Over 1 million tech questions and answers.

Error found: Code 0x80244019. Windows Defender

Q: Error found: Code 0x80244019. Windows Defender

My browser searches keep getting redirected. I'm not sure which Hijack virus is present. This started last Wednesday after I opened an e-mail I should not have opened.info.txt logfile of random's system information tool 1.05 2008-12-22 13:29:34======Uninstall list======-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U-->C:\Program Files\Installshield Installation Information\{1002F322-18D1-4A79-95C8-84EA3E940287}\QBReplace.exe {1002F322-18D1-4A79-95C8-84EA3E940287}#{BB9C4072-0110-4192-A351-6DCEF8B67AFD}-->C:\WINDOWS\UNINST.EXE -f"C:\Program Files\Adobe\Illustrator 8.0 Tryout\DeIsL1.isu"-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infActivePerl 5.6.1 Build 638-->MsiExec.exe /I{D048A3AD-31D3-44A5-9D12-C4ADD3253B00}Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"Adobe Download Manager 2.3 (remove only)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe InDesign 2.0.2-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\InDesign 2.0\Uninst.isu" -c"C:\Program Files\Adobe\InDesign 2.0\Uninst.dll"Adobe Photoshop 6.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"Adobe Reader 6.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001}Adobe SVG Viewer 3.0-->C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.logAppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exeATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -cleanBlackBerry Desktop Software 4.2.2-->MsiExec.exe /I{75D6745B-2239-4182-A31F-F95CEBB35099}BlackBerry Desktop Software 4.2.2-->MsiExec.exe /i{75D6745B-2239-4182-A31F-F95CEBB35099}Broadcom 802.11 Driver-->C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfoccCommon-->MsiExec.exe /I{B24E05CC-46FF-4787-BBB8-5CD516AFB118}CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}Component Framework-->MsiExec.exe /I{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}Conexant AC-97 Audio-->CIAunwdm.exeConexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.infCorelDRAW Graphics Suite 12-->MsiExec.exe /I{505AFDC0-5E72-4928-8368-5DEA385E3647}DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYERDivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODECGroupMail :: Personal Edition-->"C:\Documents and Settings\WeGo\Application Data\unins000.exe"HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}HijackThis 2.0.2-->"C:\Documents and Settings\WeGo\My Documents\My Data\malicious code removal tools\HijackThis.exe" /uninstallHotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"HP Deskjet 3840-->msiexec /x{B1591C79-1C35-4E09-AA15-F7D6923AFB96}Icon Suite 2.1.11-->"C:\Program Files\Icon Suite\unins000.exe"ImageSkill Tile Builder 1 (Remove only)-->"C:\Program Files\Adobe\Photoshop 6.0\Plug-Ins\uninstall.exe"InBoxer for Outlook 1.3-->"C:\Program Files\InBoxer Outlook Addin\unins000.exe"InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALLIpswitch WS_FTP Pro-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\WS_FTP Pro\uninst.isu" -c"C:\Program Files\WS_FTP Pro\FTPInstUtils.dll"Ipswitch WS_Ping ProPack Uninstall-->C:\Program Files\WSPingPR\removepr.exe -f C:\Program Files\WSPingPR -d C:\Program Files\WSPingPR -g WS_Ping ProPackJava 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}KnockOut 2-->C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\Corel\KnockOut 2\UninstKO.isu"LiveUpdate (Symantec Corporation)-->MsiExec.exe /x {E80F62FF-5D3C-4A19-8409-9721F2928206} /l*v "C:\Documents and Settings\All Users\Application Data\LuUninstall.LiveUpdate"LiveUpdate (Symantec Corporation)-->MsiExec.exe /X{E80F62FF-5D3C-4A19-8409-9721F2928206}LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}Logitech Registration-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0009 -removeonlyLotus SmartSuite Release 9-->C:\WINDOWS\lunin11.exe /T SmartSuite /V 98.0 /I "c:\program files\lotus\suit.inf" /C "c:\program files\lotus\cinstall.ini" /O /L ENMacromedia Contribute 3-->MsiExec.exe /X{2388ED12-6A52-4325-8E7B-1A229914C1AE}Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}Macromedia Fireworks 8-->MsiExec.exe /I{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}Macromedia Fireworks MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E583ED6F-BD99-4066-A420-C815BF692B69}\Setup.exe" -l0x9 UNINSTALLMacromedia Flash 8 Video Encoder-->MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}Macromedia Flash 8-->MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}Macromedia Flash MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALLMacromedia FreeHand MXa-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939740B5-0064-4779-854A-8C1086181C05}\Setup.exe" -l0x9 UNINSTALLMacromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.logMacromediaDreamweaver MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstallMicrosoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}Microsoft ActiveSync 4.0-->MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}Microsoft Office Visio Professional 2003-->MsiExec.exe /I{91510409-6000-11D3-8CFE-0150048383C9}Microsoft Photo Info-->MsiExec.exe /I{08823E70-05FD-4CC3-8019-ABE5B85FC8BE}Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}Norton AntiVirus (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}_15_5_0_23\Setup.exe" /XNorton AntiVirus Help-->MsiExec.exe /I{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}Norton AntiVirus-->MsiExec.exe /X{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}Norton Ghost 9.0-->MsiExec.exe /X{3C759736-8347-4031-BB9C-D75ADFE6B101}Norton Protection Center-->MsiExec.exe /I{62120008-8E1E-4807-860D-A8B48F8552DB}Perl Builder 2.0-->C:\PROGRA~1\PERLBU~1\UNWISE.EXE C:\PROGRA~1\PERLBU~1\INSTALL.LOGPhotomatix Pro version 3.0.3RC2-->"C:\Program Files\PhotomatixPro3\unins000.exe"Print Server Driver-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Print Server\PTP\Uninst.isu"Quick Launch Buttons 5.00 C2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninstQuickBooks Pro Edition 2005-->C:\Program Files\Installshield Installation Information\{442E5922-1BB6-4EAA-893D-62291D87219A}\QBReplace.exe {442E5922-1BB6-4EAA-893D-62291D87219A}#{BA0FD89C-32B4-4D4E-A024-D2B071C84749}QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.logREALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVERoxio Media Manager-->MsiExec.exe /X{66D171AA-670F-4309-9C74-5BA7F7DBA0B3}Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"Security Update for Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"Security Update for Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"Site Map Pro 2.2-->"C:\Program Files\Site Map Pro 2.2\unins000.exe"Sorenson Squeeze 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A143FF0-BB9A-4A9C-A318-1688BA366BAE}\setup.exe" -l0x9 SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}Symantec KB-DocID:2003093015493306-->MsiExec.exe /I{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}Symantec Real Time Storage Protection Component-->MsiExec.exe /I{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstallTexas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{34F0AF1A-95B9-4E17-B8B5-CD1FE65CDFBD} Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"WebLog Expert 2.0-->"C:\Program Files\WebLog Expert\unins000.exe"WebPosition 3-->rundll32.exe C:\PROGRA~1\WEBPOS~1\FPUninst.dll,EntryPoint "C:\PROGRA~1\WEBPOS~1\UNWISE.EXE" "C:\PROGRA~1\WEBPOS~1\install3.log"WebPosition 4-->rundll32.exe C:\PROGRA~1\WEBPOS~2\FPUninst.dll,EntryPoint "C:\PROGRA~1\WEBPOS~2\UNWISE.EXE" "C:\PROGRA~1\WEBPOS~2\install4.log"Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAllWindows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"WinHTTrack Website Copier 3.40-2-->"C:\Program Files\WinHTTrack\unins000.exe"WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe======Security center information======AV: Norton AntiVirusFW: Norton AntiVirusSystem event logComputer Name: WEGO-TI1SWLDILPEvent Code: 7035Message: The LiveUpdate service was successfully sent a start control.Record Number: 69460Source Name: Service Control ManagerTime Written: 20081110161144.000000-300Event Type: informationUser: NT AUTHORITY\SYSTEMComputer Name: WEGO-TI1SWLDILPEvent Code: 51Message: