0x80071a91 WU & Defender Error 1053

deleted2908202301 · Jan 22, 2023

DR M said:
OK. It would be good to inform the other site that you are getting help elsewhere, so they can close the topic there.

Moving on.

1. Run Malwarebytes (Clean mode)

A software restriction policy was set to Disable the Microsoft once per month On Demand anti malware scanner known as MRT ( Malicious Software Removal Tool ).

MBAM is flagging the Potentially Unwanted Modification ( PUM ). You should allow the once per month release and subsequent scan by the MRT. To do that, please do the following:

Double click the program's icon on your Desktop, as you did before.

Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:

Code:

Under the title Scan Options, all the options are checked. Under the title Windows Security Center (Premium only) the option is unchecked. Under the title Potentially unwanted items all options are set to Always.

Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.

When finished, you will see the Thread Scan Summary window open.

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are selected, and click on Quarantine/Remove selected.

You may need to restart the computer.

Open Malwarebytes again, click on the Scanner, and then on the Reports tab.

Find the report with the most recent date and double click on it.

Click on Export and then Copy to Clipboard.

Paste its content here, in your next reply.

2. Eset Online Scan

Just to ensure that everything is clean:

Download ESET Online Scanner and save it to your desktop.

Right-click on esetonlinescanner_enu.exe and select Run as Administrator.

When the tool opens, click Get Started.

Read and accept the license agreement.

At the Welcome to ESET Online Scanner window, click Get Started.

Select whether you would like to send anonymous data to ESET.

Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.

Click on the Full Scan option.

Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.

ESET will now begin scanning your computer. This may take some time.

When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.

ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.

On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.

Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

In your next reply, please post:

The Malwarebytes report

The eset.txt

Code:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/22/23
Scan Time: 5:32 PM
Log File: 58f7a7cb-9a72-11ed-a62d-e03f49446b4f.json

-Software Information-
Version: 4.5.20.230
Components Version: 1.0.1868
Update Package Version: 1.0.64887
License: Free

-System Information-
OS: Windows 10 (Build 19045.2130)
CPU: x64
File System: NTFS
User: Internet\dani

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 316183
Threats Detected: 4
Threats Quarantined: 4
Time Elapsed: 6 min, 37 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 4
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, Quarantined, 6385, 676881, 1.0.64887, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Quarantined, 6385, 676880, 1.0.64887, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTREPORTINFECTIONINFORMATION, Quarantined, 6385, 676881, 1.0.64887, , ame, , ,
PUM.Optional.DisableMRT, HKLM\SOFTWARE\POLICIES\MICROSOFT\MRT|DONTOFFERTHROUGHWUAU, Quarantined, 6385, 676880, 1.0.64887, , ame, , ,

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Later, I will attach ESET logs. I am away for an hour or so.

DR M · Jan 22, 2023

OK, thanks for letting me know.

Have in mind that Eset scan may take some hours to complete.

deleted2908202301 · Jan 22, 2023

Attaching eset logs.

DR M · Jan 22, 2023

Have you seen the Eset log?

Code:

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\increasefpsmode\OPTIMIZAR WINDOWS GAMING +FPS.exe    a variant of Generik.DXDKONX trojan    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpieza\Archivos Temp.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpieza\Cache Cleaner.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\Cache Cleaner.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\Detener servicios.exe    a variant of Generik.DSFEVLB trojan    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpiar visor eventos.cmd    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\dani\Documents\FPS Pack\Command Tweaks\Disable Windows Tracking and Spyware.cmd    BAT/Disabler.NHF trojan    cleaned by deleting

C:\Users\dani\Downloads\dControl\dControl\dControl.exe    Win32/RiskWare.DefenderControl.C application    cleaned by deleting

C:\Users\dani\Downloads\Windows-main\Microsoft Defender Disable.bat    BAT/KillAV.NFF trojan    cleaned by deleting

C:\Users\dani\Downloads\Tweaks.bat    BAT/HostsChanger.A potentially unsafe application    cleaned by deleting

D:\Call of Duty Modern Warfare 3\TeknoMW3_Client_Launcher.exe    a variant of MSIL/GameHack.CHC potentially unsafe application    cleaned by deleting

You have made so many modifications in your system, using scripts and programs of dubious quality, you actually fought to eliminate Microsoft Defender, and now you want it back, as well as your updates.

