WiredWX Hobby Weather ToolsLog in

 


Windows Security Centre won't start

2 posters

descriptionWindows Security Centre won't start EmptyWindows Security Centre won't start

more_horiz
My log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:48:52, on 03/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Opera\opera.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\aybsee\Desktop\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.97.18 mininova.org
O1 - Hosts: 91.121.97.18 www.mininova.org
O1 - Hosts: 91.121.97.18 thepiratebay.org
O1 - Hosts: 91.121.97.18 www.thepiratebay.org
O1 - Hosts: 91.121.97.18 demonoid.com
O1 - Hosts: 91.121.97.18 www.demonoid.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [IpodManagerService] C:\Program Files\Froddle Pod\ipm_as.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{990D65D1-2159-41E8-B150-CBC833F36E3A}: NameServer = 212.139.132.11 212.139.132.10
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe


Help,please.When i turn on my pc, I am getting an alert from windows security center telling me that it's turned off.When i click "turn on now ",I get "The security center service can't be started". I have searched in vain for some way of starting it but no luck.Is this a malware or virus problem?Help please

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    R3 - URLSearchHook: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
    O1 - Hosts: 91.121.97.18 mininova.org
    O1 - Hosts: 91.121.97.18 www.mininova.org
    O1 - Hosts: 91.121.97.18 thepiratebay.org
    O1 - Hosts: 91.121.97.18 www.thepiratebay.org
    O1 - Hosts: 91.121.97.18 demonoid.com
    O1 - Hosts: 91.121.97.18 www.demonoid.com
    O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    O3 - Toolbar: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
    O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)


  • Press "Fix Checked"
  • Close Hijack This.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Here is the logfile from MBAM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:48:52, on 03/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Opera\opera.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Users\aybsee\Desktop\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
R3 - URLSearchHook: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.121.97.18 mininova.org
O1 - Hosts: 91.121.97.18 www.mininova.org
O1 - Hosts: 91.121.97.18 thepiratebay.org
O1 - Hosts: 91.121.97.18 www.thepiratebay.org
O1 - Hosts: 91.121.97.18 demonoid.com
O1 - Hosts: 91.121.97.18 www.demonoid.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:en
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [IpodManagerService] C:\Program Files\Froddle Pod\ipm_as.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll/3000
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{990D65D1-2159-41E8-B150-CBC833F36E3A}: NameServer = 212.139.132.11 212.139.132.10
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 11028 bytes

Unfortunately,the problem still exists.Any advice greatlty appreciated

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Apologies,Wrong file.Here is the correct one,sorry.

Malwarebytes' Anti-Malware 1.35
Database version: 1937
Windows 6.0.6001 Service Pack 1

03/04/2009 15:14:13
mbam-log-2009-04-03 (15-14-13).txt

Scan type: Quick Scan
Objects scanned: 66311
Time elapsed: 4 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\System32\KuzSmall.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\drivers\ovfsth.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ovfsthedxbpoyagyciobjenavprifmviqvnkft.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ovfsthepnqcuxeyaiwentpvbpbxewcfktovpii.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ovfsthisuyptxcvyqbqjkoxlbmrhyvfbjbxxfy.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ovfsthcritwwtuewshlipxhgrixlieomrsncdn.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ovfsthpruqogtnqwxwcmncgssteuyqynmgsiqf.dat (Trojan.Agent) -> Quarantined and deleted successfully.


Unfortunately,as i said previously it's still there.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.
Yeah, it will be until I can find the cause. I think I might have, this could be a new variant of the TDSS rootkit jugding from the file names MBAM found.

I want to see what's installed, because something is conflicting with our removal.

  • Open HijackThis
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Here is the saved list