An error was detected on device \Device\Harddisk1\D during a paging operation.Record Number: 69459Source Name: DiskTime Written: 20081110145036.000000-300Event Type: warningUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 51Message: An error was detected on device \Device\Harddisk1\D during a paging operation.Record Number: 69458Source Name: DiskTime Written: 20081110141722.000000-300Event Type: warningUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 51Message: An error was detected on device \Device\Harddisk1\D during a paging operation.Record Number: 69457Source Name: DiskTime Written: 20081110132256.000000-300Event Type: warningUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 7036Message: The Windows Image Acquisition (WIA) service entered the running state.Record Number: 69456Source Name: Service Control ManagerTime Written: 20081110124928.000000-300Event Type: informationUser: Application event logComputer Name: WEGO-TI1SWLDILPEvent Code: 0Message: Record Number: 42079Source Name: Roxio Upnp Server 9Time Written: 20081106115705.000000-300Event Type: informationUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 0Message: Record Number: 42078Source Name: RoxLiveShare9Time Written: 20081106115705.000000-300Event Type: informationUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 0Message: Record Number: 42077Source Name: RoxLiveShare9Time Written: 20081106115705.000000-300Event Type: informationUser: Computer Name: WEGO-TI1SWLDILPEvent Code: 34Message: The 'ccAppPlgMgr_2920' service is starting.Record Number: 42076Source Name: ccSvcHstTime Written: 20081106115703.000000-300Event Type: informationUser: WEGO-TI1SWLDILP\WeGoComputer Name: WEGO-TI1SWLDILPEvent Code: 35Message: The 'CLTNetCnService' service has started.Record Number: 42075Source Name: ccSvcHstTime Written: 20081106115646.000000-300Event Type: informationUser: NT AUTHORITY\SYSTEM======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"FP_NO_HOST_CHECK"=NO"NUMBER_OF_PROCESSORS"=2"OS"=Windows_NT"Path"=C:\Perl\bin\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH"PROCESSOR_ARCHITECTURE"=x86"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel"PROCESSOR_LEVEL"=15"PROCESSOR_REVISION"=0304"TEMP"=C:\TEMP"TMP"=C:\TEMP"windir"=%SystemRoot%"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\-----------------EOF-----------------Logfile of random's system information tool 1.05 (written by random/random)Run by WeGo at 2008-12-22 13:29:14Microsoft Windows XP Professional Service Pack 3System drive C: has 51 GB (67%) free of 76 GBTotal RAM: 2046 MB (65% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:29:31 PM, on 12/22/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0013)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeC:\WINDOWS\System32\GEARSec.exeC:\WINDOWS\system32\inetsrv\inetinfo.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exeC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeC:\Program Files\HPQ\Quick Launch Buttons\EabServr.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\QuickTime\qttask.exeC:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exeC:\WINDOWS\system32\NILaunch.exeC:\Program Files\Microsoft IntelliPoint\point32.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Microsoft ActiveSync\wcescomm.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exeC:\Program Files\Logitech\SetPoint\SetPoint.exeC:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeC:\PROGRA~1\MI3AA1~1\rapimgr.exeC:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\notepad.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Documents and Settings\WeGo\My Documents\My Data\malicious code removal tools\hijackthis.exeC:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXEC:\Program Files\Java\j2re1.4.2_05\bin\jucheck.exeC:\Documents and Settings\WeGo\Desktop\RSIT.exeC:\Documents and Settings\WeGo\My Documents\My Data\malicious code removal tools\WeGo.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://weather.canoe.ca/Weather/CityOshawaON.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocxO2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dllO4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exeO4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /StartO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeO4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exeO4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\system32\NILaunch.exeO4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeO4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hideO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exeO4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exeO4 - Global Startup: Lotus QuickStart.lnk = C:\Program Files\lotus\wordpro\ltsstart.exeO4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dllO9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dllO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dllO9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dllO9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dllO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dllO14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q105&bd=presario&pf=laptopO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222713758484O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.ca/downloads/BUM/B..._2/axofupld.cabO16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} (Kodak Gallery Easy Upload Manager Class) - http://www.kodakgallery.ca/downloads/BUM/B..._2/axofupld.cabO16 - DPF: {8D7AFAB7-42D6-4671-A53E-CD355673F026} (SonySncMView Control) - - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cabO16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://blacks.pnimedia.com/upload/activex/...upv2.0.0.11.cab?O17 - HKLM\System\CCS\Services\Tcpip\..\{4656DAAA-3BEB-449C-9135-985922963BAD}: NameServer =; - HKLM\System\CCS\Services\Tcpip\..\{E511EBE2-C244-4D26-804D-093226DD6E72}: NameServer =; - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer =; - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer =; - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer =; - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exeO23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXEO23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exeO23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exeO23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exeO23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exeO23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exeO23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe--End of file - 12705 bytes======Scheduled tasks folder======C:\WINDOWS\tasks\MP Scheduled Scan.jobC:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - WeGo.job======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx [2001-03-02 37808][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-06-20 116088][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-09-18 339968]"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-09-17 290816]"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-06-04 98304]"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-08-06 155648]""= []"Norton Ghost 9.0"=C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe [2004-11-22 1126400]"Net-It Launcher"=C:\WINDOWS\system32\NILaunch.exe [1998-02-05 24576]"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\point32.exe [2003-05-15 163840]"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-09-10 98395]"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-09-10 684123]"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe [2004-06-03 32881]"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-09-11 218032]"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-09-11 86960]"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-03-26 228088]"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-04-11 56080]"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]"osCheck"=C:\Program Files\Norton AntiVirus\osCheck.exe [2008-02-06 718704]"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]C:\Documents and Settings\All Users\Start