Since English is not your primary language, right click on FRST64.exe and rename to FRST64English.exe

After that, please make a new scan and attach for me fresh logs, Addition and FRST.

deleted2908202301 · Jan 22, 2023

DR M said:

Have you seen the Eset log?

Code:

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\increasefpsmode\OPTIMIZAR WINDOWS GAMING +FPS.exe    a variant of Generik.DXDKONX trojan    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpieza\Archivos Temp.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpieza\Cache Cleaner.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\Cache Cleaner.bat    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\Detener servicios.exe    a variant of Generik.DSFEVLB trojan    cleaned by deleting

C:\Users\Administrator\AppData\Local\Application Data\increasefps\AutoPlay\Docs\limpiar visor eventos.cmd    BAT/CleanLog.A potentially unsafe application    cleaned by deleting

C:\Users\dani\Documents\FPS Pack\Command Tweaks\Disable Windows Tracking and Spyware.cmd    BAT/Disabler.NHF trojan    cleaned by deleting

C:\Users\dani\Downloads\dControl\dControl\dControl.exe    Win32/RiskWare.DefenderControl.C application    cleaned by deleting

C:\Users\dani\Downloads\Windows-main\Microsoft Defender Disable.bat    BAT/KillAV.NFF trojan    cleaned by deleting

C:\Users\dani\Downloads\Tweaks.bat    BAT/HostsChanger.A potentially unsafe application    cleaned by deleting

D:\Call of Duty Modern Warfare 3\TeknoMW3_Client_Launcher.exe    a variant of MSIL/GameHack.CHC potentially unsafe application    cleaned by deleting

You have made so many modifications in your system, using scripts and programs of dubious quality, you actually fought to eliminate Microsoft Defender, and now you want it back, as well as your updates.

Since English is not your primary language, right click on FRST64.exe and rename to FRST64English.exe

After that, please make a new scan and attach for me fresh logs, Addition and FRST.

Here you are.

Thanks.

DR M · Jan 22, 2023

Thanks for the logs. I'll be back to you tomorrow with a new set of instructions.

deleted2908202301 · Jan 22, 2023

DR M said:
Thanks for the logs. I'll be back to you tomorrow with a new set of instructions.

Got it. Thank you.

DR M · Jan 23, 2023

Hello.

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Code:

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
U4 LMS; no ImagePath
U4 MEIx64; no ImagePath
U4 Mrxsmb10; no ImagePath
U4 RapiMgr; no ImagePath
U4 WcesComm; no ImagePath
U4 Wdnsfltr; no ImagePath
C:\Users\Administrator\AppData\Roaming\qBittorrent
C:\Program Files (x86)\Temp
CMD: netsh winsock reset
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::

Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt on your Desktop.
Post the log in your next reply.

deleted2908202301 · Jan 23, 2023

Code:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Ran by dani (23-01-2023 19:20:36) Run:2
Running from C:\Users\dani\Desktop
Loaded Profiles: dani
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
U4 LMS; no ImagePath
U4 MEIx64; no ImagePath
U4 Mrxsmb10; no ImagePath
U4 RapiMgr; no ImagePath
U4 WcesComm; no ImagePath
U4 Wdnsfltr; no ImagePath
C:\Users\Administrator\AppData\Roaming\qBittorrent
C:\Program Files (x86)\Temp
CMD: netsh winsock reset
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore => removed successfully
SystemRestore: On => completed
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Services\LMS => removed successfully
LMS => service removed successfully
HKLM\System\CurrentControlSet\Services\MEIx64 => removed successfully
MEIx64 => service removed successfully
HKLM\System\CurrentControlSet\Services\Mrxsmb10 => removed successfully
Mrxsmb10 => service removed successfully
HKLM\System\CurrentControlSet\Services\RapiMgr => removed successfully
RapiMgr => service removed successfully
HKLM\System\CurrentControlSet\Services\WcesComm => removed successfully
WcesComm => service removed successfully
HKLM\System\CurrentControlSet\Services\Wdnsfltr => removed successfully
Wdnsfltr => service removed successfully
C:\Users\Administrator\AppData\Roaming\qBittorrent => moved successfully
C:\Program Files (x86)\Temp => moved successfully