32 Bit HP CIO Components Installer
Acoustica CD/DVD Label Maker
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Ad-Aware
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Batch Converter
Allok 3GP PSP MP4 iPod Video Converter 5.1.1223
Any Video Converter 2.7.0
AppCore
Apple Mobile Device Support
Apple Software Update
Backup
Bonjour
ccCommon
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
DirectX 9 Runtime
EMC 11 Content
Enhanced Multimedia Keyboard Solution
Free Videos To DVD V2.1
Froddle Pod
GearDrvs
GearDrvs
GOM Player
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Demo
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart.All-In-One Driver Software 8.0 .A
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Smart Web Printing
HP Solution Center 10.0
HP Total Care Advisor
HP Update
iTunes
Java(TM) 6 Update 13
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
K-Lite Codec Pack 4.5.3 (Full)
LabelPrint
LightScribe System Software 1.14.17.1
LiveUpdate (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
MobileMe Control Panel
MP3 Cutter Plus 1.0
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 6.1
My HP Games
Norton 360
Norton 360
Norton 360
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
Norton Confidential Core
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OpenOffice.org 3.0
Opera 9.63
PDF Settings
PhotoScape
Power2Go
PowerDVD
Python 2.5.2
QuickTime
Real Alternative 1.9.0
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio Creator 2009
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Search Settings 1.2
Shop for HP Supplies
SmartSound Quicktracks Plugin
SoulSeek 157 NS 13c
SPBBC 32bit
SpeedTouch 330
SPORE Creature Creator Trial Edition
Spybot - Search & Destroy
SpywareBlaster 4.1
Switch Sound File Converter
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Live Sign-in Assistant
WinRAR archiver
Yahoo! Toolbar

thanks

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.
I ask that you temporarily remove Ad-Aware, they removal methods aren' that effective, and adwatch is interfering with our removal.


  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight the following:

  • Ad-Aware
  • Ad-Aware
  • Java(TM) 6 Update 7
  • Java(TM) SE Runtime Environment 6 Update 1

  • Click on the Uninstall/Change button at the top.

Please refer back to my first post and do the Hijack This fix again.

http://www.geekpolice.net/virus-spyware-malware-removal-f11/windows-security-centre-won-t-start-t7971.htm#49440

Then once that is done, please run this.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    Link 1
    Link 2
  • Double click DDS.scr to run
  • When complete, DDS.txt will open.
  • Save the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Here is the DDS.txt


H: is Removable
I: is Removable
J: is Removable

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0018
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0018
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0032
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0032
Service: tunnel

Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: USB CF Reader
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01#920321111113&1#
Manufacturer: Generic
Name: USB CF Reader
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&1&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_GENERIC&PROD_USB_CF_READER&REV_1.01#920321111113&1#
Service: WUDFRd

==== System Restore Points ===================


==== Installed Programs ======================

32 Bit HP CIO Components Installer
Acoustica CD/DVD Label Maker
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.1
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced Batch Converter
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
Allok 3GP PSP MP4 iPod Video Converter 5.1.1223
Any Video Converter 2.7.0
AppCore
Apple Mobile Device Support
Apple Software Update
µTorrent
Backup
Bonjour
BufferChm
C3100
c3100_Help
Cards_Calendar_OrderGift_DoMorePlugout
ccCommon
CCleaner (remove only)
Compatibility Pack for the 2007 Office system
Copy
Destination Component
DeviceDiscovery
DirectX 9 Runtime
DocProc
EMC 11 Content
Enhanced Multimedia Keyboard Solution
Fax
Free Videos To DVD V2.1
Froddle Pod
GearDrvs
GOM Player
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Hardware Diagnostic Tools
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Demo
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart All-In-One Driver Software 10.0 Rel .2
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart.All-In-One Driver Software 8.0 .A
HP Picasso Media Center Add-In
HP Recovery Manager RSS
HP Smart Web Printing
HP Solution Center 10.0
HP Total Care Advisor
HP Update
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
iTunes
Java(TM) 6 Update 13
Java(TM) SE Runtime Environment 6 Update 1
K-Lite Codec Pack 4.5.3 (Full)
LabelPrint
LightScribe System Software 1.14.17.1
LiveUpdate (Symantec Corporation)
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Works
MobileMe Control Panel
MP3 Cutter Plus 1.0
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 6.1
My HP Games
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 HTMLHelp
Norton Confidential Core
NVIDIA Drivers
OCR Software by I.R.I.S. 10.0
OpenOffice.org 3.0
Opera 9.63
PanoStandAlone
PDF Settings
PhotoScape
Power2Go
PowerDVD
PS_AIO_02_Software
PS_AIO_02_Software_Min
PSSWCORE
Python 2.5.2
QuickTime
Real Alternative 1.9.0
Realtek High Definition Audio Driver
Roxio Activation Module
Roxio BackOnTrack
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009
Roxio File Backup
Roxio Update Manager
Scan
Search Settings 1.2
Shop for HP Supplies
SmartSound Quicktracks Plugin
SmartWebPrintingOC
SolutionCenter
SoulSeek 157 NS 13c
SPBBC 32bit
SpeedTouch 330
SPORE Creature Creator Trial Edition
Spybot - Search & Destroy
SpywareBlaster 4.1
Status
Switch Sound File Converter
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
SymNet
Toolbox
TrayApp
UnloadSupport
VideoToolkit01
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebReg
Windows Live Sign-in Assistant
WinRAR archiver
Yahoo! Toolbar

==== End Of File ===========================

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.
Wrong log, that is attach.txt, not DDS.txt.