Menu\Programs\StartupAcrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exeAdobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeAdobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeLogitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exeLotus QuickStart.lnk - C:\Program Files\lotus\wordpro\ltsstart.exeQuickBooks Update Agent.lnk - C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]C:\WINDOWS\system32\Ati2evxx.dll [2004-09-14 86016][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger""C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe:*:Enabled:Dreamweaver MX 2004""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager""C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application""C:\Program Files\WS_FTP Pro\wsftppro.exe"="C:\Program Files\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application""C:\Program Files\Sorenson Media\Sorenson Squeeze 4\Squeeze.exe"="C:\Program Files\Sorenson Media\Sorenson Squeeze 4\Squeeze.exe:*:Enabled:Squeeze Application""C:\Program Files\Macromedia\Fireworks MX 2004\Fireworks.exe"="C:\Program Files\Macromedia\Fireworks MX 2004\Fireworks.exe:*:Enabled:Macromedia Fireworks MX 2004""C:\Program Files\Macromedia\Contribute 3\Contribute.exe"="C:\Program Files\Macromedia\Contribute 3\Contribute.exe:*:Enabled:Contribute""C:\Program Files\WS_FTP Pro\ftp95pro.exe"="C:\Program Files\WS_FTP Pro\ftp95pro.exe:*:Enabled:WS_FTP 95""C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe: RAPI Manager""C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe: RAPI Manager""C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe: Connection Manager""C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe: Application""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ed7f454-d226-11d9-8314-00c09f6f97fa}]shell\AutoRun\command - E:\JDSecure\Windows\JDSecure20.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92e1e8db-a699-11dd-91bd-00c09f6f97fa}]shell\AutoRun\command - E:\Launch.exe /run======File associations======.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1".js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"======List of files/folders created in the last 1 months======2008-12-22 13:29:14 ----D---- C:\rsit2008-12-22 00:49:37 ----D---- C:\WINDOWS\WBEM2008-12-22 00:47:54 ----HDC---- C:\WINDOWS\ie72008-12-22 00:47:36 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$2008-12-22 00:46:52 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$2008-12-21 22:52:11 ----D---- C:\Program Files\Windows Defender2008-12-21 22:52:05 ----SHD---- C:\Config.Msi2008-12-17 16:39:53 ----RSHD---- C:\resycled2008-12-17 16:38:55 ----D---- C:\Program Files\ImageSkill2008-12-11 02:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$2008-12-11 02:36:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$2008-12-11 02:35:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$2008-12-11 02:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$2008-12-11 02:34:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$======List of files/folders modified in the last 1 months======2008-12-22 13:29:16 ----D---- C:\TEMP2008-12-22 13:27:36 ----D---- C:\WINDOWS\Prefetch2008-12-22 09:05:57 ----D---- C:\WINDOWS\system32\inetsrv2008-12-22 07:22:50 ----D---- C:\WINDOWS\system322008-12-22 07:22:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2008-12-22 07:20:24 ----SD---- C:\WINDOWS\Tasks2008-12-22 07:19:07 ----D---- C:\WINDOWS\system32\CatRoot22008-12-22 03:42:12 ----A---- C:\WINDOWS\SchedLgU.Txt2008-12-22 00:53:03 ----D---- C:\WINDOWS2008-12-22 00:51:50 ----RSHDC---- C:\WINDOWS\system32\dllcache2008-12-22 00:51:50 ----HD---- C:\WINDOWS\inf2008-12-22 00:51:50 ----D---- C:\WINDOWS\Help2008-12-22 00:51:50 ----D---- C:\Program Files\Internet Explorer2008-12-22 00:49:49 ----D---- C:\WINDOWS\system32\config2008-12-22 00:49:37 ----D---- C:\WINDOWS\system32\en-us2008-12-22 00:49:27 ----D---- C:\WINDOWS\Media2008-12-22 00:47:40 ----A---- C:\WINDOWS\imsins.BAK2008-12-22 00:46:03 ----HD---- C:\WINDOWS\$hf_mig$2008-12-22 00:17:43 ----D---- C:\Documents and Settings\WeGo\Application Data\InBoxer2008-12-21 22:52:25 ----SHD---- C:\WINDOWS\Installer2008-12-21 22:52:11 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft2008-12-21 22:52:11 ----D---- C:\Program Files2008-12-21 22:52:06 ----D---- C:\Program Files\Microsoft AntiSpyware2008-12-19 11:56:05 ----D---- C:\Program Files\Common Files\Symantec Shared2008-12-17 23:06:38 ----SHD---- C:\System Volume Information2008-12-17 23:06:38 ----D---- C:\WINDOWS\system32\Restore2008-12-17 17:50:09 ----A---- C:\WINDOWS\lvlight.ini2008-12-17 16:39:54 ----D---- C:\WINDOWS\system32\drivers2008-12-11 09:51:04 ----D---- C:\WINDOWS\system32\wbem2008-12-11 02:38:11 ----A---- C:\WINDOWS\win.ini2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe2008-12-09 11:32:29 ----A---- C:\WINDOWS\wsftppro.INI2008-12-08 23:13:28 ----D---- C:\Program Files\Hewlett-Packard======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []R1 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2004-07-29 14384]R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]R1 PQIMount;PQIMount; C:\WINDOWS\system32\drivers\PQIMount.sys [2004-11-22 46800]R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-01-31 279088]R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-01-31 43696]R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-06-13 184240]R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-09-14 789504]R3 BCM43XX;BCM 802.11b Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-08-04 341760]R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-28 292864]R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-28 276480]R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-06-10 1041536]R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-06-10 200064]R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081221.034\NAVENG.SYS []R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081221.034\NAVEX15.SYS []R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-18 5888]R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-28 69760]R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-13 79232]R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-06-13 13616]R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-06-13 96432]R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-06-13 38576]R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20081220.001\SymIDSCo.sys []R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-06-13 37424]R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320]R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-09-10 188352]R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-08-30 85504]R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-06-10 684800]S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys []S3 cpqeth;Compaq Ethernet PCMCIA LAN Card Driver; C:\WINDOWS\system32\DRIVERS\cpqndis5.sys [2001-08-17 21533]S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2003-05-15 19072]S3 RimUsb;BlackBerry Device; C:\WINDOWS\System32\Drivers\RimUsb.sys [2006-11-07 22272]S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-01-31 317616]S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-09-14 389120]R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968]R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 GEARSecurity;GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [2004-07-29 53248]R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15360]R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]R2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2004-11-22 1273856]R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15360]R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-13 15360]R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-06-20 1245064]S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-03-25 359160]S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2007-03-26 310008]S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-03-26 166648]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-07-27 98304]S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-08-04 3220856]S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2005-05-28 69632]S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-03-25 88824]S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 1010424]-----------------EOF-----------------

