Hello.
I have a WS2016 server where I cannot start the defender service. I found out about the issue when Windows Update couldn't install Defender updates/signatures (but other WU work fine).
When i attempt to start the WinDefend service manually, it returns "Error 0x80070003: The system cannot find the path specified".
In the event log (Microsoft-Windows-Windows Defender/WHC) there are two events signalling the attempted service start:
"Windows Defender state updated to 10." and "Windows Defender state updated to 2." (in the same second).
Microsoft-Windows-Windows Defender/Operational has this error logged (in the same second of the attempted service start):
Windows Defender Real-Time Protection feature has encountered an error and failed.Feature: On Access
Error Code: 0x8007007e
Error description: The specified module could not be found.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
I have tried:
- installing latest WU
- sfc /scannow - no problems/corruptions found
- dism /online /cleanup-image /restorehealth - no problems found
- removing the Defender feature, rebooting, (deleting C:\ProgramData\Microsoft\Windows Defender folder), reinstalling (Install-WindowsFeature -Name Windows-Defender-Features -IncludeAllSubFeature
None of the above helped.
Any ideas (other than reinstall/refresh/reset Windows) are welcome.