Solved The Windows Security Center service can't be started.

K

keyboardface

New member
Member
Local time
8:49 PM
Messages
75
I click on the flag to turn it on but get that message...

'The Windows Security Center service can't be started.'

Seems to have coincided with Firefox crashing REALLY FREQUENTLY too. I downloaded Malwarebytes' Anti-Malware and did a full scan. Here's the result:

Code: 
Malwarebytes' Anti-Malware 1.50.1.1100
[URL="http://www.malwarebytes.org"]www.malwarebytes.org[/URL]
Database version: 6054
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8080.16413
14/03/2011 18:29:03
mbam-log-2011-03-14 (18-28-58).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 432048
Time elapsed: 1 hour(s), 19 minute(s), 14 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\Tom\Desktop\ezdrummer v1.0. vsti\update & keygen\Keygen 1.11\Keygen.exe (Malware.Packer.Gen) -> No action taken.
d:\downloads\Torrents\office 2010 activation and conversion kit 1.6.exe (Trojan.Agent.CK) -> No action taken.
d:\downloads\Torrents\office_2010_professional_plus_32bit_and_64bit.with.volumeedition activator\microsoft 2010 clean up utility.msi (Malware.Generic) -> No action taken.
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
Could be a possible virus MB can't remove or an extension on FF that's not getting along with another program.

What AV are you running? Some of them take control of the security settings.

You can try installing MSE or D/L and run the Microsoft Malicious Software Removal Tool

You could also try using this tool:

Norton Power Eraser

http://security.symantec.com/nbrt/npe.asp?lcid=1033

Because the Norton Power Eraser uses aggressive methods to detect these threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully, and only after you have exhausted other options.
Click to expand...

Edit: Found these


http://www.threatexpert.com/report.aspx?md5=5ceef8f5d638288ccbfc4e1a04841f47
 
Last edited:

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
c:\Users\Tom\Desktop\ezdrummer v1.0. vsti\update & keygen\Keygen 1.11\Keygen.exe (Malware.Packer.Gen) -> No action taken.
d:\downloads\Torrents\office 2010 activation and conversion kit 1.6.exe (Trojan.Agent.CK) -> No action taken.
d:\downloads\Torrents\office_2010_professional_plus_32bit_and_64bit.with.volumeedition activator\microsoft 2010 clean up utility.msi (Malware.Generic) -> No action taken.
Click to expand...

Run Malwarebytes again and delete these items. Things might work again.
Mike
 

My Computer

Computer Manufacturer/Model Number
Hopalong/ Godzilla
OS
Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
CPU
Intel Core i7-870 Lynnfield 2.93GHz LGA 1156 95W Quad-Core
Motherboard
ASUS P7P55D-E PRO
Memory
8GB@1400MHz Crucial Ballistix DDR3-1600 4x2GB
Graphics Card(s)
ASUS ENGTX460 DirectCU/2DI/1GD5 1GB 256-bit GDDR5
Sound Card
VIA Onboard
Monitor(s) Displays
Asus VS248H-P 24"; Samsung SyncMaster 941BW 19"ws
Screen Resolution
1920x1080; 1440x900
Hard Drives
Samsung 830 120GB SSD
Intel 320 120GB SSD
Western Digital Caviar Black WD7501AALS 750GB 7200 RPM SATA 3.0Gb/s
Western Digital Caviar Black WD6401AALS 640GB 7200 RPM SATA 3.0Gb/s
PSU
COOLER MASTER Silent Pro RS850-AMBAJ3-US 850W Modular
Case
COOLER MASTER HAF 932 RC-932-KKN5-GP Black
Cooling
Scythe "Mugen-2 Rev.B" (2 ScytheKaze-Jyuni PWM fans)
Keyboard
Logitech K-320
Mouse
Kensington
Antivirus
Avast Inernet Suite
Browser
IE 9 ; Chrome
Hopalong X said:
c:\Users\Tom\Desktop\ezdrummer v1.0. vsti\update & keygen\Keygen 1.11\Keygen.exe (Malware.Packer.Gen) -> No action taken.
d:\downloads\Torrents\office 2010 activation and conversion kit 1.6.exe (Trojan.Agent.CK) -> No action taken.
d:\downloads\Torrents\office_2010_professional_plus_32bit_and_64bit.with.volumeedition activator\microsoft 2010 clean up utility.msi (Malware.Generic) -> No action taken.
Click to expand...

