Windows Defender 0x80070424 Error

Page 1 of 4 123 ... LastLast

  1. Kbalanis
    Posts : 25
    Windows 7 Professional 64-bit
       New #1

    Windows Defender 0x80070424 Error


    I'm hoping I can finally get this issue resolved. Usually I am able to get everything working again after getting a virus but this is something that I cannot get to work. A few days ago my computer was infected with the Win 7 Total Security 2011 virus. At least I think that's what it was called, there are so many different names of these types of viruses. I was able to find the files associated with this virus through a scan with MBAM, but now my Windows Defender isn't working at all. After I open it up, I get an error message that states: The specified service does not exist as an installed service. (Error Code: 0x80070424). I don't know if I still have a virus that's blocking this program from working or the Win 7 virus did something to the registry, or if some important files got corrupted. I do know that the Windows Defender serivice is not in the services.msc file like it's supposed to be. So I would assume that's why I'm getting the error.
      My Computer
    Quote Quote

  3. johnnya
    Posts : 352
    Windows Home Premium 64bit
       New #2

    Hi Kbalanis and welcome to the Forum. Sorry to hear that you are having some issues. Please check out the link below and see if it is of any help. Let us know.

    How to Reinstall Windows Defender
    Regards
    JohnnyA
      My Computer
    Quote Quote

  4. Kbalanis
    Posts : 25
    Windows 7 Professional 64-bit
    Thread Starter
       New #3

    Thanks for the quick reply. Apparently my WMI repository is consistent so there was nothing wrong with that, plus the defender service isn't in the .msc file. So nothing in that link worked.
      My Computer
    Quote Quote

  6. johnnya
    Posts : 352
    Windows Home Premium 64bit
       New #4

    Umm. We will have to look further. We have a ton of very capable people here at the Forum. perhaps one of our Guru's will jump in and lend a hand.
    Cheers
    JohnnyA

    EDIT: Windows Defender has a dependence in services.msi called Remote Proceedure Call (RPC)
    that is set to automatic. Is yours set this way?

    Another EDIT: Found another post on our Forum - have a look.
    https://www.sevenforums.com/software/...s-missing.html
      My Computer
    Quote Quote

  7. Hopalong X
    Posts : 6,349
    Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
       New #5

    To check what johnnya is talking about.

    Go to Device Manager> Administrative Tools> Services
    Scroll down until you see Windows Defender as in the Snip below I took for you. Highlight Win Defender.
    Then you will see the Stop and Restart I circled in yellow towards top-left.

    It should be set as mine is after you click Restart. You may need to click Stop if it shows then Restart.

    If it doesn't show running after that a Restart of your PC may?? finish turning it on.

    Worth a shot to look at least.
    Mike

    Click the pic to enlarge.
    Attached Thumbnails Attached Thumbnails Windows Defender 0x80070424 Error-services-win-defender.png  
      My Computer
    Quote Quote

  8. Kbalanis
    Posts : 25
    Windows 7 Professional 64-bit
    Thread Starter
       New #6

    The Remote Procedure Call was already set to automatic so that's not it. Plus I still don't have Windows Defender in my services.msc. I'll check that link out too, thanks.


    --EDIT--

    I saw that link yesterday so I ran that SecurityCheck program and this is the log from it:

    Results of screen317's Security Check version 0.99.10
    Windows 7 (UAC is disabled!)
    Internet Explorer 8
    ``````````````````````````````
    Antivirus/Firewall Check:
    Windows Firewall Enabled!
    McAfee VirusScan Enterprise
    McAfee Agent
    WMI entry may not exist for antivirus; attempting automatic update.
    ```````````````````````````````
    Anti-malware/Other Utilities Check:
    Java(TM) 6 Update 24
    Adobe Flash Player 10.0.2.54
    Adobe Reader X (10.0.1)
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent
    McAfee VirusScan Enterprise x64 EngineServer.exe
    McAfee VirusScan Enterprise VsTskMgr.exe
    McAfee VirusScan Enterprise x64 McShield.exe
    McAfee VirusScan Enterprise x64 mfeann.exe
    McAfee VirusScan Enterprise shstat.exe
    ``````````End of Log````````````

    I haven't done a Malwarebytes scan in a couple days. The last time I did it returned with no infections but I can run it again if you'd like me to.

    I've attached the DDS.txt and attach.txt files that were generated by the DDS.scr file.
    Windows Defender 0x80070424 Error Attached Files
    Last edited by Kbalanis; 05 May 2011 at 11:57.
      My Computer
    Quote Quote

  10. Kbalanis
    Posts : 25
    Windows 7 Professional 64-bit
    Thread Starter
       New #7

    I just finished a full scan with Malwarebytes. Nothing was found but here's the log:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org
    Database version: 6514
    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514
    5/5/2011 10:54:51 AM
    mbam-log-2011-05-05 (10-54-51).txt
    Scan type: Full scan (C:\|)
    Objects scanned: 450446
    Time elapsed: 1 hour(s), 16 minute(s), 57 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    (No malicious items detected)
      My Computer
    Quote Quote

  11. Carolyn
    Posts : 382
    Windows 7 Ultimate 64 bit
       New #8

    From your logs, I see that you've run a multitude of security programs, including ComboFix.