Preferred Solution: Error found: Code 0x80244019. Windows Defender

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Error found: Code 0x80244019. Windows Defender

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I may ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on Download_mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.Make sure that everything is checked, and click Remove Selected.When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply and exit MBAM.Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.Also post a new RSIT log.

Read other 7 answers

apparently there is a big problem going around.....

windows vista....

windows defender error code 0x80244019

Thank you for your help its greatly appreciated


Hello Verrego,

This error is sometimes related to a Trojan Virus. I would recommend that you run a very thorugh antivirus and spyware scan to be safe. This may also be of help with this.

Unexplained computer behavior may be caused by deceptive software

Hope this helps,

Read other 13 answers

DDS (Ver_09-02-01.01) - NTFSx86
Run by Hairusani at 15:25:37.28 on Fri 06/02/2009
Internet Explorer: 8.0.6001.17184 BrowserJavaVersion: 1.6.0_11
Microsoft? Windows Vista? Home Premium 6.0.6001.1.1252.1.1033.18.2045.850 [GMT 9:00]

AV: Norman Virus Control ver. 5.99 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Program Files\Norman\Npm\Bin\elogsvc.exe
C:\Program Files\Norman\Npm\Bin\Zanda.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\sys... Read more

A:window defender error code:0x80244019

Welcome to the BleepingComputer Forums. Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Please post the contents of log.txt. Thank you for your patience.Please see Preparation Guide for use before posting about your potential Malware problem. If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped. Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so. While we are working on your HijackThis log, please: Reply to this thread; do not start another! Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. Do not run any other tool until instruc... Read more

Read other 2 answers

I get the message reading: This website has encountered a problem and cannot display the page. The error code is 0x80244019. I can't find help in the XP FAQ for this one. Anyone know what I need to do to get my Windows updates after having to do system recovery yesterday? Thanks.

A:windows error code 0x80244019

MS' words of wisdom can be found here. I've been having problems using Windows Updater lately. I can't be bothered to fix it as I update manually anyway. I start IE, google Windows Update and click the link. May not work for everyone.PS: I read the article and started the Background Intelligent Transfer Service in Automatic and my updater is now running. I suggest you try doing that first rather than going through all the other MS steps. Thanks for your help!!

Read other 2 answers

Hi I wonder if anyone can help i cant get updates from microsoft.Have posted the 3 files below. Thanks for any help.Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4551Windows 6.0.6002 Service Pack 2Internet Explorer 8.0.6001.1894305/09/2010 22:12:43mbam-log-2010-09-05 (22-12-43).txtScan type: Full scan (C:\|D:\|)Objects scanned: 324218Time elapsed: 1 hour(s), 32 minute(s), 21 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected)Logfile of random's system information tool 1.08 (written by random/random)Run by fallows at 2010-09-05 23:43:29Microsoft? Windows Vista? Home Basic Service Pack 2System drive C: has 57 GB (50%) free of 114 GBTotal RAM: 3037 MB (65% free)Logfile of Trend Micro HijackThis v2.0.4Scan saved at 23:43:48, on 05/09/2010Platform: Windows Vista SP2 (WinNT 6.00.1906)MSIE: Internet Explorer v8.00 (8.00.6001.18943)Boot mode: NormalRunning processes:C:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows�... Read more

A:Defender - Error found: Code 0x80072efe also windows update

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you... Read more

Read other 3 answers

I cannot update either windows defender or just general windows updates. Even somtimes my antivirus (kaspersky 2009) turns itself off and i cant turn it back on without restarting my laptop. Im running vista. I need help with this badly, its been happening over a month now. Anybody have any ideas? Because I cant figure it out

A:Code error 0x80244019 Please Help!!!!!

Read other 16 answers

Hello, I recently have become a member so please bear with me as I am a newbie. I was hoping to get help with this error code I just recently notice while trying to get a defender update. I also have notice computer running slow, pages taking forever to load, or not loading at all. I would appreciate any advice at all, and will take all means necessary to keep my computer running clean and uninfected.

Read other answers

Dear Tech Guy,

Firstly, thank you (Flrman1) for your excellent support with my previous problem. You are a credit to the Internet.

Secondly, my new problem. Everytime I start up my girlfriend's (Chinese) laptop, it has this error message:

"Application failed to initialize: 0x800106ba. A problem caused Windows Defender to stop. To start the service, restart your computer or search Help and Support to start a service manually."

How can I get rid of it, and is Windows Defender important, given that it never initialises anyway?

Thanks in advance.


A:Another Windows Defender Error Code

Read other 7 answers

when i try to turn on windows defender i get a message that says windows defender is turned off with a link that says "turn on and open windows defender." when i click on this link it says "windows defender encountered an error: 0x80070424. the specified service does not exist as an installed service." when i downloaded and tried to install the windows defender software it says "you do not need to install this software because windows defender is included in windows vista. you can access windows defender from the security section of the windows control panel." but of course i can't do this because of the error code. any help will be greatly appreciated. thanks

A:windows defender error code 0x80070424

to Bleeping Computer Forums Download MiniToolBox and run the program. SelectList Last 10 Event Viewers, List Installed Programs and List Users, Partitions and Memory Size then click Go.A notepad will open then copy-paste the report on your next reply. Download then runFarbar Service Scanner and checkmark all boxes.Click Scan and then a Notepad text will open. Copy-Paste the report on your next reply.

Read other 1 answers

hi -
this is my first post so please excuse any faux pas.  my windows defender won't run and/or runs and gets stuck.  error code 0x8007139f displays sporadically.  i have run Malwarebytes, Microsoft Malicious Software Removal Tool and Microsoft Safety Scanner - all report no infections.  i am using windows 8.1 64 bit.  please let me know if i need to provide more info.  thank you.

A:need help with windows defender error code 0x8007139f

Hello, please do the following:Go to Piriform's website, and click the big button.Next, click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version.You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.Once inside Speccy, it will look similar to this (with your computer's specifications, of course):Now, at the top, click File > Publish SnapshotYou will see the following prompt:Click Yes > then Copy to ClipboardNow, once you are back in the forum topic you are posting in, click the button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.Next:Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:List last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory size.List Minidump FilesList Restore PointsClick Go A copy of Result.txt will be sa... Read more

Read other 1 answers

In attempting to fix my email display, I discovered Windows Defender is not turned on, and cannot be turned on. I have looked for MSE in my Programs list and don't see it. In addition, when I click on Windows Defender in the Control Panel, it shows its last scan December 12, 2011- 1 year ago.

I do have the Windows 7 Home Premium Install Disc. Can I just reinstall Windows 7? If so, what prep do I need to do?
If I do that, do I need to search out any malware, viruses, trojan etc?
Another option is to install MSE, but I may not be looking in the right place to see whether it is in fact installed, and has turned off Defender.

I did have the trojan horse: trojan.win32.agent.hip 2 weeks ago, but the tech help at StopSign/eAcceleration which is my virus protection said this was a false positive. It was caught by Stop Sign and quarantined.

I also run Malwarebytes and all scans are clean.