Run Malwarebytes again and delete these items. Things might work again.
Mike
Click to expand...

I did remove them at the end. Pretty sure they're false positives though. Keygens always come up as viruses/malware don't they?
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
Borg 386 said:
Could be a possible virus MB can't remove or an extension on FF that's not getting along with another program.

What AV are you running? Some of them take control of the security settings.

You can try installing MSE or D/L and run the Microsoft Malicious Software Removal Tool

You could also try using this tool:

Norton Power Eraser

http://security.symantec.com/nbrt/npe.asp?lcid=1033

Because the Norton Power Eraser uses aggressive methods to detect these threats, there is a risk that it can select some legitimate programs for removal. You should use this tool very carefully, and only after you have exhausted other options.
Click to expand...

Edit: Found these


ThreatExpert Report: Trojan.Agent.LM, Trojan Horse, Trojan-Proxy.Win32.Agent.ck, BackDoor-CLK.dll..
Click to expand...

I'm using NOD32. I've used it for ages though and never had this Security Center problem so something must have changed. When I go to services.msc, it's disabled. I change it to automatic, press start, and it works, for about 20 seconds before turning off again.

I'll try the malicious software removal tool but wouldn't that be unnecessary if I already have an AV program installed?
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
It won't hurt to run the Malicious removal tool.

Clean out all your internet temp files. Cookies and all in firefox. Just in case since it is also giving problems. It may not be related but could be the same problem for both.

Also run http://www.sevenforums.com/tutorials/818-disk-cleanup-open-use.html
Make sure to run as administrator.
Clean temp files but I'd leave Windows Error files unchecked. Leave them intact for future use if needed.

None of this may help but won't hurt to clean out the junk just in case.

After that you can try this to see if a registry error is possibly the problem.
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html?ltr=S

If it finds errors but states it can't repair them all leave the CMD window open and type it in again. Run it up to three times to fix errors.
Sometimes it just can't get them all in one pass.
If it shows none we will go from there.
Post back.

Somone else may come up with some other ideas also.
Mike
 

My Computer

Computer Manufacturer/Model Number
Hopalong/ Godzilla
OS
Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
CPU
Intel Core i7-870 Lynnfield 2.93GHz LGA 1156 95W Quad-Core
Motherboard
ASUS P7P55D-E PRO
Memory
8GB@1400MHz Crucial Ballistix DDR3-1600 4x2GB
Graphics Card(s)
ASUS ENGTX460 DirectCU/2DI/1GD5 1GB 256-bit GDDR5
Sound Card
VIA Onboard
Monitor(s) Displays
Asus VS248H-P 24"; Samsung SyncMaster 941BW 19"ws
Screen Resolution
1920x1080; 1440x900
Hard Drives
Samsung 830 120GB SSD
Intel 320 120GB SSD
Western Digital Caviar Black WD7501AALS 750GB 7200 RPM SATA 3.0Gb/s
Western Digital Caviar Black WD6401AALS 640GB 7200 RPM SATA 3.0Gb/s
PSU
COOLER MASTER Silent Pro RS850-AMBAJ3-US 850W Modular
Case
COOLER MASTER HAF 932 RC-932-KKN5-GP Black
Cooling
Scythe "Mugen-2 Rev.B" (2 ScytheKaze-Jyuni PWM fans)
Keyboard
Logitech K-320
Mouse
Kensington
Antivirus
Avast Inernet Suite
Browser
IE 9 ; Chrome
Hopalong X said:
It won't hurt to run the Malicious removal tool.

Clean out all your internet temp files. Cookies and all in firefox. Just in case since it is also giving problems. It may not be related but could be the same problem for both.

Also run http://www.sevenforums.com/tutorials/818-disk-cleanup-open-use.html
Make sure to run as administrator.
Clean temp files but I'd leave Windows Error files unchecked. Leave them intact for future use if needed.

None of this may help but won't hurt to clean out the junk just in case.

After that you can try this to see if a registry error is possibly the problem.
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html?ltr=S

If it finds errors but states it can't repair them all leave the CMD window open and type it in again. Run it up to three times to fix errors.
Sometimes it just can't get them all in one pass.
If it shows none we will go from there.
Post back.

Somone else may come up with some other ideas also.
Mike
Click to expand...