========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Herramienta Administraci¢n y mantenimiento de im genes de implementaci¢n
Versi¢n: 10.0.19041.844

Versi¢n de imagen: 10.0.19045.2130


[==                         3.8%                           ]

[==                         3.8%                           ]

[==                         4.1%                           ]

[==                         4.2%                           ]

[==                         4.7%                           ]

[==                         5.0%                           ]

[===                        5.4%                           ]

[===                        5.6%                           ]

[===                        6.1%                           ]

[===                        6.4%                           ]

[===                        6.6%                           ]

[====                       6.9%                           ]

[====                       7.3%                           ]

[====                       7.6%                           ]

[====                       7.9%                           ]

[====                       8.5%                           ]

[=====                      8.7%                           ]

[=====                      9.1%                           ]

[=====                      9.7%                           ]

[=====                      10.0%                          ]

[======                     10.6%                          ]

[======                     10.9%                          ]

[======                     11.2%                          ]

[======                     11.8%                          ]

[=======                    12.2%                          ]

[=======                    12.8%                          ]

[=======                    13.2%                          ]

[========                   14.2%                          ]

[========                   15.2%                          ]

[=========                  16.2%                          ]

[=========                  17.1%                          ]

[==========                 18.1%                          ]

[===========                19.1%                          ]

[===========                19.7%                          ]

[===========                20.7%                          ]

[============               21.7%                          ]

[=============              22.5%                          ]

[=============              23.4%                          ]

[=============              23.6%                          ]

[=============              23.8%                          ]

[=============              23.8%                          ]

[=============              23.9%                          ]

[==============             24.2%                          ]

[==============             24.6%                          ]

[==============             25.0%                          ]

[==============             25.1%                          ]

[==============             25.2%                          ]

[==============             25.4%                          ]

[==============             25.4%                          ]

[==============             25.4%                          ]

[===============            25.9%                          ]

[===============            26.0%                          ]

[===============            26.6%                          ]

[===============            27.4%                          ]

[================           28.3%                          ]

[================           29.2%                          ]

[=================          29.9%                          ]

[=================          30.3%                          ]

[=================          30.6%                          ]

[=================          31.0%                          ]

[==================         31.2%                          ]

[==================         31.5%                          ]

[==================         32.0%                          ]

[==================         32.5%                          ]

[==================         32.5%                          ]

[===================        32.8%                          ]

[===================        33.3%                          ]

[===================        33.4%                          ]

[===================        33.4%                          ]

[===================        33.6%                          ]

[===================        33.9%                          ]

[===================        33.9%                          ]

[===================        34.4%                          ]

[====================       34.6%                          ]

[====================       34.8%                          ]

[====================       35.2%                          ]

[====================       35.5%                          ]

[====================       35.6%                          ]

[====================       35.6%                          ]

[====================       35.8%                          ]

[====================       36.0%                          ]

[=====================      36.7%                          ]

[=====================      36.8%                          ]

[=====================      36.9%                          ]

[=====================      37.1%                          ]

[=====================      37.1%                          ]

[=====================      37.3%                          ]

[=====================      37.3%                          ]

[=====================      37.4%                          ]

[=====================      37.4%                          ]

[=====================      37.6%                          ]

[=====================      37.7%                          ]

[======================     38.0%                          ]

[======================     38.2%                          ]

[======================     38.3%                          ]

[======================     38.3%                          ]

[======================     38.3%                          ]

[======================     38.4%                          ]

[======================     38.6%                          ]

[======================     38.9%                          ]

[======================     39.0%                          ]

[======================     39.5%                          ]

[=======================    39.8%                          ]

[=======================    39.8%                          ]

[=======================    39.9%                          ]

[=======================    40.0%                          ]

[=======================    40.1%                          ]

[=======================    40.1%                          ]

[=======================    40.1%                          ]

[=======================    40.3%                          ]

[=======================    40.4%                          ]

[=======================    40.5%                          ]

[=======================    40.6%                          ]

[=======================    40.7%                          ]

[=======================    40.8%                          ]

[=======================    40.9%                          ]

[=======================    40.9%                          ]

[=======================    41.0%                          ]

[=======================    41.1%                          ]

[=======================    41.1%                          ]

[=======================    41.1%                          ]