A:Windows Defender error code Ox80070424

Please read this.
Encyclopedia entry: Trojan:Win32/Agent - Learn more about malware - Microsoft Malware Protection Center

I don't think much of this Stop Sign Antivirus program.
Some questions.
1. Do you want a clean install?
2. Do you want to check your computer for infections and clean them out?
My suggestion would be a Clean install because who knows what this Stop Sign program has done to your computer.

Read other 3 answers

When trying to update I get an error code 0x80241001

What does it mean and how do I fix it?

Thanks in advance

A:Windows Defender Error Code 0x80241001

Empire2500 said:

When trying to update I get an error code 0x80241001

What does it mean and how do I fix it?

Thanks in advanceClick to expand...

Empire2500, Microsoft has a solution to this problem, and it worked for me just a few minutes ago. Go to this Knowledge Base link. I used the second method listed, and it fixed the problem automatically.

Read other 1 answers

Defender will not run. Displays error code 0x800106a. Help!

A:Windows Defender Error Code 0x800106a

Hi and welcome to TSF I believe this is your error Error message when you run Windows Defender: "Error Code 0x800106ba"

Read other 1 answers

I've read nearly all the other threads concerning this. I've also picked up the Microsoft article 931849. I've followed the instructions to delete Windows Defender; however, it is not even listed among the programs installed on my pc......can't uninstall something that's not there. So, I tried to download Windows Defender software, and run it to see if it would correct the problem. The installation stopped because "Windows Defender already exists on your pc as part of VISTA."

Is there a quick fix to simply blow Windows Defender away. I'm using other spyware software anyway. If I simply close the error message window after VISTA boots, everything runs fine. Any solutions?

Read other answers

So I was just using my computer normally when I got a popup that Windows Defender's definitions needed to be updated. As usual, I pressed to update but unfortunately it came up with an error, claiming it could not find an update. Tried to manually update the definitions; the definitions did not run. Worst case scenario, thought something went wrong with my computer.
I ran RKill and this is the log that it popped up with
Rkill 2.7.0 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 08/18/2016 10:15:23 AM in x64 mode.
Windows Version: Windows 8.1 
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * No malware processes found to kill.
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
  * HKCU\SOFTWARE\Classes\exefile has been deleted!
Performing miscellaneous checks:
 * No issues found.
Checking Windows Service Integrity: 
 * No issues found.
Searching f... Read more

Read other answers

hi The family pc came down with something? On windows defender it says error code 0x8007000e can't update definition files. does anyone know what might me wrong with the program. I've tried to uninstall and reloading but nothing. Any clues would help. THANKS.

A:Solved: Windows Defender Error Code

I don't use Defender, but see if this will help you.
Defender code 0x8007000e

Read other 3 answers

Every time I restart my computer I have error code 0x800106b.a. Does anyone else have this problem? Is it a conflict with McAfee or a signature problem?

A:windows defender error code 0x800106b.a.

Hello Allen,

To fix problem with Defender follow this:
Press WinKey or click Start button and type services in the search box, right click Services and Run as administrator. In the Services window scroll down to the Windows Defender, then right click it and click Properties. In the Startup type tab select Automatic, click Apply and OK. Reboot your computer, Done.


Read other 1 answers

I can not start windows defender and im receiving an error code of 577 when i try to star from the services screen. I have downloaded the frst64.exe and have run it and have the log files. was wondering if there is anyone that can help. 

A:windows defender will not start. getting error code 577

I have done some more exploring into the problem. I am unable to change in permissions in the windows defender. it says access denied.  I have tried to change the permissions by going under the registry settings under windows defender and give myself full control but it says access denied. I cant seem to get around this.

Read other 14 answers

hello everybody,
I dusted of my laptop that I haven't used in quite sometime due to a common over-heating issue that's associated with my model. I finally got the courage to tear into it to re-paste the processors with thermal compound and to clean out the cooling fans. Over-heating issues have been resolved. I updated everything and un-installed Malwarebytes and Spybot Search & Destroy thinking it was interfering with Win Defender, but still getting the error code. I would like to get Windows Defender working simply because it would be a run and forget anti-malware program. Besides getting the error code for Windows Defender I believe my laptop is working fine and without any other issues. Any help will be greatly appreciated.

 FRST.txt   80.74KB

 Addition.txt   55.51KB

A:Windows Defender error code 0x80070424

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===QUOTED FROM THIS ARTICLE.http://answers.microsoft.com/en-us/protect/forum/mse-protect_start/windows-defender-and-microsoft-security-essentials/5309cb8d-02e1-40e8-974f-0dcedb9ab9fd?auth=1Q: Is Microsoft Security Essentials (XP/Vista/7)designed to replace Windows Defender?A: No but if you are running Microsoft Security Essentials, you do not need to run Windows Defender. Microsoft Security Essentials is designed to disable Windows Defender in order to manage the PCs real-time protection, including anti-virus, rootkits, Trojans and spyware.The computer is clean of malware.This fix will only remove the Empty registry items.You should also update your Java.===Press the windows key + r on your keyboard at the same time. This will open the RUN BOX.Type Notepad and and click the OK key.Please copy the entire contents of the code box below to the a new file. 


[B]SearchScopes: HKLM -> {FBF5129C-1925-491B-8753-60150F99ED35} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=ushpl
Toolbar: HKU\S-1-5-21-1058102753-2412789620-2286334768-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsof... Read more

Read other 4 answers

No matter what I try am told something else; I need ie framwork 2 it then I am told; I need framwork 3.5; how can I download 3.5 if I can not download 2. micosoft said 99.00 $ to help; I do not have it. this is the only way I have to keep in touch with people out of state! Tech Support Guy System Info Utility version
OS Version: Microsoft Windows XP Home Edition, Service Pack 2, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 1015 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 64 Mb
Hard Drives: C: Total - 76285 MB, Free - 58468 MB; D: Total - 76285 MB, Free - 67614 MB;
Motherboard: Dell Computer Corp., 0G1548
Antivirus: None

A:windows xp update;Error number: 0x80244019]

flyingtolo said:

No matter what I try am told something else; I need ie framwork 2 it then I am told; I need framwork 3.5; how can I download 3.5 if I can not download 2. micosoft said 99.00 $ to help; I do not have it. this is the only way I have to keep in touch with people out of state! Tech Support Guy System Info Utility version
OS Version: Microsoft Windows XP Home Edition, Service Pack 2, 32 bit
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz, x86 Family 15 Model 2 Stepping 9
Processor Count: 1
RAM: 1015 Mb
Graphics Card: Intel(R) 82845G/GL/GE/PE/GV Graphics Controller, 64 Mb
Hard Drives: C: Total - 76285 MB, Free - 58468 MB; D: Total - 76285 MB, Free - 67614 MB;
Motherboard: Dell Computer Corp., 0G1548
Antivirus: NoneClick to expand...

Read other 3 answers

Every time i try to update my vista i get this Error number: 0x80244019 in Windows Update, how do i fix this. Also been having problems updating pretty much anything that has to do with virus protection or spyware protection.

