 | |
| |
| 06 Sep 2012 | #11 |
| |  please download Downloading Farbar Service Scanner and run it on the computer with the issue.
|
My System Specs | |
| 06 Sep 2012 | #12 |
| | malwarebytes is still scanning dunno if that affects it but. this came up when i clicked scan. http://puu.sh/12xJe |
| My System Specs |
| 06 Sep 2012 | #13 |
| | 
Quote: Originally Posted by Golden  Mmmm. Lets try something: 1. Download and try to install the FREE version of Malwarebytes 2. Run a FULL scan if possible 3. If it finds threats, make a note of them for posting back here, and delete them if you get the option. 4. After scanning and removal is complete, reboot your system and log in as normal 5. Scan with Malwarebytes again. 6. If nothing is found, try and update Windows - if it can't update, post the error code here. |
| My System Specs |
| . |
| |
| 06 Sep 2012 | #14 |
| | Yep - thats the problem. Follow shawn77's suggestions. |
| My System Specs |
| 06 Sep 2012 | #15 |
| |
Quote: Originally Posted by shawn77 please download Downloading Farbar Service Scanner and run it on the computer with the issue.
|
| My System Specs |
| 06 Sep 2012 | #16 |
| |
|
| My System Specs |
| 07 Sep 2012 | #17 |
| |
Quote: Originally Posted by shawn77
mail: tigzyRK<at>gmail<dot>com Feedback: RogueKiller - Geeks to Go Forums Blog: tigzy-RK Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Aarron [Admin rights] Mode : Scan -- Date : 09/07/2012 09:31:49 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND [HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\@ --> FOUND [ZeroAccess][FOLDER] U : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U --> FOUND [ZeroAccess][FOLDER] L : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> FOUND [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> FOUND [ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\@ --> FOUND [ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\@ --> FOUND [ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\U --> FOUND [ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\U --> FOUND [ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L --> FOUND [ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\L --> FOUND ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 adobeereg.com 127.0.0.1 Registration 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9750420AS ATA Device +++++ --- User --- [MBR] 9a981f34d080484c3cd7bc255c8f7455 [BSP] 64a9930d5d65a8994b3e7890bf33f9f9 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt |
| My System Specs |
| 07 Sep 2012 | #18 |
| | Press the DELETE option Copy the log and paste it here |
| My System Specs |
| 07 Sep 2012 | #19 |
| |
Quote: Originally Posted by shawn77 Press the DELETE option Copy the log and paste it here mail: tigzyRK<at>gmail<dot>com Feedback: RogueKiller - Geeks to Go Forums Blog: tigzy-RK Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Aarron [Admin rights] Mode : Remove -- Date : 09/07/2012 16:43:04 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\n.) -> REPLACED (C:\Windows\system32\shell32.dll) [HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> REPLACED (C:\Windows\system32\wbem\fastprox.dll) ¤¤¤ Particular Files / Folders: ¤¤¤ [ZeroAccess][FILE] @ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\@ --> REMOVED [Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U\00000004.@ --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U --> REMOVED [Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L\00000004.@ --> REMOVED [Del.Parent][FILE] 201d3dde : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L\201d3dde --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L --> REMOVED [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> REMOVED [ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> REMOVED [ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\@ --> REMOVED [ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\@ --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\U --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\U --> REMOVED [Del.Parent][FILE] 00000004.@ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L\00000004.@ --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L --> REMOVED [ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\L --> REMOVED ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ZeroAccess ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 adobeereg.com 127.0.0.1 Registration 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 125.252.224.90 127.0.0.1 125.252.224.91 [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9750420AS ATA Device +++++ --- User --- [MBR] 9a981f34d080484c3cd7bc255c8f7455 [BSP] 64a9930d5d65a8994b3e7890bf33f9f9 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt |
| My System Specs |
| 08 Sep 2012 | #20 |
| | is there a next step? |
| My System Specs |
 |
Windows defender error 0x80070424 problems?
« MS Security Essentials (MSE) definition updates?
|
Help Setup modem's Firewall in Sync with BitDefender or Norton Firewal »
| Thread Tools | |
| Similar help and support threads for: Windows defender error 0x80070424 | ||||
| Thread | Forum | |||
| Windows Defender 0x80070424 Error | System Security | |||
| Windows Firewall missing from Services Menu and Error 0x80070424 | System Security | |||
 Windows 7 Firewall Error 0x80070424 | System Security | |||
| Possible rootkit infection - Error Code 0x80070424 with Windows | System Security | |||
| Windows error message 0x80070424 | System Security | |||
All times are GMT -5. The time now is 02:40 PM.