Okay, thanks. I'm running the SFC scannow program now.

I downloaded the Malicious Software Removal Tool but nothing happens when I run it. It shows that it's being extracted but then disappears.

Also discovered that System Restore has been turned off. I certainly didn't do that.

Seems slightly more serious than I initially thought...
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
I'm also going to see if I can get some more help maybe they might have more ideas on the security not working properly.

So keep the below in mind but let me see if I can get one of the Security Aces before you go with below.
-----------------------------------------------------------------------------------------------

If you made a back-up image you can restore the image.
Windows version or Macrium etc.
If not oops!
Make one after you get things fixed for next time.

--------------------------------------------------------------
From your specs I'm going to guess you have a Windows installation disk.

As a last resort this may be the way to go.
http://www.sevenforums.com/tutorials/3413-repair-install.html

It will repair the registry but will not loose any of your files and pics etc.
It takes the registry read straight off the disk for the repair.

Something to consider if no one else comes up with beter solutions.

That is if sfc /scannow doesn't work.

Mike
 

My Computer

Computer Manufacturer/Model Number
Hopalong/ Godzilla
OS
Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
CPU
Intel Core i7-870 Lynnfield 2.93GHz LGA 1156 95W Quad-Core
Motherboard
ASUS P7P55D-E PRO
Memory
8GB@1400MHz Crucial Ballistix DDR3-1600 4x2GB
Graphics Card(s)
ASUS ENGTX460 DirectCU/2DI/1GD5 1GB 256-bit GDDR5
Sound Card
VIA Onboard
Monitor(s) Displays
Asus VS248H-P 24"; Samsung SyncMaster 941BW 19"ws
Screen Resolution
1920x1080; 1440x900
Hard Drives
Samsung 830 120GB SSD
Intel 320 120GB SSD
Western Digital Caviar Black WD7501AALS 750GB 7200 RPM SATA 3.0Gb/s
Western Digital Caviar Black WD6401AALS 640GB 7200 RPM SATA 3.0Gb/s
PSU
COOLER MASTER Silent Pro RS850-AMBAJ3-US 850W Modular
Case
COOLER MASTER HAF 932 RC-932-KKN5-GP Black
Cooling
Scythe "Mugen-2 Rev.B" (2 ScytheKaze-Jyuni PWM fans)
Keyboard
Logitech K-320
Mouse
Kensington
Antivirus
Avast Inernet Suite
Browser
IE 9 ; Chrome
roastbeef said:
I downloaded the Malicious Software Removal Tool but nothing happens when I run it. It shows that it's being extracted but then disappears.
Click to expand...
What is happening is the nasties in your machine are reading the name of the anti-malware, and preventing it from running.

You need to change the name to something innocuous like mydoghasfleas before you extract it, then you will have to go into the extracted files and change the name of the .exe Application file before you open it.

I am surprised mbam ran at all!

roastbeef said:
Also discovered that System Restore has been turned off. I certainly didn't do that.

Seems slightly more serious than I initially thought...
Click to expand...
You will also need to go into System Restore, and delete all those restore points because the nasties will be in there also.

You could run HiJackThis! but someone other than me should read it for you so you do not delete a valuable file. Someone like Jacee.
Save it also like mydoghasfleas.

 You can try running Superantispyware, save it also like mydoghasfleas to your desktop.
I used this the other week to free up my niece's machine of 1,247 nasties.
It is not programed to run on x64, but did a nice job on hers.
What happens is it only reads the x32 side of your machine, but luckily most nasties are x32.

You can try Combofix, but again someone other than me should read it for you so you do not delete a valuable file. Someone like Jacee.

If your going to continue to run torrents you should set up your browser to scan immediately for viruses after the download.

I have the bitdefender quickscan add-on for my FF. Speaking of which, I would just go ahead and un-install it, and start over. I would not be sure if your profile would be okay after clean-up or not.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
Thanks Anak. I got the Malicious Software Removal to run, but it found nothing.

Here's my hijackthis results, for anyone that can help.