A:Error number: 0x80244019 in Windows Update

Google-search the error code. You will find TONS of solutions to try. You will also need the exact error(s) to help with your other problem.

Read other 1 answers

i noticed from last few days i m not able to update my win defender on my win 8.1
some kind of error message shows
error code 0x80004004
tried running sfc scan it find files that cant be fixed by it

A:Windows Defender update error code 0x80004004

anyone can help....

Read other 3 answers

I've been dealing with what I think is an infection, and working with a moderator on this forum to get rid of it. One of the issues I'm having is Windows Defender would not turn on. He showed me how to get the registry key fixed, and I can now open Defender, but it won't update. Anytime I try, I get error code 0x80096001.
Also I'm having issues with Windows Update. I tried to install 2007 Microsoft Office SP3, MS Office Compatibility SP3, and KB2393802, and I get the error message each time and the install fails. I've tried it numerous times with the same results. I tried MicrosoftFixIt, and it showed two issues with Windows Update that it repaired, but I still can't download those updates. Also I've googled the error code, which is where I found the MSFixIt.
Thanks for any help!

A:Error code 0x80096001 when using Windows Update or Defender

You currently have an open malware topic at http://www.bleepingcomputer.com/forums/topic431990.html/page__p__2506051#entry2506051 .Now that you have posted a malware log topic, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.I... Read more

Read other 1 answers

I'm running Windows 7, and I get Error code 0x80070422 when I try to enable Windows Defender.
Possibly related: I also can't enable Windows Firewall (I select "use recommended settings," and nothing happens), and when I run the firewall fix it diagnostic from http://support.microsoft.com/mats/windows_firewall_diagnostic/, I get "we're worry, but the program encountered an error trying to contact the server. Please try again later. [Code 80092009]"
Any help would be greatly appreciated. Thanks!

A:Can't start Windows Defender: Error code 0x80070422

Hi wmm,
Can you give a little input as to when this started happening?  Infections can make this happen as well.
1. Click on start, type Services.msc and click enter
2. Click Windows Defender Service
3. Right Click and Go to Properties
4. Start the service and also make it Automatic.
Additionally, you might want to download Malwarebytes Anti-Malware and do check for malware just in case.
Hope it helps

Read other 5 answers

After restarting my computer, Windows action center has announced that my spyware protection and virus protection were disabled. Windows defender no longer appeared in Control panel.
MsMpEng.exe process is running via task manager and Windows defender services are still working as I see in services.msc. But the services are grayed out that means the services cannot be edited.
I do not have any other malware or anti virus installed in my PC before the error occured.
I've tried malwarebyte anti-malware, tdsskiller, adwcleaner, hitman and also malwarebytes anti-rootkit. Tdsskiller and hitman found nothing. adwcleaner and malwarebyte found threats, after removing those and reboot windows defender still couldn't start.
I have tried malwarebyte anti-rookit also, a first scan found nothing, then I reboot and scan it second time but still found nothing.
I hope to get instructions. Thank you.

A:Windows Defender cannot open. Error code: 0x80073b01

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

Read other 11 answers

so tell me solution for thi sproblem

A:windows defender not starting ans showing error code:0x80070424

From you log.

WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist

This is strange.

The service key does not exist

The key that does not exist should of been install when Windows 7 Ultimate was installed.

How long has Ultimate been installed and where did you get Ultimate from?

Have you activated Windows 7 Ultimate on this computer?

Read other 2 answers

Hello. I am experiencing trouble with my HP Windows 7 64Bit laptop. I noticed some changes back in December but thought it was because I received a new modem/router from ATT. I am always being redirected when I click on a link or have adware pop up. I use Google Chrome and installed an AdBlocker but it doesn't help. Also, I run spybot and CCleaner each week and SuperAntispyware and Uniblue registry booster everyday. When I click on Window Firewall, I get the following message: Windows Firewall can't change some of your settings error code 0x80070424I ran the Fix it tools, but it sent me to an online forum for more help. From there I found out that my Window Defender and Windows Security Essentials were also not working. I was able to install WSE but I am getting the same error code for Window Defender. Windows Security Essentials ran and found some issues and said it needed to restart to clear out the issues. However, during the restart, it tells me that it has encounter a problem and must reboot. On the forum, I read that I am most likely infected with a root kit virus. I have a folder called system64 C:/WINDOWS/SYSTEM64 and a file called consrv.dll C:/WINDOWS/SYSTEM32/CONSRV.DLLI. On another site, they asked for me to run Malwarebytes,OLT,TDSSKiller, and MBRCheck. This programs ran but the WSE popped up and rebooted my computer again, which puts me back to where I started.I went back to the forum and was redirected here. I tried to follow the Preparation Guide but r... Read more

A:Error code 0x80070424 Windows Firewall and Windows Defender are disabled

On the forum, I read that I am most likely infected with a root kit virus. I have a folder called system64 C:/WINDOWS/SYSTEM64 and a file called consrv.dll C:/WINDOWS/SYSTEM32/CONSRV.DLLI.DownloadaswMBRLaunch it, allow it to download latest Avast! virus definitionsClick the "Scan" button to start scan.After scan finishes,click on Save logPost the log results here

Read other 5 answers

Issues - I can't get sfc /scannow to fix Windows Defender (errors at 96% saying "Windows Resource Protection could not perform the requested operation." and when I try to run it - c:\program files\windows defender (specified path does not exist - MSASCui.exe)
I also have the issue that when I try to download any file from the Internet I get an error from Windows Defender (I believe) that says the file is infected with a virus and was deleted.
I had McAfee loaded on the machine, with a yearly subscription, but they said this issue was not covered by their software and demanded $79.99 to remove the infection.  I refused.  I have cancelled my subscriptions with them.  I removed McAfee software today hoping I could fix the issue and then install a free version of Norton provided by Comcast.
I tried running a few of the programs listed for the ZeroAccess malware but was not successful in getting it removed.  The DDS.COM program I used was downloaded in Nov 2012 (worked with someone using RogueKiller V8.3.1 [Nov 26 2012] ).   The following is the log file and I attached the Attach.txt file. 
I ran Adwcleaner, FSS, FSRT and rkill.  One of the logs said "ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender"  I also tried running TTDSKILLER.exe (nothing found), MalwareBytes Anti-Malware (free) and nothing found.
Please let me know when ... Read more

A:All downloaded files error saying there is a virus found via Windows Defender

Greetings and to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
A few points to cover before we start:
Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
Make sure to read my instructions fully before attempting a step.
If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
Important information in my posts will often be in bold, make sure to take note of these.
I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
Lets get going now
Hi Wolfe_671,
Please post the logs which were created when you ran FRST; these will be called FRST.txt and Addition.txt, and were created in the same place you ran FRST.
To recap, in your next reply I would like to se... Read more

Read other 6 answers

Hi! Recently I was trying to allow access to one of my programs in firewall, firewall says it needs to switch to default settings, so I click it, it shows "Windows Firewall can't change some of your settings. Error code 0x80070424. Ive looked for a long time trying to find a solution, and from what ive gathered, I have malware (that I might have got rid of) that might have deleted these (they do not exist in the services list), but I am not positive, I am willing to try anything, please help
 error code help pic.png   115.48KB
 services error code help pic.png   130.44KB

A:Error Code 0x80070424 with windows firewall and windows defender

I do not see Windows Firewall on your startup services needed for enabling. What happens prior to this?

