| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 112539 | 2010-09-10 11:39:00 | Security service can't be started | Fifthdawn (9467) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1136211 | 2010-09-10 11:39:00 | Hello PF1 I have been tasks with 'fixing' a family laptop (HP tablet pc running Vista home premium) which is 'going slow', I have removed a few Trojans with malwarebytes, but I am concerned about the fact that I get this message when I attempt to turn on the inbuilt security [Window Title] Windows Security Center [Main Instruction] The Security Center service can't be started. [Close] The computer will also not download windows updates (the loading bar just keeps scrolling with no bandwidth being used) I have read around the internet and all the posts that I have seen say that I should manually start the service, but its not even in the services list! Any advice would be great :) |
Fifthdawn (9467) | ||
| 1136212 | 2010-09-10 11:45:00 | Disable system restore. Reboot. If this is 32 bit, get trojan remover from here http://www.simplysup.com/ Update it then scan. Then select all options under utilities |
Speedy Gonzales (78) | ||
| 1136213 | 2010-09-11 00:25:00 | Thanks for that reply, I followed those steps but it failed to find anything, and I still cant run windows update or turn on the security service. Would a repair installation be able to fix this, as it seems like parts of windows are damaged. |
Fifthdawn (9467) | ||
| 1136214 | 2010-09-11 00:49:00 | What were the name/s of the trojans?? | Speedy Gonzales (78) | ||
| 1136215 | 2010-09-11 01:17:00 | Is, or was Nortons on this?? It looks like this program can make that message appear. Mcafees can also screw it up | Speedy Gonzales (78) | ||
| 1136216 | 2010-09-11 01:29:00 | what i removed was called "worm.prolaco.m". I think this laptop has had both McAfee and Norton on it in the past. thanks for the help. |
Fifthdawn (9467) | ||
| 1136217 | 2010-09-11 01:47:00 | So what AV program is on it now? Is there a P2P program on this? If there is that's probably how it got infected. Post a HJT log if it can run (rename its file if it cant). or run it in safe mode / networking | Speedy Gonzales (78) | ||
| 1136218 | 2010-09-11 02:59:00 | Its running MSE and Avast!, but avast seems to be broken - it just quits with an error. here is the hijack this log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:58:06 p.m., on 11/09/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ie.redirect.hp.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?') O4 - HKUS\S-1-5-21-1341804659-2337394881-1397761179-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User '?') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe O23 - Service: Wacom Touch Service (WacomTouchService) - Unknown owner - C:\Windows\system32\WacomTouchService.exe -- End of file - 5508 bytes |
Fifthdawn (9467) | ||
| 1136219 | 2010-09-11 03:04:00 | Uninstall one of them you dont need both of them You can tick these then tick fix checked Close browsers. I would also install SP2. Once you figure out how to fix this prob O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file) O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) 4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot Update MSE, then do a full scan Get the Norton / Symantec and the Mcafee removal tool. So both remove whatever completely |
Speedy Gonzales (78) | ||
| 1136220 | 2010-09-11 07:53:00 | I ran the scan and it found nothing, the security service still wont start and is not shown in the list of services which means that I cant even start it manually. | Fifthdawn (9467) | ||
| 1 2 3 | |||||