Defender won't start, service stopped, right mouse menu blocked!
-
Defender won't start, service stopped, right mouse menu blocked!
I am at the end of my wits, tried about everything I read elsewhere, nothing works.
My Windows 10.0.18363.657 was running fine, Defender Firewall and virus active and working, no other antivirus stuff installed.
The system crashed hard (BSOD "Microcode revision mismatch") and could only be revitalized with a unique paywall tool (EasyRE). In fact the Windows installation IS running again after the restore tool messed around in the boot area, but with very weird and irritating limitations.
Among these I see:
- Defender firewall is up, but virus checking is now off and can not be accessed
- in MSCONFIG I can see the all services (e.g. Defender is off and many more) but cannot even access their Start/Stop control menu with right mouse clicks! I do notice a periodic 'update' circle running every 6sec for ca. 6 sec, but no menu pops up. I can set the checkmarks of any service entry though. Right mouse click work in other programs like TaskManager, the desktop etc. Someone/something does not want to me to access any service controls!
- I am sure I had very recent restore points of my Windows installation, but they are gone (more disk space visible!)
- many security related options are deactivated with warning signs, suggesting Admin right needs (I AM the Admin!)
- all this is visible in regular and in SafeMode
I did the typical stuff: DISM, ScanNow, the PowerShell scripts etc, registry flags - without success.
Without any security tools up I am basically running 'naked' and also without full control over my system.
One could suggest that EasyRE hijacked my machine when 'fixing' it..
A rebuild from scratch is very, VERY complicated to the amount of apps, of tweaks and settings on this system.
That's why I chose the EasyRE way to rescue it. None of other tools got me out of the 'microcode revision' BSOD.
Somehow the entire UAC,group policy, rights and Admin control got out of whack big time.
Where to start to get this back to normal, in what sequence? I cannot afford to start yet another full Win10 reinstall; this would be the THIRD time since I got this laptop just three years ago..
Thanks for useful tips and ideas, and any clear procedures to untangle this Windows10 mess!
-
Did you purchase direct from the developer?
Did you purchase the Home or Pro version? Pro comes with antivirus software which may be why Defender is disabled.
I would say the program has corrupted the install &/or the admin account. Are you still listed as an admin & is there any other admin listed which wasn’t there before?
Have you restarted the PC?
Do you have a system image backup?
-
-
Hi, I've no idea what EasyRE may or may not have done to your PC.
I suggest, assuming your disk and file system are ok
(Hard Disk Sentinel, trial, SSDs too; run chkdsk c: /scan from an admin command or Powershell prompt - don't skip this step just in case) you try an
in-place upgrade repair install
which, like any upgrade procedure, keeps all progs and data.
You have build 1909, so unless you already have a 1909 iso file or bootable medium even, download one using e.g. the Heidoc iso downloader tool (free) - isos from MS.Check you have at least 30Gb free on C:
Boot normally, rt click the iso file.
Click mount- available unless iso associated other than default.
Open the new drive letter created
Double click setup.exe
No guarantees, but if not fixed, could be a problem.
How do you guard against this?
Take the so,so very often given recommendation to use disk imaging regularly and routinely e.g. Macrium Reflect (free).
Full backup, recover imaged partitions to a previous good state - without needing help.
Can help you avoid clean installs, and secures your installation against disk failure etc etc.
-
Thanks for the quick replies!
The EasyRE was bought and d/l from their site.
I have a new theory: maybe the original BSOD crash was DUE to a (rootkit) attack, and EasyRE just brought my system back alive afterwards, but it is still messed up and infected?
I am currently grabbing a few iso toolkits to check for virus and rootkits, as Defender is dead and Win10 somehow compromised.
There was a unique virus checker/fixer one could create from actual tools and apply from a boot. Forgot the name of this freebie but it worked for me years ago with great success. Anyone knows what I am talking about? It was always the first suggestion in forums when folks were stuck after rootkit attacks.
Let me do a cleanup and secure virus check before messing more with registry and all.
Thanks!
-
-
Granted it could be a possible explanation of Defender being disabled. An offline check may show something.
As for permissions issues, Tweaking.com's free repair tool offers relevant repairs.
But you could end up with an irrecoverable system of course- which wouldn't have been the case had you been using disk imaging.