[=======================    41.1%                          ]

[=======================    41.1%                          ]

[========================   41.4%                          ]

[========================   41.7%                          ]

[========================   41.9%                          ]

[========================   42.2%                          ]

[========================   42.4%                          ]

[========================   42.5%                          ]

[========================   42.9%                          ]

[========================   43.1%                          ]

[=========================  43.2%                          ]

[=========================  43.6%                          ]

[=========================  43.6%                          ]

[=========================  43.8%                          ]

[=========================  43.9%                          ]

[=========================  44.0%                          ]

[=========================  44.1%                          ]

[=========================  44.2%                          ]

[=========================  44.2%                          ]

[=========================  44.3%                          ]

[=========================  44.5%                          ]

[========================== 44.8%                          ]

[========================== 45.1%                          ]

[========================== 45.2%                          ]

[========================== 45.5%                          ]

[========================== 45.7%                          ]

[========================== 45.9%                          ]

[========================== 46.3%                          ]

[===========================46.8%                          ]

[===========================46.9%                          ]

[===========================47.5%                          ]

[===========================48.1%                          ]

[===========================48.8%                          ]

[===========================49.7%                          ]

[===========================50.5%                          ]

[===========================50.6%                          ]

[===========================51.5%                          ]

[===========================52.4%                          ]

[===========================53.0%                          ]

[===========================53.0%                          ]

[===========================53.0%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.1%                          ]

[===========================53.3%                          ]

[===========================53.3%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.4%                          ]

[===========================53.5%                          ]

[===========================53.5%                          ]

[===========================53.6%                          ]

[===========================53.6%                          ]

[===========================53.6%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.7%                          ]

[===========================53.8%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================53.9%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.1%                          ]

[===========================54.1%                          ]

[===========================54.2%                          ]

[===========================54.2%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.4%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.8%                          ]

[===========================54.8%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.0%                          ]

[===========================55.0%                          ]

[===========================55.1%                          ]

[===========================55.1%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.3%                          ]

[===========================55.3%                          ]

[===========================55.4%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.6%                          ]

[===========================55.7%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.9%                          ]

[===========================55.9%                          ]

[===========================56.0%                          ]

[===========================56.1%                          ]

[===========================56.1%                          ]

[===========================56.2%                          ]

[===========================56.3%                          ]

[===========================56.3%                          ]

[===========================56.4%                          ]

[===========================56.8%                          ]

[===========================57.1%=                         ]

[===========================57.1%=                         ]

[===========================57.2%=                         ]

[===========================57.3%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.5%=                         ]

[===========================58.0%=                         ]

[===========================58.1%=                         ]

[===========================59.1%==                        ]

[===========================59.6%==                        ]

[===========================60.1%==                        ]

[===========================62.3%====                      ]

[===========================77.4%============              ]

[===========================84.9%=================         ]

[===========================92.5%=====================     ]

[==========================100.0%==========================]
The restore operation completed successfully.
La operaci¢n se complet¢ correctamente.

========= End of CMD: =========


========= SFC /scannow =========



Iniciando examen en el sistema. Este proceso tardará algún tiempo.



Iniciando la fase de comprobación del examen del sistema.