Code: 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 03:38:47, on 15/03/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\NETGEAR\WN111\wn111.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
D:\Downloads\mydoghasfleas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [URL="http://www.google.co.uk/"]Google[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL="http://go.microsoft.com/fwlink/?LinkId=69157"]MSN.com[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL="http://go.microsoft.com/fwlink/?LinkId=54896"]Bing[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL="http://go.microsoft.com/fwlink/?LinkId=69157"]MSN.com[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [messenger.exe] C:\Program Files (x86)\Common Files\Microsoft Shared\Web Components\messenger.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WLAN Optimizer] C:\Users\Tom\AppData\Local\Temp\Rar$EX00.509\WLAN Optimizer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Update.lnk = C:\Windows\System32\rundll32.exe
O4 - Global Startup: NETGEAR WN111 Smart Wizard.lnk = C:\Program Files (x86)\NETGEAR\WN111\wn111.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [URL]http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/URL]
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Unknown owner - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11125 bytes
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
Just offhand, it looks like a lot of your security files are either missing or have been disabled.

You can try booting in safe mode and running some of the above listed apps to see if that yields any results.

For the most part, depending on the complexity of it, malware/viruses will infect the first restore point, sometimes the second, possibly all of them. It's worth a try to go into safe mode and see if you can restore backward to the 3rd point or farther if possible. If this succeeds, immediately run a full scan on your system with an AV.

Have you made a windows repair disk that you can run? You can also try a repair boot disk, here is a list of them:

FREE Bootable AntiVirus Rescue CDs Download List

If you can still go there, you can get a free online scan from Norton which will run independent of the system.

Free Virus Scan - Free Antivirus Software | Norton Security Scan

Click on the "continue to security check" button and follow the directions. Note that you will have to be running IE for this to function. Depending on your speed, this may take a while to d/l.

The fact that the Malicious Software Removal Tool won't run points to the possibility of a virus that has taken control of your registry and disabled certain key security operating files.

There are a lot of good suggestions in the posts above and you should try them until you find something that may work. This failing, be aware that the virus may have compromised windows to the point of no return & you may have to format the HD and re-install windows, which would be the only assurance that you indeed have a clean system.

I say format the HD because if you just re-install over the old, there's a possibility the virus will still be present.

One more thing, the phrase "Keygens always come up as viruses/malware don't they?" is always used as a way to entice people to go ahead and click the ignore button on their AV's. Avoid using them in the future.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Hell oh Well
OS
Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
CPU
Intel Core 2 Duo 2.93GHz
Memory
Not much with my ADHD
Graphics Card(s)
ATI Radeon HD 4350
Monitor(s) Displays
24" HDTV/Monitor
Screen Resolution
Blurry after a Scotch or 2
Hard Drives
1 HDD 250 GB, 1 HDD 1 TB, 3 - 1 TB Externals
Case
Don't get on my case...man :D
Cooling
I have an Air Conditioner & Diet Pepsi
Keyboard
Saitek Cyborg
Mouse
10 yr old MS optical mouse that still works
Internet Speed
Never fast enough
Antivirus
Various
Browser
Various
Your welcome rb,

Have you tried running SuperAntispyware (SA) yet?

Also try ESET's Online Scanner

This "Security Center problem". Do you notice any pop-ups asking you to purchase another program or trying to re-direct you to another page?

Two items I noticed in your HJT log that send a chill up my spine are:
Code: 
BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -  C:\Program Files (x86)\Common Files\Microsoft  Shared\OFFICE14\MSOXMLMF.DLL
It is also one of the shortest HJT logs I have ever seen this may allude to Borg's statement:
Just offhand, it looks like a lot of your security files are either missing or have been disabled.
Click to expand...
I'm using NOD32. I've used it for ages though and never had this Security Center problem so something must have changed. When I go to services.msc, it's disabled. I change it to automatic, press start, and it works, for about 20 seconds before turning off again.
Click to expand...
Users can not become complacent when it comes to protecting their machines you may want to consider upgrading to SmartSecurity4.

Since you are using a 64bit OS is NOD 64bit? Which version (32-bit or 64-bit) of ESET Smart Security or ESET NOD32 Antivirus should I download? - ESET Knowledgebase

Does your present version of NOD have email protection, automatic updates?

Are you married do you have children? If so, are they aware of the dangers when online?

The niece I mentioned earlier. Her husband has been known to visit sites of ill-repute, and her children have friends that are around when the kids are online.

I told her to tell her husband to run SA immediately after every time he gets off the web, and her son didn't own up to a "buddy" wanting to get on a particular web site until Uncle Steve talked to him in a firm, and conversational tone. He was afraid he was going to get yelled at.
I told him he was going to have to own up to the possibility that him and his buddy may be the reason the machine is sick, and he would have to tell his parents.