-
Granted it could be a possible explanation of Defender being disabled. An offline check may show something.
As for permissions issues, Tweaking.com's free repair tool offers relevant repairs.
But you could end up with an irrecoverable system of course- which wouldn't have been the case had you been using disk imaging.
Thanks!
The behavior of my Windows is typical for infected/compromised systems, yet none of my actual scans (inside and outside of the O/S) find anything but the typical false positives like JDownloader or Forte's Newsreader "Agent".exe..
Clean as a whistle, with today's reference databases.
I DO have image files, I DID have restore points, I DID try Windows CD 'repair' function, nothing ever worked for me.
Windows basically offers me a Reset (losing all apps) or a clean install which I refuse so far. Or a brain-dead installation as of today.
Yes, I have oodles of these tweaking programs, including the mentioned one. They have failed me before, when a previous Win10 installation suddenly refused to pop up the Windows menu, also disabled the Search field, yet another 'permission' mess reported by others, fixed by none.
That error never went away; after weeks of trying I threw in the towel and rebuild the system, and 100+ handcrafted and tweaked apps. And now .. back to square one AGAIN?
My luck with these fixers is very limited, my trust in MS Windows is rock bottom, just too many uncontrollable dependencies, too many protectionisms at all levels, maddening.
What is a GOOD and PRECISE procedure to get this internally confused Win10 version to accept a FULL REPAIR install from an ISO or CD without losing my 100+ programs??
For now I will throw in another round of Tweaking.coms fancy and hour long tinker toy.
Thanks so far!
Thanks!
-
Ok, see post #3 - in-place upgrade repair install.
But there's no guarantee any one thing will fix whatever random things have been done..
However, as you have disk image files, in your position I would opt for restoring the O/S to before all this happened- too many unknowns.
Typically Macrium Reflect is recommended for disk imaging. Is that the sort of disk image you are referring to... a compressed copy of the used part of the partitions imaged, possibly as a set of incremental or differential images, which is what such tools produce?
-
Ah, I forgot to mention another oddity of this current system state:
All downloads of ZIPs, EXEs etc in Chrome fail with error "Fehler - Fehler beim Virenscan" (i.e: "Error during virus scan").
They DO finish when downloading the very same files (eg from MajorGeek) in Firefox...
Most likely related to the virus mess. But why so inconsistent? Why does Google care and Firefox not, where do they both check their downloads internally??
Should I try to install a full blown 3rd party antivirus package like McAfee, Kapersky, Avast etc, hoping that it will 're-mess' with all these f.cked up security settings?
Usually these antivir programs cause MORE harm and actually DO mess up security settings when trying to get rid of them later.. That's why I rather wanted to rely on the built-in Defender all the time.
Hopeless and aggravating..
-
All downloads of ZIPs, EXEs etc in Chrome fail with error "Fehler - Fehler beim Virenscan" (i.e: "Error during virus scan").
I think I recall that's an oddity of/setting in Chrome. Disregard that for now. Fairly sure I dealt with a thread on that. Note this on a feature in Chrome:
Simple Procedure To Turn Off Chrome Antivirus From Your Pc
Installing a 3rd party AV won't fix what's broken. You need a solid base, not something you can't trust as an O/S.
See my previous post..
-
Temporarily disable your AntiVirus and AntiSpyware protection - instructions here.
- Please visit the ESET Online Scanner website
- Click the SCAN NOW button to download the esetonlinescanner_enu.exe file to the Desktop
- Double click esetonlinescanner_enu.exe. Accept the Terms of Use
- Select Enable detection of potentially unwanted applications
- In Advanced Settings: make sure that Clean threats automatically is unchecked
- And Enable detection of potentially unsafe applications, Enable detection of suspicious applications, Scan archives, and Enable Anti-Stealth technology are all checked.
- Click Scan
- The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
- When completed, the program will begin to scan. This may take several hours. Please, be patient.
- Do not do anything on your machine as it may interrupt the scan.
- When completed it'll show a list of "Threats found", click beneath it on Save to text file.... and save it as ESET log.txt on your Desktop.
- Then click Do not clean. Place a checkmark at Delete application's data on close, click Finish and close the program.
- Please copy and paste the log it generated (the one you just saved on your Desktop) here.
Don't forget to re-enable previously switched-off protection software!