Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Security Center can't be started because of virus/malware

31 Jan 2013   #71
Crumble

Windows 7 Ultimate, 32bit
 
 

Thanks a lot

I've tried several times to download and use the Microsoft Security Essentials, but it won't work because of the malware...I can't even open the program.

So I think I will try the avast! Free Antivirus


My System SpecsSystem Spec
.
31 Jan 2013   #72
cottonball

Windows 7 Home Premium
 
 

Thanks for the info.

Please post back on how it goes with avast! Free. Particularly, if you get any error messages.

It is installed on the computer that I am using now.
My System SpecsSystem Spec
01 Feb 2013   #73
cottonball

Windows 7 Home Premium
 
 

Crumble,

Please open Task Scheduler by clicking the following in sequence: Start > Control Panel > System and Security > Administrative Tools, and then double-clicking: Task Scheduler

When Task Scheduler opens, expand Active Tasks to see a list of everything that is scheduled to run.
Now scroll through the list and find: IKOPXBS
Double-click it.

Next, the Task Scheduler Library opens.
Right-click on the task and select: Delete

Verify that you want to completely delete the task.
Click: Yes

Post back on whether it worked.


Next, go back to VirusTotal as before (Post #36), and also have the following analyzed:

C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1

When done, please post the results.


Now, follow the instructions below, and see if you can find:
c:\windows\system32\deskperfm.dll

Instructions:
How to show hidden files in Windows 7

If you find the file, also get it analyzed at VirusTotal and post the results.
My System SpecsSystem Spec
.

01 Feb 2013   #74
Crumble

Windows 7 Ultimate, 32bit
 
 

hmmm, I can't find IKOPXBS!

And I can find the other file (C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1) on my computer, but it is not an option when I want to choose the file in VirusTotal.

avast! found 6 viruses, although I can find only 5...I've placed them in the "virus chest". I'm not quite sure what to do about them, should I delete them or just leave them be? Posting an image:

My System SpecsSystem Spec
01 Feb 2013   #75
cottonball

Windows 7 Home Premium
 
 

Excellent job, Crumble!!

The entries in the Virus Chest will not be activated, and are under the control of Avast.

You can remove the entries from the chest, though.

To do that :

Start Avast
From the Maintenance tab, click on: Virus Chest
Select the all the files (one at a time), right-click on the selected item, select: Delete

Next, throughly scan your computer again with a Boot Time Scan:
Instructions:
How to Perform a Boot-Time Scan with Avast! Anti-Virus

Then, scan again, selecting a Full Sytem Scan.

Post back whether the system shows up clean.
My System SpecsSystem Spec
01 Feb 2013   #76
cottonball

Windows 7 Home Premium
 
 

When done with the above (avast!)...

ComboFix is once again ready for download and use.

Please remove the previous copy from your Desktop, and download a new copy from:
ComboFix Download

Temporarily disable avast!,since it may interfere with ComboFix.

Info on disabling protection programs:
Topic:
How to disable your security applications - Tech Support Forum
Topic:
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

To run ComboFix, right-click on ComboFix.exe and select: Run as Administrator
Click on Yes, to continue scanning for malware.
The scan make take a while, since it has some 50+ stages.


When finished, CF produces a report.

Please provide a copy of the C:\ComboFix.txt in your reply.
 
Notes:
1. Please do not mouse-click the ComboFix window while it is running. This action may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
3. CF disconnects your machine from the Internet. However, the connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
My System SpecsSystem Spec
04 Feb 2013   #77
Crumble

Windows 7 Ultimate, 32bit
 
 

After the Boot time scan 3 viruses were found, and I deleted them. Then I ran the Full System Scan which showed up clean

Here is the ComboFix result:

ComboFix 13-02-03.03 - siri1802 04.02.2013 7:29.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.2003.634 [GMT 1:00]
Kjører fra: c:\users\siri1802\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\3002.abs
c:\programdata\3002.xml
.
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2013-01-04 til 2013-02-04 )))))))))))))))))))))))))))))))))
.
.
2013-02-04 06:38 . 2013-02-04 06:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-01 03:45 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-01 03:45 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-01 03:45 . 2012-10-15 16:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-01 03:45 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-01 03:45 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-01 03:45 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-01 03:44 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-01 03:44 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-01 03:43 . 2013-02-01 03:43 -------- d-----w- c:\programdata\AVAST Software
2013-02-01 03:43 . 2013-02-01 03:43 -------- d-----w- c:\program files\AVAST Software
2013-01-31 07:12 . 2013-01-31 07:12 -------- d-----w- C:\FRST
2013-01-30 04:26 . 2013-01-30 04:26 -------- d-----w- c:\program files\ESET
2013-01-28 03:45 . 2013-01-28 03:50 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-01-28 03:43 . 2013-01-28 03:46 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2013-01-28 03:43 . 2013-01-28 03:43 -------- d-----w- c:\program files\Tweaking.com
2013-01-28 02:57 . 2013-01-28 03:11 5522 ----a-w- C:\backup.reg
2013-01-22 03:23 . 2013-01-22 03:23 -------- d-----w- c:\program files\iPod
2013-01-22 03:22 . 2013-01-22 03:23 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-22 03:22 . 2013-01-22 03:23 -------- d-----w- c:\program files\iTunes
2013-01-19 11:48 . 2013-01-19 11:48 -------- d-----w- c:\users\siri1802\AppData\Roaming\Malwarebytes
2013-01-19 11:47 . 2013-01-19 11:47 -------- d-----w- c:\programdata\Malwarebytes
2013-01-19 11:47 . 2013-01-19 11:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-19 11:47 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-19 11:39 . 2013-01-19 11:39 -------- d-----w- c:\users\siri1802\AppData\Local\Programs
2013-01-18 09:09 . 2013-01-18 09:09 -------- d-----w- c:\program files\Common Files\Java
2013-01-18 09:08 . 2013-01-18 09:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 10:17 . 2013-01-16 10:17 -------- d-----w- c:\program files\WinPcap
2013-01-16 04:00 . 2013-01-16 04:00 -------- d-----w- c:\program files\MSECache
2013-01-14 03:06 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-01-14 03:06 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-13 15:06 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-13 15:06 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-13 15:02 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-04 06:22 . 2012-09-24 09:51 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-02-04 06:22 . 2012-09-25 07:30 58288 ----a-w- c:\windows\system32\rpcnet.dll
2013-01-31 07:18 . 2012-09-24 09:52 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2013-01-18 09:08 . 2012-09-25 07:27 859552 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-01-18 09:08 . 2011-05-20 14:10 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-13 14:39 . 2012-09-24 22:16 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-13 14:39 . 2011-05-20 14:10 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-09 04:42 . 2012-12-12 03:10 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-19 16:36 . 2013-01-19 16:35 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 556648 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 556648 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 556648 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GD riveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 556648 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 04:50 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2013-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-24 14:39]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 15:20]
.
2013-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-07 15:20]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://google.no/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd til OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.11.1
FF - ProfilePath - c:\users\siri1802\AppData\Roaming\Mozilla\Firefox\Profiles\3pt7z1m9.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: !HIDDEN! 2012-09-25 10:35; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Searchqu Toolbar\Datamngr\FirefoxExtension
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe ,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2013-02-04 07:44:03
ComboFix-quarantined-files.txt 2013-02-04 06:44
ComboFix2.txt 2013-01-25 09:40
.
Pre-Run: 14*284*525*568 byte ledig
Post-Run: 14*241*857*536 byte ledig
.
- - End Of File - - E26CB0E1E1B22773EACB24C1A35BCE6B
My System SpecsSystem Spec
04 Feb 2013   #78
cottonball

Windows 7 Home Premium
 
 

avast! is for you...

Have to take a closer look at the ComboFix report.

In the meantime, to see the Security Center service, press the Windows key and the R key simultaneously.

In the Run box that appears, type: services.msc
In the Services window, go down to: Security Center

Set the Startup type to: Automatic (Delayed start), and press the Start button.
Does it stay on?

Also run Farbar Service Scanner once again.


Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
Press: Scan

Please provide the new FSS.txt in your reply.
My System SpecsSystem Spec
04 Feb 2013   #79
Crumble

Windows 7 Ultimate, 32bit
 
 

Sure, take your time

Here's the FSS result:

Farbar Service Scanner Version: 30-01-2013
Ran by siri1802 (administrator) on 05-02-2013 at 05:31:50
Running from "C:\Users\siri1802\Downloads"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


I have another question for you:
My computer has started to get really slow the last few weeks, and the screen drive stops responding/working all the time in which case the screen turns black for a while. Do you think this has got something to do with the viruses? Is there any way to fix it?
Btw - the Security Center stays on!!
My System SpecsSystem Spec
05 Feb 2013   #80
cottonball

Windows 7 Home Premium
 
 

Crumble,

"Btw - the Security Center stays on!!"
^^^ ^^^


See if you can start the Windows Firewall, or do you have another Firewall running?
Post back on this, please.

On the problems with the screen/display, there may be a problem with its graphic card. Your best bet is to go to the following forum, and describe the problem there:
Graphic Cards - Windows 7 Forums

Malware is basically what I do. You do not want me guiding you thru a display issue.
I'm confused enough with what I do!
My System SpecsSystem Spec
Reply

 Windows Security Center can't be started because of virus/malware




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
The Windows Security Center Can't be Started. Help!
Hi, I've recently had a virus on my laptop, AVG detected a few called trojan horse generic29.ajge I think i've managed to remove them through various types of malware programs and such but it has left me unable to activate the Windows Security Center and also my Windows Firewall isn't using...
System Security
The windows 7 security center can't be started
Hey,Im a Rookie to when it comes to using programs to Get rid of certain viruses and programs, But recently i found out my Firewall and security center could not be started, I have used malware bytes, and a few other programs but this has only made it so that the firewall is accesiable now, I Was...
System Security
Windows Security Center service can't be started.
Hello, This is my first post and, as you can see from the title, I'm getting the message that my Windows Security Center service can't be started. In addition, when browsing the web, I will sometimes click on a link and be sent to a page other than the one I clicked on. I've read, here on...
General Discussion
Windows Security Center service cannot be started
background:I took your advice and ran it. Nothing detected. I decided to also do a full scan with MS Security Essentials and there were some items detected. Thnx! Issue : Oh btw, as I was navigating the Control Panel after all this I happened across the 'Action Center' and noticed that...
General Discussion
windows security center service can't be started
the windows security center service was disabled and couldn't be started, i tried to turn it to automatic in services.msc a million times but it turns back to disabled. obviously its a virus/malware(which redirects the browser too). i have MSE, but it is also not starting in normal mode. this is...
System Security
The Windows Security Center service can't be started.
I click on the flag to turn it on but get that message... 'The Windows Security Center service can't be started.' Seems to have coincided with Firefox crashing REALLY FREQUENTLY too. I downloaded Malwarebytes' Anti-Malware and did a full scan. Here's the result: Malwarebytes'...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 23:00.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App