Se completó la comprobación de 0%.
Se completó la comprobación de 1%.
Se completó la comprobación de 1%.
Se completó la comprobación de 2%.
Se completó la comprobación de 3%.
Se completó la comprobación de 3%.
Se completó la comprobación de 4%.
Se completó la comprobación de 4%.
Se completó la comprobación de 5%.
Se completó la comprobación de 6%.
Se completó la comprobación de 6%.
Se completó la comprobación de 7%.
Se completó la comprobación de 7%.
Se completó la comprobación de 8%.
Se completó la comprobación de 9%.
Se completó la comprobación de 9%.
Se completó la comprobación de 10%.
Se completó la comprobación de 10%.
Se completó la comprobación de 11%.
Se completó la comprobación de 12%.
Se completó la comprobación de 12%.
Se completó la comprobación de 13%.
Se completó la comprobación de 14%.
Se completó la comprobación de 14%.
Se completó la comprobación de 15%.
Se completó la comprobación de 15%.
Se completó la comprobación de 16%.
Se completó la comprobación de 17%.
Se completó la comprobación de 17%.
Se completó la comprobación de 18%.
Se completó la comprobación de 18%.
Se completó la comprobación de 19%.
Se completó la comprobación de 20%.
Se completó la comprobación de 20%.
Se completó la comprobación de 21%.
Se completó la comprobación de 21%.
Se completó la comprobación de 22%.
Se completó la comprobación de 23%.
Se completó la comprobación de 23%.
Se completó la comprobación de 24%.
Se completó la comprobación de 25%.
Se completó la comprobación de 25%.
Se completó la comprobación de 26%.
Se completó la comprobación de 26%.
Se completó la comprobación de 27%.
Se completó la comprobación de 28%.
Se completó la comprobación de 28%.
Se completó la comprobación de 29%.
Se completó la comprobación de 29%.
Se completó la comprobación de 30%.
Se completó la comprobación de 31%.
Se completó la comprobación de 31%.
Se completó la comprobación de 32%.
Se completó la comprobación de 32%.
Se completó la comprobación de 33%.
Se completó la comprobación de 34%.
Se completó la comprobación de 34%.
Se completó la comprobación de 35%.
Se completó la comprobación de 35%.
Se completó la comprobación de 36%.
Se completó la comprobación de 37%.
Se completó la comprobación de 37%.
Se completó la comprobación de 38%.
Se completó la comprobación de 39%.
Se completó la comprobación de 39%.
Se completó la comprobación de 40%.
Se completó la comprobación de 40%.
Se completó la comprobación de 41%.
Se completó la comprobación de 42%.
Se completó la comprobación de 42%.
Se completó la comprobación de 43%.
Se completó la comprobación de 43%.
Se completó la comprobación de 44%.
Se completó la comprobación de 45%.
Se completó la comprobación de 45%.
Se completó la comprobación de 46%.
Se completó la comprobación de 46%.
Se completó la comprobación de 47%.
Se completó la comprobación de 48%.
Se completó la comprobación de 48%.
Se completó la comprobación de 49%.
Se completó la comprobación de 50%.
Se completó la comprobación de 50%.
Se completó la comprobación de 51%.
Se completó la comprobación de 51%.
Se completó la comprobación de 52%.
Se completó la comprobación de 53%.
Se completó la comprobación de 53%.
Se completó la comprobación de 54%.
Se completó la comprobación de 54%.
Se completó la comprobación de 55%.
Se completó la comprobación de 56%.
Se completó la comprobación de 56%.
Se completó la comprobación de 57%.
Se completó la comprobación de 57%.
Se completó la comprobación de 58%.
Se completó la comprobación de 59%.
Se completó la comprobación de 59%.
Se completó la comprobación de 60%.
Se completó la comprobación de 61%.
Se completó la comprobación de 61%.
Se completó la comprobación de 62%.
Se completó la comprobación de 62%.
Se completó la comprobación de 63%.
Se completó la comprobación de 64%.
Se completó la comprobación de 64%.
Se completó la comprobación de 65%.
Se completó la comprobación de 65%.
Se completó la comprobación de 66%.
Se completó la comprobación de 67%.
Se completó la comprobación de 67%.
Se completó la comprobación de 68%.
Se completó la comprobación de 68%.
Se completó la comprobación de 69%.
Se completó la comprobación de 70%.
Se completó la comprobación de 70%.
Se completó la comprobación de 71%.
Se completó la comprobación de 71%.
Se completó la comprobación de 72%.
Se completó la comprobación de 73%.
Se completó la comprobación de 73%.
Se completó la comprobación de 74%.
Se completó la comprobación de 75%.
Se completó la comprobación de 75%.
Se completó la comprobación de 76%.
Se completó la comprobación de 76%.
Se completó la comprobación de 77%.
Se completó la comprobación de 78%.
Se completó la comprobación de 78%.
Se completó la comprobación de 79%.
Se completó la comprobación de 79%.
Se completó la comprobación de 80%.
Se completó la comprobación de 81%.
Se completó la comprobación de 81%.
Se completó la comprobación de 82%.
Se completó la comprobación de 82%.
Se completó la comprobación de 83%.
Se completó la comprobación de 84%.
Se completó la comprobación de 84%.
Se completó la comprobación de 85%.
Se completó la comprobación de 86%.
Se completó la comprobación de 86%.
Se completó la comprobación de 87%.
Se completó la comprobación de 87%.
Se completó la comprobación de 88%.
Se completó la comprobación de 89%.
Se completó la comprobación de 89%.
Se completó la comprobación de 90%.
Se completó la comprobación de 90%.
Se completó la comprobación de 91%.
Se completó la comprobación de 92%.
Se completó la comprobación de 92%.
Se completó la comprobación de 93%.
Se completó la comprobación de 93%.
Se completó la comprobación de 94%.
Se completó la comprobación de 95%.
Se completó la comprobación de 95%.
Se completó la comprobación de 96%.
Se completó la comprobación de 97%.
Se completó la comprobación de 97%.
Se completó la comprobación de 98%.
Se completó la comprobación de 98%.
Se completó la comprobación de 99%.
Se completó la comprobación de 100%.