    ComboFix should never be used without the supervision of a trained helper.

    Do you still have the ComboFix log? C:\ComboFix.txt

    If you do, post the contents of that log in your next reply. No attachments please.
      My Computer
    Quote Quote

  12. Kbalanis
    Posts : 25
    Windows 7 Professional 64-bit
    Thread Starter
       New #9

    Yeah I was kinda in crisis mode as soon as I got infected. I tried a couple different programs to do scans but then I uninstalled them. I was told by somebody else that I should run ComboFix, but he didn't tell me it was best to only do so with the help of a trained pro. Shame on me for that, but like I said, I've been a little frantic about the issue since it's my work computer. Anyway, here's the ComboFix log:

    ComboFix 11-05-04.04 - kbalanis 05/05/2011 8:24.2.4 - x64
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8190.6548 [GMT -7:00]
    Running from: c:\users\kbalanis\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Resident AV is active
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\kbalanis\XobniSetup.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-04-05 to 2011-05-05 )))))))))))))))))))))))))))))))
    .
    .
    2011-05-05 15:31 . 2011-05-05 15:31 -------- d-----w- c:\users\Keith Balanis\AppData\Local\temp
    2011-05-05 15:31 . 2011-05-05 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-05-04 23:44 . 2011-05-04 23:44 -------- d-----w- c:\windows\system32\SPReview
    2011-05-04 23:42 . 2011-05-04 23:42 -------- d-----w- c:\windows\system32\EventProviders
    2011-05-04 23:37 . 2010-11-20 13:34 363392 ----a-w- c:\windows\system32\drivers\volmgrx.sys
    2011-05-04 23:36 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
    2011-05-04 23:36 . 2010-11-20 12:17 209920 ----a-w- c:\windows\SysWow64\PkgMgr.exe
    2011-05-04 23:36 . 2010-11-20 12:18 323072 ----a-w- c:\windows\SysWow64\drvstore.dll
    2011-05-04 23:36 . 2010-11-20 12:18 257024 ----a-w- c:\windows\SysWow64\dpx.dll
    2011-05-04 23:36 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
    2011-05-04 23:36 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
    2011-05-04 23:34 . 2010-11-20 13:27 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2011-05-04 23:34 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
    2011-05-04 23:34 . 2010-11-20 13:27 1225216 ----a-w- c:\windows\system32\wbem\wbemcore.dll
    2011-05-04 23:34 . 2010-11-20 13:27 933376 ----a-w- c:\windows\system32\SmiEngine.dll
    2011-05-04 23:34 . 2010-11-20 13:25 199168 ----a-w- c:\windows\system32\PkgMgr.exe
    2011-05-04 23:33 . 2010-11-20 13:26 422912 ----a-w- c:\windows\system32\drvstore.dll
    2011-05-04 23:33 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
    2011-05-04 23:02 . 2011-05-04 23:16 -------- d-----w- C:\8bd29fcf06f28268469d6a56
    2011-05-03 00:11 . 2011-05-03 00:11 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-05-03 00:04 . 2011-05-03 00:04 -------- d-----w- c:\users\kbalanis\AppData\Local\TuneUpMedic
    2011-04-29 16:11 . 2011-04-29 16:11 -------- d-----w- c:\program files (x86)\Xobni
    2011-04-29 16:10 . 2011-04-29 16:10 -------- d-----w- c:\users\kbalanis\AppData\Roaming\AVG10
    2011-04-29 16:05 . 2011-04-29 16:05 -------- d--h--w- c:\programdata\Common Files
    2011-04-29 16:04 . 2011-05-02 17:03 -------- d-----w- c:\programdata\AVG10
    2011-04-29 16:04 . 2011-04-29 16:04 -------- d-----w- c:\program files (x86)\AVG
    2011-04-29 15:57 . 2011-05-02 17:02 -------- d-----w- c:\programdata\MFAData
    2011-04-28 19:26 . 2011-04-28 19:26 -------- d-----w- c:\users\kbalanis\AppData\Local\Threat Expert
    2011-04-28 18:06 . 2011-04-28 18:06 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
    2011-04-28 15:53 . 2011-04-28 16:47 19528 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
    2011-04-28 15:53 . 2011-04-28 15:53 -------- d-----w- c:\program files\Hitman Pro 3.5
    2011-04-28 15:52 . 2011-04-28 15:52 -------- d-----w- c:\programdata\Hitman Pro
    2011-04-27 22:18 . 2011-04-29 00:08 -------- d-----w- c:\program files (x86)\Eusing Free Registry Cleaner
    2011-04-27 15:01 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
    2011-04-27 15:01 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
    2011-04-26 18:34 . 2011-05-02 23:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-04-25 22:23 . 2011-04-25 22:23 -------- d-----w- c:\users\kbalanis\AppData\Local\Wave Systems Corp
    2011-04-25 22:22 . 2011-04-25 22:22 -------- d-----w- c:\program files (x86)\Common Files\Java
    2011-04-25 18:08 . 2011-04-25 18:08 -------- d-----w- c:\users\kbalanis\AppData\Roaming\IObit
    2011-04-25 17:25 . 2011-04-25 17:25 -------- d-----w- c:\users\kbalanis\AppData\Roaming\ParetoLogic
    2011-04-25 17:25 . 2011-04-25 17:25 -------- d-----w- c:\users\kbalanis\AppData\Roaming\DriverCure
    2011-04-25 17:25 . 2011-04-26 17:58 -------- d-----w- c:\programdata\ParetoLogic
    2011-04-22 00:24 . 2011-04-22 00:24 -------- d-----w- c:\users\kbalanis\AppData\Roaming\Malwarebytes
    2011-04-22 00:23 . 2011-04-22 00:23 -------- d-----w- c:\programdata\Malwarebytes
    2011-04-22 00:23 . 2010-12-21 01:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-04-20 23:50 . 2011-04-20 23:50 -------- d-----w- c:\users\kbalanis\AppData\Local\{FC297FF4-13DE-493F-A0FB-D9B79D83B1CD}
    2011-04-19 14:22 . 2011-04-11 08:21 8802128 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ACE488A6-8877-4AD8-AFE8-100C60025AD1}\mpengine.dll
    2011-04-15 23:55 . 2011-04-15 23:55 -------- d-----w- c:\users\kbalanis\AppData\Local\{B916030E-4E6C-4C9D-8A9E-12C87CF716D6}
    2011-04-15 23:53 . 1998-02-13 21:30 143872 ----a-w- c:\windows\SysWow64\iacenc.dll
    2011-04-15 23:53 . 1997-11-06 19:53 27648 ----a-w- c:\windows\SysWow64\ir50_lcs.dll
    2011-04-15 23:53 . 1997-08-27 16:53 391168 ----a-w- c:\windows\SysWow64\i263_32.drv