Although, attach.txt says two programs I asked you to remove are still present.
Ad-Aware
Java(TM) SE Runtime Environment 6 Update 1


  • Click Start >> Control Panel.
  • Under the Programs click Uninstall a Program
  • Highlight the following:

    [Ad-Aware
    Java(TM) SE Runtime Environment 6 Update 1

  • Click on the Uninstall/Change button at the top.

Please post DDS.txt.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Here is the first half of the DDS.txt


DDS (Ver_09-03-16.01) - NTFSx86
Run by aybsee at 21:26:19.65 on 03/04/2009
Internet Explorer: 7.0.6001.18000
Microsoft®️ Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.1918.1135 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Thomson\ST330\service\st330service.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
C:\Program Files\Froddle Pod\ipm_as.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Roxio Creator 2009\5.0\CPMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\aybsee\Desktop\dds.pif
C:\Windows\system32\wbem\wmiprvse.exe

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
the second part

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=84&bd=Pavilion&pf=cndt
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
mURLSearchHooks: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - c:\program files\demonoid\tbDem0.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Shareaza Web Download Hook: {0eedb912-c5fa-486f-8334-57288578c627} - c:\program files\gnutella turbo\plugins\RazaWebHook.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\kb127\SearchSettings.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Demonoid Toolbar: {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - c:\program files\demonoid\tbDem0.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [diagnostics] "c:\program files\thomson\st330\diagnostics\diagnostics.exe" /icon -l:en
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [IpodManagerService] c:\program files\froddle pod\ipm_as.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: []
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatchTray11.exe"
mRun: [CPMonitor] "c:\program files\roxio creator 2009\5.0\CPMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Shareaza - c:\program files\gnutella turbo\plugins\RazaWebHook.dll/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_13.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: {990D65D1-2159-41E8-B150-CBC833F36E3A} = 212.139.132.11 212.139.132.10

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-22 64160]
R1 c2scsi;c2scsi;c:\windows\system32\drivers\C2SCSI.SYS [2008-8-11 254320]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20090318.001\IDSvix86.sys [2009-3-23 272432]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2008-2-18 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-3-4 101936]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\drivers\netr73.sys [2008-10-21 497152]
R3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2009-1-22 30464]
R3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2009-1-22 12672]
R3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\system32\drivers\stppp.sys [2009-1-22 35328]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S2 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe /service --> c:\program files\relevantknowledge\rlservice.exe [?]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files\roxio creator 2009\digital home 11\RoxioUpnpService11.exe [2008-8-14 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxLiveShare11.exe [2008-8-14 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxWatch11.exe [2008-8-14 170480]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-1-13 23888]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-5-22 20640]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [2008-8-14 313840]
S3 RoxMediaDB11;RoxMediaDB11;c:\program files\common files\roxio shared\11.0\sharedcom\RoxMediaDB11.exe [2008-8-14 1124848]
S4 gupdate1c98b96f0dcc87;Google Update Service (gupdate1c98b96f0dcc87);c:\program files\google\update\GoogleUpdate.exe [2009-2-10 133104]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S4 nvrd32;NVIDIA nForce RAID Driver;c:\windows\system32\drivers\nvrd32.sys [2008-9-1 133152]
S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-2-16 1153368]