Protección de recursos de Windows no pudo realizar la operación solicitada.


========= End of CMD: =========


=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8479742 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 57362246 B
Edge => 0 B
Chrome => 143813970 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1638 B
NetworkService => 1638 B
dani => 1214519 B

RecycleBin => 0 B
EmptyTemp: => 201.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:36:45 ====

DR M · Jan 23, 2023

Something to ask you now I remember:

Please, do not quote my post in your replies. Also, don't use code to post your reply. Just write your reply on the reply area and post it. It's easier for me to read.

Let's try some things, since SFC didn't run.

1. Check if the Windows Modules Installer service is running

Launch the Run command box by pressing the Win + R keys.
Type services.msc and click OK. This will open the Services app.
Scroll down and locate Windows Modules Installer.
Once you find it, check its status. If it is stopped, right-click on it and select Properties.
Select Manual in Start type.
Now, click Start, then click Apply.
Click OK.
Restart.

2. Check disk

Click on the Start button and in the search box, type Command Prompt.
When you see Command Prompt on the list, right-click on it and select Run as administrator.
Enter the command below and press on Enter and wait for it to finish (~15 minutes).
Code:
```
   chkdsk C: /r
```
You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
The process will take some time, depending on the disk condition.
Download ListChkdskResult by SleepyDude and save it on your Desktop.
Double click on the created icon.
A notepad file will open. Copy its content and paste it in your next reply.

3. Run SFC again

Click on the Start button and in the search box, type Command Prompt
When you see Command Prompt on the list, right-click on it and select Run as administrator
Enter the command below and press on Enter

Code:

sfc /scannow

Let the scan finish.

You will normally get one of the following results:

Code:

Windows Resource Protection did not find any integrity violations
Windows Resource Protection found corrupt files and successfully repaired them
Windows Resource Protection found corrupt files but was unable to fix some of them
Windows Resource Protection could not perform the requested operation

Please post the result you got (a screenshot).

In your next reply please post:

What the status of the Windows Modules Installer service was and what you did
The result of the chkdsk scan
The result of the SFC scan

deleted2908202301 · Jan 23, 2023

1. It was stopped, I started it.

2.

ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

------< Log generate on 23/01/2023 20:49:47 >------
Category: 0
Computer Name: Internet
Event Code: 1001
Record Number: 26623
Source Name: Microsoft-Windows-Wininit
Time Written: 01-23-2023 @ 19:48:46
Event Type: Información
User:
Message:

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

Stage 1: Examining basic file system structure ...
448256 file records processed.

File verification completed.
Phase duration (File record verification): 8.07 seconds.
6446 large file records processed.

Phase duration (Orphan file record recovery): 0.00 milliseconds.
0 bad file records processed.

Phase duration (Bad file record checking): 0.94 milliseconds.

Stage 2: Examining file name linkage ...
28450 reparse records processed.

535178 index entries processed.

Index verification completed.
Phase duration (Index verification): 47.98 seconds.
0 unindexed files scanned.

Phase duration (Orphan reconnection): 247.12 milliseconds.
0 unindexed files recovered to lost and found.

Phase duration (Orphan recovery to lost and found): 31.85 milliseconds.
28450 reparse records processed.

Phase duration (Reparse point and Object ID verification): 55.72 milliseconds.