Read other 3 answers

Windows Defender in Windows 7 OS
Error Code 0x800704ec
Won't allow me to open it due to a group policy is apply by the administrator which I check don't exist
I try every kind of Antivirus programs and spyware, malware security removal program and I also try to fix the group policy which it don't exist.
I'm RogerRogerC

A:Windows 7 Defender won't open because a group policy issue and error code is 0x800704ec

Please try the suggestions from the link below to check whether Windows Defender can be started.
Error message trying to start Windows

Read other 6 answers

i have Vista Basic edition
a few weeks ago i opened an email on my laptop that i shouldnt have

i've got a virus or something now that redirects all my google and yahoo searches, it wont let windows defender update, and for a while had my computer completely at its knees by crippling my browser completely, and not allowing the vista systems disk to crash my computer and just start off a'new.

THAT has been resolved, but there are still some problems that are seeping through more and more

i have the free version of avast! i've run hijackthis and advanced systemcare

i've got my browsers up and working again, i havent tried to wipe the computer clean yet cause i really dont want to lose everything i have.

currently, as i've stated search engines redirect all my searches to bullbleep ads and other sites trying to get me to download crap
and windows defender cannot update

it says that it cant check for updates and says error code: code 0x80244019

when i run systemcare and it hits security analyzer it says that there is a problem and gives me "suggestions" but seeing as im not a computer expert i dont know what to do with it

please help i really would like to have my computer running like its healthy self self again
thank you in advance for any help i receive
and if there is anything i wasnt very clear on please let me know, im really bad at explaining things and will try again

A:windows defender error code 0x90244019 [computer infected with virus or malware]

Welcome to BCTHAT has been resolved, but there are still some problems that are seeping through more and moreYou are still infectedThe process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button. The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When ... Read more

Read other 3 answers

When I try to install Windows Vista SP1 by window's update, it gives me the error: WindowsUpdate_8024200D. I've checked the Window's help program that automatically comes up and the code isn't in there. I checked through Microsoft.com and I didn't find anything on this code. Does anyone know what to do?

A:Wierd error code not found by Windows help


Read other 7 answers

When I boot my Dell Demension 4550 Pent4, 2.00 GHZ, it says to hit F1 to reboot and keeps looping. I ran an diagnostic and received the following error code: 0F00: 1342 'Msg Block 0 address not found' I'm able to read the 'C' drive thru a DOS prompt.

Does anyone know how to repair this error or should I just do a re-install of Windows XP???

A:Windows XP boot problem/error code 'Msg Block 0 Address not found'

Some say disabling the floppy A: drive in BIOS fixes the issue. Not sure if itll work but if you do decide to reinstall windows you can do a repair install instead which will leave all your documents and programs intact.

Just make sure after doing so you update windows as all updates will be lost in the repair install.


Read other 2 answers


DDS (Ver_09-03-16.01)

Microsoft? Windows Vista? Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 3/17/2008 5:58:37 PM
System Uptime: 3/31/2009 5:31:54 PM (19 hours ago)

Motherboard: Dell Inc. | | 0RY007
Processor: Intel® Celeron® CPU 420 @ 1.60GHz | Socket 775 | 1596/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 139 GiB total, 55.296 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 8.41 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP272: 3/19/2009 9:21:56 PM - Device Driver Package Install: Motorola Universal Serial Bus controllers
RP273: 3/19/2009 9:29:13 PM - Device Driver Package Install: Motorola Ports (COM & LPT)
RP274: 3/21/2009 3:09:27 PM - Installed Motorola Software Update
RP275: 3/23/2009 7:39:10 AM - Installed
RP276: 3/23/2009 8:11:01 PM - Scheduled Checkpoint
RP277: 3/25/2009 1:33:53 PM - Installed Java™ 6 Update 13
RP278: 3/25/2009 1:40:38 PM - Removed Java™ 6 Update 13
RP279: 3/26/2009 8:58:31 AM - Scheduled Checkpoint
RP280: 3/26/2009 11:06:27 AM - Installed Java™ 6 Update 13
RP281: 3/26/2009 11:25:11 AM - Removed Java™ 6 Update 13
RP282: 3/26/2009 11:27:04 AM - Installed Java™ 6 Update 13
RP283: 3/26/2009 6:09:55 PM - Removed ... Read more

A:error 0x80244019

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructio... Read more

Read other 2 answers

Computer Specs:
Hp DV6-1355dx
Windows 7 64Bit Ultimate
Intel Core 2 Duo 2.20Ghz processor
4Gb Ram

Hey guys thanks a lot for strolling through, I truly appreciate it and hope with everyones assistance this issue will get resolved. So here's my issue; have I've found that everytime I have allowed windows update to install anything that has had to do with security, following the updates I have always run into the BSOD resulting in restoring my computer to an earlier date. Well this time, things are a bit different.

Whenever my computer has seemed to start to choke up, and really begins to lag, from things as simple as maximizing a minimized window, and it taking about 20 seconds for it to do so, the BSOD is coming. Heres an example of one:
Ill be honest with you guys, I dont know how to interpret what the cause of it is, nor do I know where people find it,(event viewer logs?) but surprisingly I've worked on computers all my life really.
So heres the issue:
Computer completely froze up on me this time, cursor wouldn't react nothing, BSOD, then I found myself in A continuous looping failure of Windows Start up Repair, unable to actually load windows. I tried repairing the device by booting off my windows 7 disk and this is the error I keep getting:

by the way let me add that theres no restore point (of course right....) so that wasn't an option...

Now if im not mistaken that will be translated further in my logs file? Ive honestly really never known how to go about ... Read more

A:Problem with Bootable "Windows Defender Offline" utility error code 0x

no one?? :/
how about if I just delete the boot folder?

Read other 3 answers

Hi! This is my first time here at Bleeping Computer. I am having 3 different computer problems: 2 of them are on my desktop computer which has Windows XP & 1 is on my laptop which has Windows 7. Here is the first problem. I want to use Windows Update to upgrade from Service Pack 2 to Service Pack 3, but every time I try the update, it says that "the website has encountered a problem and cannot display the page you are trying to view". It also shows it's because of the error number that you see as the title of the post. I've been having this problem for the last week. I am asking for your help.

A:Error number: 0x80244019

You are a couple of years late...to download SP3 via Windows Update...but you can download it manually and install it from your desktop.