I clued the parents, and all went well in the end.

I'll try the malicious software removal tool but wouldn't that be unnecessary if I already have an AV program installed?
Click to expand...
As Hoppy stated earlier "It won't hurt". Most things in life are not free, but in this case think of it as an adjunct to NOD32. Microsoft Malware Protection Center

You can preform a MS online scan here:
https://onecare.live.com/site/en-us/default.htm

Here is a list of Online scanners check seventh column to the right: https://secure.wikimedia.org/wikipedia/en/wiki/List_of_antivirus_software

If all this does not work, you may need to visit a Security related forum like:
Wilders Security Forums - Powered by vBulletin
Security - BleepingComputer.com
Security Cleanup forum | DSLReports.com, ISP Information

Please adhere to their posting requirements they are very strict because every situation is different!
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Gateway DX4831-01e (Mid-Tower Desktop)
OS
Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
CPU
Intel i3 530 2.93GHz, 2933MHz 2 Cores 4 Logical Processors
Motherboard
Gateway H57M01 133 megahertz
Memory
6GB of 1,333MHz DDR3 SDRAM
Graphics Card(s)
32MB Intel Graphics Media Accelerator HD IGChip
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
Gateway HX2000 20inch TFT active matrix TN
Screen Resolution
1600 x 900 x 59 hertz
Hard Drives
WDC WD10EADS-00M2B0 [HDD] (1000.20 GB) -- drive 0,
HL-DT-ST DVDRAM GH41N [CD-ROM dr]
Four card readers, and Four USB 2.0
PSU
300watts.
Case
Mid-Tower Desktop
Cooling
Stock from Gateway
Keyboard
Natural Ergonomic Keyboard 4000, see Other Info
Mouse
Orig. Gateway wore out now using Insignia USB wired optical
Internet Speed
Vz FIOS 10ms png 57.64Mbps down 65.53Mbps up Speedtest.org
Antivirus
Zamana Anti-logger with Anti-malware, MSE, Windows Firewall,
Browser
IE11.0.9600.19399-Upd ver11.0.135, Firefox 68.0.1 x64
Other Info
System Specs by Belarc.

BIOS: American Megatrends Inc. P01-A0 11/17/2009

Replaced the MS 'Natural' Standard PS/2 Enhanced 101-102 Keyboard with a new Natural Ergonomic Keyboard 4000 on August 1st 2014.

Canon Pixma MG3222 Printer.

Updated to IE11 on 12102015 | Fios Quantum Router g1100

Additional AV: SpywareBlaster, manual Mbam, SAS
Download CKScanner by askey127 from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
roastbeef

When you get back here follow Jacee's suggestions first.
She is one of our security Aces.

Everyone else has lots of good ideas. I'd go with the Ace to start!:D
Mike
 

My Computer

Computer Manufacturer/Model Number
Hopalong/ Godzilla
OS
Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
CPU
Intel Core i7-870 Lynnfield 2.93GHz LGA 1156 95W Quad-Core
Motherboard
ASUS P7P55D-E PRO
Memory
8GB@1400MHz Crucial Ballistix DDR3-1600 4x2GB
Graphics Card(s)
ASUS ENGTX460 DirectCU/2DI/1GD5 1GB 256-bit GDDR5
Sound Card
VIA Onboard
Monitor(s) Displays
Asus VS248H-P 24"; Samsung SyncMaster 941BW 19"ws
Screen Resolution
1920x1080; 1440x900
Hard Drives
Samsung 830 120GB SSD
Intel 320 120GB SSD
Western Digital Caviar Black WD7501AALS 750GB 7200 RPM SATA 3.0Gb/s
Western Digital Caviar Black WD6401AALS 640GB 7200 RPM SATA 3.0Gb/s
PSU
COOLER MASTER Silent Pro RS850-AMBAJ3-US 850W Modular
Case
COOLER MASTER HAF 932 RC-932-KKN5-GP Black
Cooling
Scythe "Mugen-2 Rev.B" (2 ScytheKaze-Jyuni PWM fans)
Keyboard
Logitech K-320
Mouse
Kensington
Antivirus
Avast Inernet Suite
Browser
IE 9 ; Chrome
Borg 386 said:
Just offhand, it looks like a lot of your security files are either missing or have been disabled.