Stage 3: Examining security descriptors ...
Cleaning up 4710 unused index entries from index $SII of file 0x9.
Cleaning up 4710 unused index entries from index $SDH of file 0x9.
Cleaning up 4710 unused security descriptors.
CHKDSK is compacting the security descriptor stream
Security descriptor verification completed.
Phase duration (Security descriptor verification): 371.47 milliseconds.
43462 data files processed.

Phase duration (Data attribute verification): 1.00 milliseconds.
CHKDSK is verifying Usn Journal...
36621512 USN bytes processed.

Usn Journal verification completed.
Phase duration (USN journal verification): 1.04 seconds.

Stage 4: Looking for bad clusters in user file data ...
448240 files processed.

File data verification completed.
Phase duration (User file recovery): 19.74 minutes.

Stage 5: Looking for bad, free clusters ...
42665286 free clusters processed.

Free space verification is complete.
Phase duration (Free space recovery): 0.00 milliseconds.
Correcting errors in the Volume Bitmap.

Windows has made corrections to the file system.
No further action is required.

243159345 KB total disk space.
71852296 KB in 163033 files.
84816 KB in 43465 indexes.
0 KB in bad sectors.
561085 KB in use by the system.
65536 KB occupied by the log file.
170661148 KB available on disk.

4096 bytes in each allocation unit.
60789836 total allocation units on disk.
42665287 allocation units available on disk.
Total duration: 20.71 minutes (1242837 ms).

Internal Info:
00 d7 06 00 aa 26 03 00 be bf 03 00 00 00 00 00 .....&..........
7e 00 00 00 a4 6e 00 00 00 00 00 00 00 00 00 00 ~....n..........

-----------------------------------------------------------------------

3. Windows Resource Protection could not perform the requested operation

DR M · Jan 23, 2023

From the chkdsk result:

Windows has made corrections to the file system.

Try run SFC from Safe mode this time. Let me know if the result is the same.

To start with Safe mode (from Settings):

Start your PC in safe mode in Windows - Microsoft Support

deleted2908202301 · Jan 23, 2023

Okay, gonna try it in safe mode.

DR M · Jan 23, 2023

Right. I'll see you tomorrow.

deleted2908202301 · Jan 23, 2023

Same error in safe mode. Gonna investigate further into this matter.

deleted2908202301 · Jan 23, 2023

I fixed sfc scan with offline method (sfc /scannow /offbootdir=c:\ /offwindir=c:\windows).

DR M · Jan 24, 2023

Perfect!!!

Now do the following:

Please download Farbar Service Scanner and save it on your Desktop.
Right click on the tool icon and run it as administrator.
Make sure all the options are checked.
Click on the Scan button.
It will create a log (FSS.txt) on your Desktop.
Copy and paste the log's content to your next reply.

deleted2908202301 · Jan 24, 2023

Farbar Service Scanner Version: 13-08-2022 01
Ran by dani (administrator) on 24-01-2023 at 15:21:15
Running from "C:\Users\dani\Desktop"
Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============
tdx Service is not running. Checking service configuration:
The start type of tdx service is set to Disabled. The default start type is System.
The ImagePath of tdx: "\SystemRoot\system32\DRIVERS\tdx.sys".

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Windows Security:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK (Start=Auto).
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2210.6-0\MsMpEng.exe"".

Windows Defender Disabled Policy:
==========================

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\Drivers\netbt.sys => File is digitally signed
C:\Windows\System32\Drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\afd.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\SecurityHealthService.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\usosvc.dll => File is digitally signed
C:\Windows\System32\WaaSMedicSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

deleted2908202301 · Jan 24, 2023

I still get error 1053 when starting WinDefend service.

DR M · Jan 24, 2023

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Code:

Start::
CreateRestorePoint:
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
End::

Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt on your Desktop.
Post the log in your next reply.

0x80071a91 WU & Defender Error 1053

Active member

Sysnative Staff, Security Analyst

Active member

Attachments

Sysnative Staff, Security Analyst

Active member

Attachments

Sysnative Staff, Security Analyst

Active member

Sysnative Staff, Security Analyst

Active member

Sysnative Staff, Security Analyst

Active member

Attachments

Sysnative Staff, Security Analyst

Active member

Sysnative Staff, Security Analyst

Active member

Active member

Sysnative Staff, Security Analyst

Active member

Active member

Sysnative Staff, Security Analyst