    2011-04-15 23:53 . 1997-06-13 15:56 56832 ----a-w- c:\windows\SysWow64\Iyvu9_32.dll
    2011-04-15 23:53 . 1998-07-30 19:51 305152 ----a-w- c:\windows\IsUninst.exe
    2011-04-15 23:04 . 2011-04-15 23:04 -------- d-----w- c:\users\kbalanis\AppData\Roaming\Media Player Classic
    2011-04-15 23:02 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
    2011-04-15 22:57 . 2011-04-15 22:57 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI. dll
    2011-04-15 22:56 . 2011-04-15 22:56 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-04-15 22:56 . 2011-04-15 22:56 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-04-15 22:56 . 2011-04-15 22:56 -------- d-----w- c:\users\kbalanis\AppData\Local\{AF809551-663D-4FCB-B7F2-3963393B2015}
    2011-04-15 22:56 . 2011-04-15 22:56 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-04-15 18:42 . 2011-04-15 18:42 -------- d-----w- c:\users\kbalanis\AppData\Local\{C8CB5FA3-EB69-4EE6-A995-8708C862B5C8}
    2011-04-15 18:41 . 2011-04-15 18:41 -------- d-----w- c:\users\kbalanis\AppData\Local\{EB6F81BC-E876-4A38-9B41-F12103101298}
    2011-04-15 16:30 . 2011-04-15 16:30 -------- d-----w- c:\users\kbalanis\AppData\Local\{86C5F188-1C3C-4E2D-B30A-EE32C33D0F2E}
    2011-04-15 16:04 . 2011-04-15 16:04 -------- d-----w- c:\users\kbalanis\AppData\Local\{3A9D6DA1-5646-4B8B-B389-9D6A0E8A5F9C}
    2011-04-14 20:57 . 2011-04-14 20:58 -------- d-----w- c:\users\kbalanis\AppData\Local\{0622E935-683C-45F8-B81C-17261BE92DBC}
    2011-04-14 20:55 . 2011-04-14 20:55 -------- d-----w- c:\users\kbalanis\AppData\Local\{F390F25A-942B-4075-B28E-E1278A487295}
    2011-04-14 20:53 . 2011-04-14 20:54 -------- d-----w- c:\users\kbalanis\AppData\Local\{8F67EFFB-85FA-4636-8D08-0FF915FC6EA6}
    2011-04-14 20:52 . 2011-04-14 20:52 -------- d-----w- c:\users\kbalanis\AppData\Local\{06BD9DBF-CDEE-49EA-8CCE-3529EFA00C6C}
    2011-04-14 20:51 . 2011-04-14 20:51 -------- d-----w- c:\users\kbalanis\AppData\Local\{6D6682A6-35A9-40EF-9C8B-87F116457AF3}
    2011-04-14 20:50 . 2011-04-14 20:50 -------- d-----w- c:\users\kbalanis\AppData\Local\{BAC6BC2D-E3F6-4067-9E88-B90CD31914CB}
    2011-04-13 15:01 . 2011-03-03 06:24 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
    2011-04-11 14:51 . 2011-04-11 14:51 -------- d-----w- C:\CTS
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-05-04 23:50 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2011-05-04 23:50 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2011-03-16 14:52 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-03-04 06:19 . 2011-04-27 15:00 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2011-03-04 06:19 . 2011-04-27 15:00 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2011-02-19 12:05 . 2011-03-09 15:03 1139200 ----a-w- c:\windows\system32\FntCache.dll
    2011-02-19 12:04 . 2011-03-09 15:03 1544192 ----a-w- c:\windows\system32\DWrite.dll
    2011-02-19 12:04 . 2011-03-09 15:03 902656 ----a-w- c:\windows\system32\d2d1.dll
    2011-02-19 06:30 . 2011-03-09 15:03 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
    2011-02-19 06:30 . 2011-03-09 15:03 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2009-04-23 1314816]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520]
    "McAfeeUpdaterUI"="c:\program files (x86)\McAfee\Common Framework\udaterui.exe" [2009-01-16 136512]
    "ShStatEXE"="c:\program files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-30 124240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2010-11-04 611712]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    AutoCAD Startup Accelerator.lnk - c:\program files (x86)\Common Files\Autodesk Shared\acstart16.exe [2005-3-5 10872]
    Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2010-2-8 1416560]
    TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 185192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
    @="Service"
    .
    R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-04 1436424]
    R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 w4shwdrv;w4shwdrv;c:\users\kbalanis\AppData\Local\Temp\w4s266A.tmp [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2010-02-08 515952]
    S2 McAfeeEngineService;McAfee Engine Service;c:\program files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe [2009-04-30 19720]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
    S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-10-27 6807656]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    Akamai REG_MULTI_SZ Akamai
    .
    Contents of the 'Scheduled Tasks' folder
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\En abledUnlockedFDEIconOverlay]
    @="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
    [HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
    2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Un initializedFdeIconOverlay]
    @="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
    [HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
    2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-12-03 1712232]
    "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
    "DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-11-02 657920]
    "USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\system32\blank.htm
    uInternet Settings,ProxyOverride = *.local
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\w4shwdrv]
    "ImagePath"="\??\c:\users\kbalanis\AppData\Local\Temp\w4s266A.tmp"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1369809732-1291637309-727275192-1616\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-1369809732-1291637309-727275192-1616\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2011-05-05 08:34:11
    ComboFix-quarantined-files.txt 2011-05-05 15:34
    .
    Pre-Run: 256,822,259,712 bytes free
    Post-Run: 256,571,719,680 bytes free
    .
    - - End Of File - - 0703D1EB62ED721CE00D5E5DEE8C7FFF
      My Computer
    Quote Quote

