Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows defender error 0x80070424


06 Sep 2012   #11

32 bit
 
 

please download Downloading Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


My System SpecsSystem Spec
.

06 Sep 2012   #12

windows 7 home premuim
 
 

malwarebytes is still scanning dunno if that affects it but. this came up when i clicked scan. http://puu.sh/12xJe
My System SpecsSystem Spec
06 Sep 2012   #13

windows 7 home premuim
 
 

Quote   Quote: Originally Posted by Golden View Post
Mmmm. Lets try something:

1. Download and try to install the FREE version of Malwarebytes
2. Run a FULL scan if possible
3. If it finds threats, make a note of them for posting back here, and delete them if you get the option.
4. After scanning and removal is complete, reboot your system and log in as normal
5. Scan with Malwarebytes again.
6. If nothing is found, try and update Windows - if it can't update, post the error code here.
Ive done the scan. Now funnily enough this one seems to come up every scan. I dont know if im getting the same bug or if its just not removing it. http://puu.sh/12xLk
My System SpecsSystem Spec
.


06 Sep 2012   #14

Microsoft Community Contributor Award Recipient

Windows 7 Ult. x64 Windows 8.1 x64 Ubuntu 12.04 LTS Tri-Boot
 
 

Yep - thats the problem. Follow shawn77's suggestions.
My System SpecsSystem Spec
06 Sep 2012   #15

windows 7 home premuim
 
 

Quote   Quote: Originally Posted by shawn77 View Post
please download Downloading Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
But when i do this and click "scan" http://puu.sh/12xLk that happens
My System SpecsSystem Spec
06 Sep 2012   #16

32 bit
 
 

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller
My System SpecsSystem Spec
07 Sep 2012   #17

windows 7 home premuim
 
 

Quote   Quote: Originally Posted by shawn77 View Post
  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: RogueKiller - Geeks to Go Forums
Blog: tigzy-RK

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Aarron [Admin rights]
Mode : Scan -- Date : 09/07/2012 09:31:49

Bad processes : 0

Registry Entries : 7
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND
[HJ INPROC][ZeroAccess] HKLM\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> FOUND

Particular Files / Folders:
[ZeroAccess][FILE] @ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> FOUND
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> FOUND
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\@ --> FOUND
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\U --> FOUND
[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\U --> FOUND
[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L --> FOUND
[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\L --> FOUND

Driver : [NOT LOADED]

Infection : ZeroAccess

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 Registration
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


MBR Check:

+++++ PhysicalDrive0: ST9750420AS ATA Device +++++
--- User ---
[MBR] 9a981f34d080484c3cd7bc255c8f7455
[BSP] 64a9930d5d65a8994b3e7890bf33f9f9 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt
My System SpecsSystem Spec
07 Sep 2012   #18

32 bit
 
 

Press the DELETE option

Copy the log and paste it here
My System SpecsSystem Spec
07 Sep 2012   #19

windows 7 home premuim
 
 

Quote   Quote: Originally Posted by shawn77 View Post
Press the DELETE option

Copy the log and paste it here
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: RogueKiller - Geeks to Go Forums
Blog: tigzy-RK

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Aarron [Admin rights]
Mode : Remove -- Date : 09/07/2012 16:43:04

Bad processes : 0

Registry Entries : 5
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\n.) -> REPLACED (C:\Windows\system32\shell32.dll)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\$Recycle.Bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\n.) -> REPLACED (C:\Windows\system32\wbem\fastprox.dll)

Particular Files / Folders:
[ZeroAccess][FILE] @ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\@ --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U\00000004.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L\00000004.@ --> REMOVED
[Del.Parent][FILE] 201d3dde : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L\201d3dde --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{1939de08-022f-2909-9ec5-54d1f6c40f43}\L --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_32\Desktop.ini --> REMOVED
[ZeroAccess][FILE] Desktop.ini : C:\Windows\Assembly\GAC_64\Desktop.ini --> REMOVED
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\@ --> REMOVED
[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\U --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L\00000004.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-18\$1939de08022f29099ec554d1f6c40f43\L --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-3364007784-3991715225-2710952795-1000\$1939de08022f29099ec554d1f6c40f43\L --> REMOVED

Driver : [NOT LOADED]

Infection : ZeroAccess

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 Registration
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
[...]


MBR Check:

+++++ PhysicalDrive0: ST9750420AS ATA Device +++++
--- User ---
[MBR] 9a981f34d080484c3cd7bc255c8f7455
[BSP] 64a9930d5d65a8994b3e7890bf33f9f9 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 715302 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
My System SpecsSystem Spec
08 Sep 2012   #20

windows 7 home premuim
 
 

is there a next step?
My System SpecsSystem Spec
Reply

 Windows defender error 0x80070424




Thread Tools



Similar help and support threads for2: Windows defender error 0x80070424
Thread Forum
Windows Update Service not installed error: 0x80070424 Windows Updates & Activation
Windows Defender 0x80070424 Error System Security
Windows Update Service not installed error: 0x80070424 Windows Updates & Activation
Solved Windows Update Service not installed error: 0x80070424 Windows Updates & Activation
Solved Windows 7 Firewall Error 0x80070424 System Security
Solved Possible rootkit infection - Error Code 0x80070424 with Windows System Security
Windows error message 0x80070424 System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:19 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33