=============== Created Last 30 ================

2009-04-03 15:59 9,804 a------- c:\windows\system\vdremote.dll
2009-04-03 15:59 7,244 a------- c:\windows\system\vdsvrlnk.dll
2009-04-03 12:53 --d----- C:\ZCVideoDVD
2009-04-03 12:53 28 a------- c:\windows\ZC DVD Creator Platinum.INI
2009-04-03 12:29 --d----- c:\users\aybsee\appdata\roaming\GetRightToGo
2009-04-03 08:43 --d----- c:\users\aybsee\.SunDownloadManager
2009-04-03 08:06 --d----- c:\program files\common files\Windows Live
2009-03-30 08:09 299,552 a------- c:\windows\wmsysprx.prx
2009-03-30 08:08 --d----- c:\users\aybsee\appdata\roaming\Acoustica
2009-03-30 07:59 --d----- c:\program files\Acoustica CD Label Maker
2009-03-29 10:15 87,608 a------- c:\users\aybsee\appdata\roaming\inst.exe
2009-03-29 10:15 47,360 a------- c:\windows\system32\drivers\pcouffin.sys
2009-03-29 10:15 47,360 a------- c:\users\aybsee\appdata\roaming\pcouffin.sys
2009-03-28 17:19 --d----- c:\program files\DVDCover+
2009-03-28 16:15 --d----- c:\program files\common files\Sonic Shared
2009-03-27 20:51 --d----- C:\Windows Sidebar
2009-03-27 14:46 --d----- c:\users\aybsee\appdata\roaming\Shareaza
2009-03-27 14:05 290,869 -------- c:\windows\system32\temp.000
2009-03-27 14:05 110,592 -------- c:\windows\system32\bcshellext.dll
2009-03-12 19:18 1,986,560 -------- c:\windows\system32\AudFile.dll
2009-03-12 19:18 1,212,416 -------- c:\windows\system32\AudioInfos.dll
2009-03-12 19:18 348,160 -------- c:\windows\system32\WMAFile.dll
2009-03-12 19:18 116,296 -------- c:\windows\system32\NCTWMAProfiles.prx
2009-03-12 19:18 44,544 -------- c:\windows\system32\msxml4a.dll
2009-03-12 19:18 40,960 -------- c:\windows\system32\SSubTmr6.dll
2009-03-12 14:18 23,848 -------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-12 14:18 --d----- c:\program files\iPod
2009-03-12 14:18 --d----- c:\programdata\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-12 14:18 --d----- c:\program files\iTunes
2009-03-12 14:18 --d----- c:\progra~2\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-11 08:36 7,680 a------- c:\windows\system32\spwmp.dll
2009-03-11 08:36 4,096 a------- c:\windows\system32\msdxm.ocx
2009-03-11 08:36 4,096 a------- c:\windows\system32\dxmasf.dll
2009-03-11 08:36 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-03-11 08:36 268,288 a------- c:\windows\system32\schannel.dll
2009-03-11 08:36 2,033,152 a------- c:\windows\system32\win32k.sys
2009-03-07 14:06 --d----- c:\program files\MP3 Cutter Plus
2009-03-06 17:29 --d----- c:\users\aybsee\appdata\roaming\GrabPro
2009-03-06 17:29 --d----- C:\downloads
2009-03-06 17:13 --d----- c:\programdata\SpeedBit
2009-03-06 17:13 --d----- c:\progra~2\SpeedBit
2009-03-06 17:13 --d----- c:\program files\DAP
2009-03-05 16:57 254,644,076 a------- C:\backup.reg
2009-03-05 13:52 --d----- c:\programdata\Yahoo! Companion
2009-03-05 13:52 --d----- c:\program files\Yahoo!
2009-03-05 09:15 --d----- c:\windows\system32\N360_BACKUP

