Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Security Center won't open after suspicious activity


  • Please log in to reply
No replies to this topic

#1 vinceT

vinceT

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:59 AM

Posted 02 April 2010 - 11:12 AM

Hi there, recently I have been cleaning out old files and programs trying to keep the computer happy and ran updates and scans using all the anti- stuff on my computer, a self-made WinXP Pro SP3 machine with an Intel DG33TL board running 4 gigs of DDR2 RAM and Core Duo D6550 CPU. I cannot get into the Windows Security Center today and I don't know if it is something I did, or if there is malware blocking my access.

Several times in the past, I have noticed suspicious activitiy regarding ZoneAlarm and Ad-Aware going on and off by themselves or asking for permission to access the internet when they have just done so maybe an hour before. I sell on ebay and this invites people from around the world to "quest" into my computer.

This reason for this help request is that this morning, I woke up and found the computer on and monitor off after shutting it down before going to bed last night. Avast was not running, nor was ZoneAlarm, GuardedID, SuperAntiSpyware and several of the usual tray icons were missing as well. Yesterday, I uninstalled Ad-Aware to get ready to try something else. After finding this suspicious pattern this morning, re-installed Ad-Aware and ran the scan, but it only found 3 tracking cookies, no malware. Ran Malware Bytes yesterday and came up negative, too.

The consistent suspicious activity I usually see is that the keyboard hotkey for homepage internet mail one button sign on gets switched from my ISP provider homepage of Comcast.net to Outlook Express and I never use Outlook. If I go into the keyboard menu to check what's listed for the setting, it says comcast, not outlook.

Several times I have seen ZoneAlarm program settings for things I have not given permission to and suspect rootkits. One was pev-rkill.exe which was a pre-fetch file that replicated itself whenever I tried to rename it. You could actually see it add another file to the expanded folder as soon as you hit the enter button and it would rename itself something else. Sometimes, even rename itself onto a different pre-fetch file such as logon, etc. Naturally, run a malware scan and it came up negative.

After turning off several "Services" having to do with remote access and finding some of them turned back on again after several Windows updates, I started having this problem today of not being able to open up Windows Security Center to check settings. I click the icon and nothing happens. Click it again and the blue bar at the top of the screen flashes blue, then, to gray and nothing happens.

Am I infected with a rootkit? or have I accidentally turned off something in the Services section that needs to be on?

I run rkill.exe, and the other rkills and they don't find anything other than the usual run32dll.exe's that I can see, but I am not an expert with system files.

Any help you can give would be greatly appreciated. I'd like to feel secure that I don't have any keylogger programs running in the background.

Cheers,
VinceT :thumbsup:

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users