  13. Carolyn
    Posts : 382
    Windows 7 Ultimate 64 bit
       New #10

    There is another ComboFix log that I would like to see.

    It can be found here C:\qoobox\ComboFix2.txt

    You can attach that one (the logs are long)
      My Computer
    Quote Quote

 
Page 1 of 4 123 ... LastLast

  Related Discussions
Hi A few days ago I used my friend's USB stick and I think it contained virus because after that my laptop automatically restarted and my Windows Defender didnt turn on and I encountered this error : " The specified service does not exist as an installed service. ( error code : 0x80070424) and...
so tell me solution for thi sproblem
Recently I have decided to check up on my firewall and I noticed an error message 0x80070424 if I try to start it. I have run malwarebytes and Microsoft Security Essential scans and there were no signs of any viruses. I have no idea when this happened, but any information on how to fix this problem...
I got hit by a virus a while back. Now ive done what i can to fix things for months but to no avail, so hopefully someone with more knowledge can help. When i try to run defender that happens. I have found a lot of similar stories to mine but with minor differences to my own issues so its hard to...
I too, was infected with Win 7 Antispyware 2012. I followed the recommendations posted including installing Malwarebytes Anti-malware. I also ran the checkup program recommended and here is the log: Results of screen317's Security Check version 0.99.28 Windows 7 x64 (UAC is disabled!) ...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 18:19.
Find Us