==================== Find3M ====================

2009-04-01 16:43 11,710 a------- c:\users\aybsee\appdata\roaming\wklnhst.dat
2009-03-31 13:46 148,888 a------- c:\windows\system32\jusched.exe
2009-03-31 13:46 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-31 13:46 386,480 a------- c:\windows\system32\jucheck.exe
2009-03-31 13:46 54,680 a------- c:\windows\system32\jureg.exe
2009-03-29 10:16 143,360 a------- c:\windows\inf\infstrng.dat
2009-03-29 10:16 51,200 a------- c:\windows\inf\infpub.dat
2009-03-29 10:16 86,016 a------- c:\windows\inf\infstor.dat
2009-03-26 16:49 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-26 16:49 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-05 09:13 124,464 -------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-03-05 09:13 10,635 -------- c:\windows\system32\drivers\SYMEVENT.CAT
2009-03-05 09:13 806 -------- c:\windows\system32\drivers\SYMEVENT.INF
2009-02-20 14:14 164,737 a------- c:\windows\hpoins21.dat
2009-02-20 12:11 130,834 a------- c:\windows\hpoins18.dat
2009-02-19 12:31 24,112 -------- c:\windows\system32\drivers\SymIMV.sys
2009-02-19 12:31 9,844 -------- c:\windows\system32\drivers\SymRedir.cat
2009-02-19 12:31 1,611 -------- c:\windows\system32\drivers\SymRedir.inf
2009-02-19 12:31 41,008 -------- c:\windows\system32\drivers\symndisv.sys
2009-02-19 12:31 184,496 -------- c:\windows\system32\drivers\symtdi.sys
2009-02-19 12:31 96,560 -------- c:\windows\system32\drivers\symfw.sys
2009-02-19 12:31 38,576 -------- c:\windows\system32\drivers\symids.sys
2009-02-19 12:31 22,320 -------- c:\windows\system32\drivers\symredrv.sys
2009-02-19 12:31 13,616 -------- c:\windows\system32\drivers\symdns.sys
2009-02-16 13:20 40,960 a------- c:\windows\uneng.exe
2009-02-14 16:58 625,152 -------- c:\windows\system32\mp3tsshx.dll
2009-02-12 14:19 737,280 a------- c:\windows\iun6002.exe
2009-01-31 14:22 15,688 -------- c:\windows\system32\lsdelete.exe
2009-01-26 15:31 19,500 a------- c:\windows\hpqins13.dat
2009-01-15 07:11 827,392 a------- c:\windows\system32\wininet.dll
2009-01-06 12:29 965,664 -------- c:\windows\system32\RtkPgExt.dll
2009-01-06 12:29 44,064 -------- c:\windows\system32\RtkCoInst.dll
2009-01-06 12:29 322,080 -------- c:\windows\system32\RtkApoApi.dll
2009-01-06 12:29 2,510,368 -------- c:\windows\system32\RtkAPO.dll
2008-09-01 03:59 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 03:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 21:26:44.87 ===============

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
I have done as asked and removed java and ad-aware although ad-aware is still showing in the list of installed programs,it does not appear anywhere in program files,so I am sure i have deleted it.Hope this make sense,thanks

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    R3 - URLSearchHook: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
    O1 - Hosts: 91.121.97.18 mininova.org
    O1 - Hosts: 91.121.97.18 www.mininova.org
    O1 - Hosts: 91.121.97.18 thepiratebay.org
    O1 - Hosts: 91.121.97.18 www.thepiratebay.org
    O1 - Hosts: 91.121.97.18 demonoid.com
    O1 - Hosts: 91.121.97.18 www.demonoid.com
    O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Gnutella Turbo\Plugins\RazaWebHook.dll (file missing)
    O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    O3 - Toolbar: Demonoid Toolbar - {35b675b9-7f34-40df-8f49-5fab6b7e4aef} - C:\Program Files\Demonoid\tbDem0.dll (file missing)
    O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)


  • Press "Fix Checked"
  • Close Hijack This.

Please download the OTMoveIt3 by OldTimer.

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :services
    RelevantKnowledge

    :files
    c:\users\aybsee\appdata\roaming\Shareaza
    C:\Program Files\Search Settings
    C:\Program Files\RelevantKnowledge


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
here is the OTMoveIt log.

========== SERVICES/DRIVERS ==========
Service\Driver RelevantKnowledge not found.
Unable to delete service\driver keyRelevantKnowledge.
========== FILES ==========
c:\users\aybsee\appdata\roaming\Shareaza\Data moved successfully.
c:\users\aybsee\appdata\roaming\Shareaza moved successfully.
C:\Program Files\Search Settings\kb127\temp moved successfully.
C:\Program Files\Search Settings\kb127\res moved successfully.
Folder move failed. C:\Program Files\Search Settings\kb127 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Search Settings scheduled to be moved on reboot.
File/Folder C:\Program Files\RelevantKnowledge not found.

OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04042009_082743

Files moved on Reboot...
Folder move failed. C:\Program Files\Search Settings\kb127 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Search Settings\kb127 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Search Settings scheduled to be moved on reboot.

All the items you asked me to check and fix using HijackThis are still there after reboot.thanks

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
Hello.

Fine, lets try this from safe mode.

Please then reboot your computer in Safe Mode by doing the following :

  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.


Now try the Hijack This fix again.

Delete this folder in bold:
C:\Program Files\Search Settings

descriptionWindows Security Centre won't start EmptyRe: Windows Security Centre won't start

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum