Windows 7: Windows Security Service can't be started issue

Hi there!

I need help guys with my concern as stated with the thread title.
As far as I remember I ran DrTCP021.exe (it's a speed utility app) on my windows 7 ultimate 32bit
desktop and after that I noticed some changes in my PC.

1. my theme was changed to basic theme and for some reason my aero was automatically disabled.
2. themes service and desktop windows manager in services can't seem to be started.
3. i wasn't not able to connect to internet using my broadband stick. (wireless) I noticed that I can't
make some changes in network adapter like deleting some that i don't need.
4. I noticed that the windows security service was not running and i can't start it in services. i'm getting an error. "Windows could not start the Security Center service on Local Computer. Error 1068: The dependency service or group failed to start.

In short, DRTCP021.exe ruined my desktop.

i ran malwarebytes and deleted infected files
i ran Avast and I did the same. but nothing has changed. I came across to one of the threads here
with the same issue and used OTL.exe. I hope someone can help me as well with this.
I attached the OTL.txt.

bauer1818,

OTL is showing a ZeroAccess Check. It is a scan of some Registry items that the infection may show in. They are not in themselves bad, but, ZeroAccess is constantly changing and difficult to detect.

So, to take a look at the system before Windows starts, we need to run a special tool.
However, to do so, need some info from you:

Do you have the Repair your computer option in the Advanced Boot Options menu?

To find out:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
Is the Repair your computer option listed?

If you do not have the option, do you have your Windows 7 installation CD/DVD available?

~~~~
>>> If you have the Repair your computer option, please run FRST from your bootable computer, as follows:

First, please check the size an name of the Hard Drive that has Windows Seven installed.
Start > double-click: Computer (Take note of the info.)

Also, you may want to print these instructions for reference after the process starts.

Next, download the Farbar Recovery Scan Tool:
http://www.bleepingcomputer.com/down...ery-scan-tool/
Select the version that applies to computer (32-bit)

Save FRST.exe to the Desktop

Right-click Start, and select: Open Windows Explorer
Look for drive C:\
On the Desktop, right-click FRST.exe, and move it into C:\
Confirm that FRST.exe is in C:\.

Restart the computer.

Tap the F8 key until the Advanced Boot Options menu appears.
Select: Repair your Computer
Select language settings, and User account. (In the User Account leave the passworrd field blank, if you do not have one.)

On the System Recovery Options menu, select: Command Prompt

In the Command Prompt window, at the blinking cursor, type: notepad

In Notepad, under the File menu selec: Open
Double-click: Computer
Double-click on the OS drive (May not show as C:\ in the Recovery Environment)
Press: Open

At the Command Prompt window type: X:\frst.exe, and press: Enter
(Replace X with the letter of drive that now shows.)

The tool starts and presents a prompt with:
The tool is setting up to read the Local Disk. Please wait...

Click OK to continue.

When presented with the disclaimer, press: Yes

When the FRST console appears, press the Scan button.

Once the scan finishes, a prompt appears stating:
Scan completed. The frst.txt has been saved in the same location FRST tool is run.

Close this prompt. Notepad shows that a log was created.

Close FRST, and close everything else except System Recovery Options.
Press: Restart


Back in Windows, right-click Start, and select: Open Windows Explorer
Look for drive C:\, and open it.
A folder named: FRST is there.

Inside the FRST folder, there are three folders.
One of them is named: Logs

Open the Logs folder to find the text document resulting from the scan.

Please post the FRST.txt in your reply.



~~~~
Also, please use this short scan that also looks at ZeroAccess...


Please download RogueKiller:
Tlcharger RogueKiller (Site Officiel)

When you get to the website, go to where it says:
(Download link) Lien de téléchargement:

Select the version that applies to your system. (For 32-bit system, the version without x-64)

Click the dark-blue button that applies to download.

Save to the Desktop

Close all windows and browsers
Right-click and select 'Run as Administrator'

Press: SCAN

A report opens on the Desktop: RKreport.txt

Please provide the RKreport.txt (Mode: Scan) in your reply

thanks for your reply..

i tried your suggestion and i have the results..

i just want to add that aside from the issues i have posted above it seems that there are another things
that are coming up as a problem as well..

additional issues:
- unable to make windows update i'm getting an error
- whenever i connect to internet it will always give me unidentified network (i'm using wireless broadband stick)
i always need to go to TCP/IP settings just to check obtain ip address automatically and dns automatically before it will work. as i have stated i "always" need to do that so i can connect. i don't have this issues before it just came up right after in used DRTCP (as stated above).

i did everything that i could from running to safemode and used anti-malware, anti-virus, deleted unused network adapter, uninstall and reinstall network adapter as well.. but still the same.
for windows update issue, i checked the services.msc and windows update is on automatic, i started it but still the same not working..

i hope you can help me.

i just have the frst.txt but not the RKreport.txt.. it never gave me any notes to what happened after i scanned it using the roguekiller.

here's the error code for windows update: 80070422

i tried microsoft's support page and tried their suggestions but nothing fix the issue..
by the way i'm not able to use this command "sfc/ scannow" in elevated command prompt. i noticed it while following the instructions of microsoft to try it. i'm getting an error, "windows resource protection could not start the repair service"

Let's check out what is going on with the Windows Update service...

Please download Farbar Service Scanner




Save to the Desktop

• Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
• Press: Scan
• FSS creates a log, FSS.txt, on the Desktop.

Please provide the FSS.txt in your reply.


Also, please post the RogueKiller report: RKreport.txt
Run it again, if necessary.

drtcp021 exe is written by IObit ...
drtcp021 exe

You can totally un-install this with a tool written by Thomas Hoen (Programmer) and Fred de Vries (Original idea).
T-Tools BitRemover

ok here are the logs that you need cotton ball..

bauer1818,

There are some services which are not runnning:

System Restore:
============
SDRSVC (Windows Backup) Startup type: Manual
VSS (Volume Shadow Copy) Startup type: Manual

Action Center:
============
wscsvc (Security Center) Startup type: Automatic (Delayed Start)
winmgmt (Windows Management Instrumentation) Startup type: Automatic

Please press Start and the R key at the same time.
In the Run prompt, type in: services.msc

Look for the services listed above, one by one... (Name included in parenthesis)

Each service (above) has a Dependency tab.
Check the tab, and see if the services there are running, so you do not get the error: The dependency service or group failed to start.


For each service, click the down arrow next to the Startup Type and select the option stated for each one (above).

For alll of the services, the Service status ahould read: Started (If not, press the Start button)

If you need any more info about the Dependency services, let me know.

When done, please run FSS once again, and post its new report.

can you tell me more about dependencies?

by the way, i followed your instructions and i was able to start those services now but i still can't make windows update. i'm getting an error code of: 80070422.
with my TCP/IP settings i still need to always manually change it to automatically obtain an ip adress etc.
on the right hand side of my screen at the bottom shows "unidentified network, internet access" but has a red cross mark on it.

here's the fss.txt

Dependencies are other services that must be running for the selected service to function.

On the Windows Update...

Strange that FSS does not show any problems with WU. It can be rather cantankerous/uncooperative sometimes.

Is the Windows Update Startup Type set to: Automatic (Delayed start)
If you have the option set at Automatic, set it to Automatic (Delayed Start).
If it is set to Automatic (Delayed Start), set it to Automatic.
Click OK when done.

Back on the Services window, make sure the Windows Update Status is: Started

Close the window and restart your computer.

Now, check the Windows Update.