLY for this machine and NO other.   

Delete the old Fixlist.txt  on Downloads  that is there from before.

 

Then, Please Close / Exit any open work files   ( if you have any ongoing at this point).   Save any work.  Exit out of other open apps that you yourself started at this session.

This procedure will involve a Restart at the end of the run.

Save this scrpt file named FIXLIST.txt  to  Downloads folder.

Fixlist.txt

 

Using File Explorer, go to   Downloads folder

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. 
  • If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

Click on FIX button.

frst-fix.jpg.f6a25291b39a03d418acc9a3b7136900.jpg

 

 You will see a green progress bar start. 

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

 

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

 

Please attach the FIXLOG.txt with your next reply later, at your next opportunity.

.

Link to post
Share on other sites

Looking over the Defender's "detection & removal" history, it seems Defender had been tagging & removing various components of Malwarebytes since the 18th of June.  Those are all utterly false positives.

I need to re-check to see if any Microsoft Defender service is still running.   ( for other possible readers, this pc has the Norton antivirus as resident A-V ).

This run should be a very quick one.

.

The custom script on this post is ONLY for this machine and NO other.   

Delete the old Fixlist.txt  on Downloads  that is there from before.

 

Then, Please Close / Exit any open work files   ( if you have any ongoing at this point).   Save any work.  Exit out of other open apps that you yourself started at this session.

This procedure will involve a Restart at the end of the run.

Save this scrpt file named FIXLIST.txt  to  Downloads folder.

Fixlist.txt

 

Using File Explorer, go to   Downloads folder

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. 
  • If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

Click on FIX button.

frst-fix.jpg.f6a25291b39a03d418acc9a3b7136900.jpg

 

 You will see a green progress bar start. 

If you receive a message that a reboot is required, please make sure you allow it to restart normally.

 

The tool will complete its run after restart.

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

 

Please attach the FIXLOG.txt with your next reply later, at your next opportunity.

Link to post
Share on other sites

Thank you.   There are 2 services that we need to re-focus on.

Sense              Windows Defender Advanced Threat Protection

WinDefend          Microsoft Defender Antivirus Service

 

Press and hold the Windows-flag-key on keyboard and tap the *R* key to get the RUN menu option.

type in

services.msc

and press Enter key. 

Scroll down the list. Look for "Microsoft Defender Antivirus Service"

Click that line once so that it is selected.   Change the "Startup type" to DISABLED.

 

Now, look for "Windows Defender Advanced Threat Protection"

Click that line once so that it is selected.   Change the "Startup type" to DISABLED.

Link to post
Share on other sites

Obviously, there are still remains of the older configuration of MS Defender plus its Advanced Threat protection   ( ATP ) whose service name is SENSE.

Remember also, as I noted before, Defender & its protection features has a serious False Positive that is squashing Malwarebytes program, and even Malwarebytes installer.

The custom script on this post is ONLY for this machine and NO other.   

Delete the old Fixlist.txt  on Downloads  that is there from before.

 

Then, Please Close / Exit any open work files   ( if you have any ongoing at this point).   Save any work.  Exit out of other open apps that you yourself started at this session.

This procedure will involve a Restart at the end of the run.

Save this scrpt file named FIXLIST.txt  to  Downloads folder.

Fixlist.txt

 

Using File Explorer, go to   Downloads folder

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. 
  • If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

Click on FIX button.

frst-fix.jpg.f6a25291b39a03d418acc9a3b7136900.jpg

 

 

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity.

Link to post
Share on other sites

Thanks.   Just once more.

The custom script on this post is ONLY for this machine and NO other.   

Delete the old Fixlist.txt  on Downloads  that is there from before.

 

Then, Please Close / Exit any open work files   ( if you have any ongoing at this point).   Save any work.  Exit out of other open apps that you yourself started at this session.

This procedure will involve a Restart at the end of the run.

Save this scrpt file named FIXLIST.txt  to  Downloads folder.

Fixlist.txt

 

Using File Explorer, go to   Downloads folder

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. 
  • If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

Click on FIX button.

 

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity.

Link to post
Share on other sites

Thanks.  The MS Defender & Sense ( ATP)  services are proving to be real tough to stop.  Alas, we need to re-visit the status of the installation of  Norton Security software.

When one installs Norton Security it is supposed to turn Off the MS Defender.

I would urge you to Uninstall Norton Security & then Re-install  Norton Security as a new install.   Then look to see what the system reports as the resident A-V.

Link to post
Share on other sites

Thanks.   Let's take a few moments.  This system runs on Windows 10 PRO which has Group Policy edditor.

I would like you to do a couple of lookups.

open 

gpedit.msc

navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender

Do you see it enabled or disabled ?

then go back up, in the Windows Components.  Do you see Advanced Threat Protection ?

Link to post
Share on other sites

This next set will involve some special steps.   So go real careful here.   We need to do the actual fix-attempt part while in Safe mode of Windows.

Please just only read this all the way down ...before you begin.   You may want to copy and Save these directions into a NOTEPAD file for later reference.

The custom script on this post is ONLY for this machine and NO other.   

Delete the old Fixlist.txt  on Downloads  that is there from before.

 

Then, Please Close / Exit any open work files   ( if you have any ongoing at this point).   Save any work.  Exit out of other open apps that you yourself started at this session.

This procedure will involve a Restart at the end of the run.

Save this scrpt file named FIXLIST.txt  to  Downloads folder.

Fixlist.txt

 

[   2   ]   NOW we need to Restart Windows into SAFE MODE  ( just SAFE mode)  . See this guide at Tenforums

https://www.tenforums.com/tutorials/2304-boot-into-safe-mode-windows-10-a.html

 

Now in SAFE mode.

Using File Explorer, go to   Downloads folder

  • RIGHT click on  FRST64.exe   and select RUN as Administrator and allow it to proceed.  Reply YES when prompted to allow to run the tool. 
  • If the tool warns you the version is outdated, please download and run the updated version.
  • IF Windows prompts you about running this, select YES to allow it to proceed.

 

Click on FIX button.

 

When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run.

Please attach the FIXLOG.txt with your next reply later, at your next opportunity.

 

The fact of the RESTART from the script run, will have effect of getting system back into Normal mode.   Hoping this run will be beneficial.     :D

Link to post
Share on other sites

Thank you.    I need two reports from this machine.

[    1    ]

This is a different sort of report.  I want to check on the security status of some services.

 

Download   Farbar's Service Scanner utility

and Save to your Desktop.

Right-Click on fss.exe and select Run As Administrator.

Answer Yes to ok when prompted.

If your firewall then puts out a prompt, again, allow it to run.

Once FSS is on-screen, be sure the following items are check-marked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
  • Other services

  

Click on "Scan".

It will create a log (FSS.txt) in the same directory the tool is run.   Please attach that file.    😁

 

[     2    ]

I would urge getting a readout report as to update status of some key apps.

Download SecurityCheck by glax24 from here  https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe

 

and save the tool on the desktop.

  • If Windows's  SmartScreen block that with a message-window, then

Click on the MORE INFO spot and over-ride that and allow it to proceed.

This tool is safe.   Smartscreen is overly sensitive.

  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"   and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Close the file.  Attach it with your next reply.

You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

Link to post
Share on other sites

Thank you for the reports.  SecurityCheck shows that Norton360 & its firewall are ON, enabled.

Whatever part of MS Defender is now still around, should be much reduced.

Be sure you are logged in with an administrator-rights account :excl:

Visual check on services using MSCONFIG

From Start button, (or Win-key +R) and in the searcht-box type in MSCONFIG and press OK or Enter.

.

You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)

IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.

Keep a written list of any changes from my list of services below. That way you and I have a reference document.

Look at the bottom line Hide all Microsoft services

IF and only IF its is checkmarked, then un-check it.

the list of servies may be shown in non-alphabetical order, so ....

Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.

You can toggle as needed to get the desired order.

IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !

Then using the scroll-bar scroll down the list

Look for Microsoft Defender Antivirus Service (WinDefend).  IF it shows & IF it is check-marked   ....then UNTICK the box.

Look for Microsoft Defender Antivirus Network Inspection Service.  IF it shows & IF it is check-marked   ....then UNTICK the box.

When done, press the Apply button.

NEXT

Look for the tab markked "Startup"   >> click that.  It should jump to Task Manager.  On that Startup tab of Task Manager.

Look for Microsoft Defender Antivirus Service (WinDefend).  IF it shows & IF it shows as Enabled   then change it to Disabled.

Look for Microsoft Defender Antivirus Network Inspection Service.  IF it shows & IF it shows as Enabled   then change it to Disabled.

When done, 

Close Task Manager.

On the Startup tab of System Configuration, select OK

Exit out of the screen.

Edited by Maurice Naggar
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.