You can try booting in safe mode and running some of the above listed apps to see if that yields any results.

For the most part, depending on the complexity of it, malware/viruses will infect the first restore point, sometimes the second, possibly all of them. It's worth a try to go into safe mode and see if you can restore backward to the 3rd point or farther if possible. If this succeeds, immediately run a full scan on your system with an AV.
Click to expand...

All the restore points have been deleted unfortunately.

Anak said:
Your welcome rb,

Have you tried running SuperAntispyware (SA) yet?
Click to expand...

I tried SuperAntiSpyWare yeah, it found two little tracking cookies. Don't think they're anything to do with the current problem however. I'll see what Jacee has to say and then I'll try the ESET online scanner you suggested in the meantime. Thanks for your help thus far.

Jacee said:
Download CKScanner by askey127 from HERE
Important - Save it to your desktop.
Doubleclick CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
Click to expand...

Okay, here's the result of that:

Code: 
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\common files\native instruments\kontakt 4\presets\effects\convolution\05 drum reverbs\0.4s firecracker snare orven.nkp
c:\program files (x86)\image-line\hardcore\presets\i cracked my tube!.hdprg
c:\program files (x86)\image-line\sawer\presets\ambient\mc cracked.sawer
c:\users\tom\desktop\ezdrummer v1.0. vsti\ezdrummer v1.0. vsti\keygen.exe
c:\users\tom\desktop\ezdrummer v1.0. vsti\update & keygen\update 1.11\runme.exe
hosts 127.0.0.1    activate.adobe.com
hosts 127.0.0.1    practivate.adobe.com
hosts 127.0.0.1    ereg.adobe.com
hosts 127.0.0.1    activate.wip3.adobe.com
hosts 127.0.0.1    wip3.adobe.com
hosts 127.0.0.1    3dns-3.adobe.com
hosts 127.0.0.1    3dns-2.adobe.com
hosts 127.0.0.1    adobe-dns.adobe.com
hosts 127.0.0.1    adobe-dns-2.adobe.com
hosts 127.0.0.1    adobe-dns-3.adobe.com
hosts 127.0.0.1    ereg.wip3.adobe.com
hosts 127.0.0.1    activate-sea.adobe.com
hosts 127.0.0.1    wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1    activate-sjc0.adobe.com
hosts 127.0.0.1                               adobe.activate.com
hosts 127.0.0.1                               wwis-dubc1-vip60.adobe.com           
scanner sequence 3.ZZ.11
 ----- EOF -----
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
    esetListThreats.png
  11. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the
    esetBack.png
    button.
  13. Push
    esetFinish.png
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Jacee said:
I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
    esetListThreats.png
  11. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the
    esetBack.png
    button.
  13. Push
    esetFinish.png
Click to expand...

3 hours for one file, ouch.

Code: 
D:\Downloads\Torrents\adobe audition 3.zip    a variant of Win32/Keygen.AF application    deleted - quarantined
 

My Computer

Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
CPU
AMD FX 8120 Eight-Core 3.10 GHz
Memory
8GB DDR3
Graphics Card(s)
GeForce GTX 550 Ti
Sound Card
SoundBlaster Live! 24-Bit
That's good! Don't download cracks, they come with unsuspected malwareware, such as, viruses, Trojans, password stealers, rootkits, etc.

If you really want a program, buy it or look for free opensource alternatives Find Open Source Alternatives to commercial software | Open Source Alternative - osalt.com

Now flush the bad DNS cache and restore MS's Hosts file

Copy and paste these lines in Note pad.
@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop. Right click to run as Administrator. Your computer will reboot itself.

Did you pay for Nod32? If you didn't, MSE is an excellent Antivirus program and it's free https://www.microsoft.com/downloads...FamilyID=e1605e70-9649-4a87-8532-33d813687a7f
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Two items I noticed in your HJT log that send a chill up my spine are:
Code: 
BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLLFilter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Click to expand...
@Anak Look up both CLSIDS using SystemLookup - An online database of what's good and bad on your computer
;)
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Borg 386 said:
Just offhand, it looks like a lot of your security files are either missing or have been disabled.
Click to expand...
@Borg 386 ... HJT is getting 'long in the tooth' and can't read the lists of O23's (services) on a 64bit computer properly. That's why we use other tools.
 

My Computer

Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
You must log in or register to reply here.
Back
Top