docs.microsoft[.]com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
MSERT.exe is ~111MB download that when run gives you 3 options to scan your Windows system for malware, similar to tools available from some security software companies, e.g. Malwarebytes' AdwCleaner -- neowin[.]net/news/adwcleaner-82/
Unfortunately running the app doing a quick scan sent me down a rabbit hole -- it took a while to piece together what I *think* happened. The mcert.log [C:\Windows\debug\] states:
"Threat Detected: VirTool:Win32/DefenderTamperingRestore and Removed!
Action: Remove, Result: 0x00000000
regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
SigSeq: 0x0000055555C57273"
Google parts of that & you get many hits -- zero answers. I *Think* that what happened is BitDefender, like many [most?] brands of AV software, turned off Defender's real-time scanning with a registry entry -- you don't want to slow things down further by having two apps scan everything you're doing in Windows, so makes sense. However, Microsoft has updated Defender to play nicer with 3rd party AV software, so those registry entries turning Defender scanning off are no longer needed. And since malware could use those registry entries -- it was probably never a good idea to make turning Defender off so easy -- the MSERT tool removes them. So that's it... If you run the Microsoft tool and have AV software installed there's a fair chance you'll get the same result I did, so I wanted to post what I came up with, hopefully saving you from a bit of grief.