Read other 6 answers

how to fix
error code 0x80070424 defender

A:error code 0x80070424 defender

80070424 usually means that the BITS service (required by Windows Update) isnot running.Type services.msc in the start search box, click on the icon. When the window opens, right click on Bitlocker, choose properties and set it to manual. Make sure its started.

Read other 4 answers

hi i used a tool to remove Norton - have tried everything

cant start Defender and cant install MSE

looking for a specific fix to my issue

lap top is Sony VAIO E series

A:cant start defender cant install MSE error code:0x8004FF91


Let me see if I understand the issues...

You removed what, Norton AV?

As a result, now, Windows Defender does not start?

After removing Norton AV, you also are not able to install MSE?

One at a time..on Windows Defender:

1. Have you run services.msc, opened Services Manager, and see if the Windows Defenderservice is started and set to Automatic?

2. Did you check the Windows Management Instrumentation (WMI) repository?
It allows management information to be shared between management applications.

Restarting the WMI repository may help:

Open a Command Prompt (Start > All Programs >Accessories > Command Prompt), right-click, and select: Run as Administrator

Copy/paste the following (with the mouse) at the prompt, and press Enter:

winmgmt /verifyrepository

If you get a message “WMI repository is not consistent”, enter the following command at the prompt:

winmgmt /salvagerepository

This action performs a consistency check on the WMI repository.

Restart the computer and try enabling Windows Defender.

If you get the following message:

winmgmt /salvagerepository failed

Ignore the message, and once again run the following at the command prompt:

winmgmt /salvagerepository

Try Windows Defender again.

Read other 9 answers

I am trying to stop Mozilla Firefox 3.6.3 from redirecting me to other website. For example, I went to your web address and while I was logging in, I was redirected (new tab) to another website saying that I won some type of prize. This has been happening over the past few days and after I got the virus Anti-Spyware Soft, which has been removed via this website through a previous post in "A I infected? What do I do?" It always seems to redirect when I first get on the computer, but once when I did a Google search and tried to select a website it would not send me to it and redirected me to another miscellaneous site. I have completed steps 6 through 9 in the "Preparation Guide," and I am now posting my DDS.txt, ark.txt, and Attach.txt. What is the next step? I also cannot update windows defender. I get a code error of 0X80072efe.DDS (Ver_10-03-17.01) - NTFSx86 Run by Douglas Cypher at 9:39:48.01 on Sun 06/13/2010Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.41 [GMT -7:00]AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched... Read more

A:Getting redirected to other websites using Mozilla Firefor 3.6.3 & Window Defender Code Error 0X80072efe

Hi,If you still need help with this post fresh dds logs, please.

Read other 12 answers

The other day this message appeared when I started my computer. All I can find about it is related to running XP. I run Vista and the W D is a pre-installed component. Most forums have suggested changing the settings or un-installing W D as long as you are running a different AVP. Since the program will not open, I can not change the settings and since it is a built in component of Vista I can not find it to un-install it.

Now what?

Any help is greatly accepted.

A:Windows Defender 0x800106a code

hi what security package are you using

Read other 5 answers

The internal dvd/cd drive on my Dell inspiron 1720 isn't found in my computer...but works great using Media center. What gives? Any idea where to start?

Read other answers

Sadly, Windows Defender has found trojans, and said that they were "severe" and "removed" but also said "successful".
Does that mean the trojans screwed up my computer "successfully" or they were removed "successfully"?

A:Trojans found by Windows Defender.

Removed Successfully.. they will be deleted or moved to a quarantine or virus vault where they can no longer be any harm.

Read other 1 answers

This problem just started like a day or two ago. I can't turn on Windows Defender and when I try to open defender it says "Windows cannot access the specified device, file or path. You may not have the appropriate permissions to access the item".

I've searched on forums and they all say to download certain programs but every time I go to download anything it says that the file had a virus and was deleted! So downloading files or programs is out of the question!

Tried to do a system restore twice but each time it did not work. Can anyone help?

Read other answers

Sirefef trojen found and cleaned by Windows Defender. It comes back after reboot, I get popups "Windows Firewall has blocked......."
Can you help me remove it?

DDS Log>
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Tomco_HP at 14:26:14 on 2012-08-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1782.964 [GMT -5:00]
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
============== Running Processes ===============
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\B... Read more

A:Sirefef found by Windows Defender

please run the following:download Farbar Recovery Scan Tool and save it to a flash drive.Plug the flashdrive into the infected PC.Enter System Recovery Options. To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.To enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Choose your language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) ... Read more

Read other 32 answers

I am unable to to turn on windows defender. When I hit start I get this message: the specified service does not exist as an installed service error code 0x80070424. I believe windows defender is the reason I am getting the error message:Cannot install the driver plugin error: failed to start service: The dependency service does not exist or has been marked for deletion (1075) when I am trying to install HitBliss. Windows Defender will not let me open tools. I have Avast for anti-virus and have turned it off and still get same error. I can not find windows defender in my registry. I have tried just about everything except reinstalling windows 7 and starting all over. The only place I can find windows defender as a program is under the control panel. Any ideas?? Also how can I reinstall windows 7 without a disk?? If I do a reboot what should I need to save other than pictures and music. I have Windows 7 Home Premium 64 bit.

Update: Just tried to download windows defender from Microsoft and it says Windows Defender is not compatable with my operating system?? It says I can download it for other OS?

A:Windows Defender nowhere to be found and will not start

Just install and run Microsoft Security Essentials, it should fix your problem.

Microsoft Security Essentials - Microsoft Windows

Uninstall Avast.

Have you run a system file check ?

SFC /SCANNOW Command - System File Checker

You can`t install windows 7 without the dvd or by using a usb flash drive.

Also install and run Malwarebytes Antimalware.


Read other 9 answers

Good day,

For quite a few weeks now I have had a problem with getting windows update and MSE to... well update . Each time I attempt to do so, they always return with the error 0x80244019. I have been checking on other fourms, and a few users seem to have the same error, but none of the suggestions seem to resolve my issues. For some strange reason, when ever I try to access a page in IE or Chrome it always (no matter what page I attempt to go to) returns with the xampp homepage - and it's not even on! Here is an example with chrome (note the address bar ):

error1.png picture by darestium - Photobucket

And with MSE:

error2.png picture by darestium - Photobucket

And with IE:

error3.png picture by darestium - Photobucket

I also tryed resetting IE by: Internet Options -> Advanced -> Reset. And checking the LAN and proxy settings etc. Which didn't work, I also tryed a command in cmd, which didn't work either (I got it from another page regarding a similar issue) I think it reset the network configurations or something o_O.

So, the only browser I can use is mozilla, and I can't update or anything so, I am really quite annoyed. Any suggestions on how to fix this would be appreciated.

A:Problem with IE, MSE, Chrome & Windows Update: 0x80244019


Have you tried uninstalling XAMPP, and then seeing if you can update?

Have you had a any malware infections recently?


Read other 9 answers