MS Security Essentials not working

MGtools most likely ran. Please check for the C:\MGlogs.zip file and attach it.

However per your RogueKiller log, you have AVG installed. You should not be running MSE if AVG is installed.

 

Please try the below.

Shutdown any protection software you have running and then continue.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).

Then attach the below log if it is created.:

• C:\MGlogs.zip

If this file was not created, read in the black command prompt window to see if it told you than a C:\MGtools\MGlogsR.zip file was created instead.

 

Okay first a word of caution. You need to stop downloading and then installing programs like your are doing. For example (red is bad and green is good ):

[KeyScrambler] >> C:\Downloads\KeyScrambler\keyscrambler.exe
[Malwarebytes Anti-Malware] >> C:\desktop\mbamgui.exe
[SUPERAntiSpyware] >> C:\Downloads\SUPERAntiSpyware.exe
[Online Armor Helper Service ] >> C:\Downloads\Online Armor\OAcat.exe
[Wootalyzer] >> C:\\Downloads\\Wootalyzer\\woot.exe

You should install and run programs in their default installation folders like the below:

C:\Program Files (x86)\KeyScrambler
C:\Program Files (x86)\Malwarebytes Anti-Malware
C:\Program Files (x86)\SUPERAntiSpyware
C:\Program Files (x86)\Online Armor
C:\Program Files (x86)\Wootalyzer

or ( based on the default the program recommends )

C:\Program Files\KeyScrambler
C:\Program Files\Malwarebytes Anti-Malware
C:\Program Files\SUPERAntiSpyware
C:\Program Files\Online Armor
C:\Program Files\Wootalyzer

The same applies to anything else you have been installing an incorrect way. The way you are installing them could break the programs because they could overwrite each others files and you also can no longer tell which files belong to what program. Also when not installed in their correct locations, they could be deemed to be malware because they are not where they are expected to be!

You need to uninstall every program that you have installed this way and then clean up the downloads and desktop folder to remove left overs. Then reinstall what you need properly. You should do this now.

And that brings us to another problem, you have too many antivirus programs installed. As stated earlier AVG needs to be uninstall if you are going to use MSE. And you also have ZoneAlarm Antivirus installed. No wonder you have problems with MSE.

Are you running the On Screen Keyboard ( osk.exe ) for some reason? I see the below running at startup.

O4 - HKUS\S-1-5-18\..\RunOnce: [osk.exe] osk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [osk.exe] osk.exe (User 'Default user')

You do not appear to be having malware problems. Sorry to say, but it is more likely it is self imposed problems. Let's see if we can clean this up a little.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (file missing)
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (file missing)
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [ROC_ROC_APR2013_AV] C:\Users\Nu\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid c3ff7e847e9547d1851a2104e467347f-21471264e6384775c747a265c310fbedd34fd6be --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913a] C:\Users\Nu\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid c3ff7e847e9547d1851a2104e467347f-21471264e6384775c747a265c310fbedd34fd6be --CMPID 0913a
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

After clicking Fix, exit HJT.

Now uninstall the below programs. If you do not find them or they will not uninstall, just keep going.
Java(TM) 6 Update 22
ZoneAlarm Antivirus

Please download OTM by Old Timer and save it to your Desktop.

• Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
• Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
  (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
  the code box

Code:

:Processes
explorer.exe
 
:Files
C:\Program Files (x86)\AVG\AVG2013
C:\Program Files (x86)\AVG
C:\ProgramData\AVG2012
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
C:\Windows\tasks\ROC_REG_JAN_DELETE.job
C:\Windows\tasks\ROC_SYS_TASK.job
C:\Windows\tasks\ROC_SYS_TASK_DELETE.job
C:\Windows\TEMP\*.*
C:\Users\Nu\AppData\Local\Temp\*.*

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ROC_ROC_APR2013_AV"=-
"AVG-Secure-Search-Update_0913a"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\Run]
"AVG_TRAY"=-
[HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\windows\currentVersion\Run]
"AVG_TRAY"=-
[HKEY_USERS\S-1-5-21-2483047531-152467866-1573691041-1001\Software\Microsoft\Windows\CurrentVersion\run]
"ROC_ROC_APR2013_AV"=-
"AVG-Secure-Search-Update_0913a"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}"=-
:Commands
[purity]
[EmptyTemp]
[start explorer]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
  ) and choose Paste.
• Now click the large http://forums.majorgeeks.com/chaslang/images/MoveIt!.png button.
• If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
• Close OTM.

Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
this log file to your next message.

Now please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Note: That JRT may reset your home page to a google default so you will need to restore your home page setting if this happens.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Attach JRT.txt to your next message.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the C:\_OTM\MovedFiles log
• the JRT.TXTlog
• C:\MGlogs.zip

Make sure you tell me how things are working now!