Internet not running properly/Generic Host Process error message rec'd

View previous topic View next topic Go down

Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 7th February 2011, 1:38 am

My internet is slow at times and won't open at all other times. When searching for websites often different ones appear than the one I clicked on. Keep receiving the Generic host process error. Tried to run a fix with Microsoft website but computer gives me an error message when I try to download it. Scans with Malwarebytes Anti-Malware returns no infected files. Ran OTL but unable to copy & paste entire OTL & Extras notepad contents (over the character limit). How should I get that data to you?

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 7th February 2011, 5:28 am

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 8th February 2011, 3:42 am

ComboFix 11-02-07.01 - William Peterson 02/07/2011 21:23:33.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1569 [GMT -6:00]
Running from: c:\documents and settings\William Peterson\Desktop\ComboFix.exe
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\William Peterson\Application Data\completescan
c:\documents and settings\William Peterson\Application Data\install
c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\bszip.dll
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
((((((((((((((((((((((((( Files Created from 2011-01-08 to 2011-02-08 )))))))))))))))))))))))))))))))
.

2011-02-08 03:23 . 2011-02-08 03:23 -------- d-----w- c:\windows\LastGood

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 00:09 . 2011-01-03 00:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-21 00:08 . 2011-01-03 00:14 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-29 23:38 . 2010-11-29 23:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 23:38 . 2010-11-29 23:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iYogi Support Dock"="c:\program files\iYogi Support Dock\iYogiSupportDock.exe" [2010-12-09 1418480]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^William Peterson^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk]
path=c:\documents and settings\William Peterson\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-02-01 22:45 98304 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 16:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OE_OEM]
2006-04-12 01:39 176201 ----a-w- c:\program files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-06-25 00:35 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145367420\\ee\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1145367420\\ee\\aim6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R2 iYogiURLHit.exe;iYogi Hit Agent;c:\program files\iYogi Support Dock\Services\URLHit\iYogiURLHit.exe [12/3/2010 3:59 AM 17408]
R2 SupportDockClientService.exe;iYogi Communication Agent;c:\program files\iYogi Support Dock\Services\CommAgent\SupportDockClientService.exe [12/7/2010 8:02 AM 55296]
R2 Tmfilter;Tmfilter;c:\windows\system32\drivers\tmxpflt.sys [8/30/2005 4:30 PM 205328]
R2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [8/30/2005 4:30 PM 290889]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [8/30/2005 4:30 PM 585792]
R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [8/30/2005 4:30 PM 36368]
R2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [8/30/2005 4:30 PM 262215]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 8:11 PM 135664]
S3 CSVirtA;Cisco Systems SSL VPN Adapter;c:\windows\system32\drivers\CSVirtA.sys [7/8/2007 7:00 PM 22136]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: &Yahoo! Search - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsrch.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Yahoo! &Dictionary - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - [You must be registered and logged in to see this link.] files\Yahoo!\Common/ycsms.htm
Trusted Zone: aol.com\free
Trusted Zone: turbotax.com
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
.
- - - - ORPHANS REMOVED - - - -

AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-02-07 21:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2011-02-07 21:38:42
ComboFix-quarantined-files.txt 2011-02-08 03:38

Pre-Run: 56,474,484,736 bytes free
Post-Run: 57,176,514,560 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - AA0E8FABE19C59CA46C614DBA76C68FF

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 8th February 2011, 5:24 pm

Scan for malware

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].
Alternate link: [You must be registered and logged in to see this link.].
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 9th February 2011, 1:33 am

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5717

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

2/8/2011 7:29:42 PM
mbam-log-2011-02-08 (19-29-42).txt

Scan type: Quick scan
Objects scanned: 172927
Time elapsed: 5 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\ineufbr1v (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 9th February 2011, 9:54 am

Please download [You must be registered and logged in to see this link.] and save it to your Desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Double-click on OTS to start the program (if you are running on Vista then right-click the program and
    choose Run as Administrator).
  • At the top, tick on Scan All Users section and Include MD5.
  • At File Age set it to 90 Days
  • In the Processes, Modules, Services, Drivers, and Registry
    section, please set on Safe List.
  • In the Files Created Within and Files Modified Within section, set it to File Age
  • At the bottom, tick on all Safe List and Use Company Name WhiteList option
  • Under Additional Scans, tick on the "Extras" button and then click the checkboxes in front of the following items to select them:
      Reg - Disabled MS Config Items
      Reg - Drivers32
      Reg - Ext
      Reg - IE
      Explorer Bar
      Reg - NetSvcs
      Reg - Safeboot Minimal
      Reg - Safeboot Network
      File - Lop Check
      File - Purity Scan
  • Do NOT change any other settings.
  • Then, in the Custom Scans box, place this in:

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\System32\*.sys
    %systemroot%\System32\drivers\*.dll
    %systemroot%\System32\drivers\*.ini
    %systemroot%\System32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*


  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 9th February 2011, 7:54 pm

When I click on the link for OTS, my open internet windows all close and I am not able to even save the program. I ran Malware again and below are the results:
Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 5717

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

2/9/2011 1:31:11 PM
mbam-log-2011-02-09 (13-31-11).txt

Scan type: Quick scan
Objects scanned: 173207
Time elapsed: 4 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\william peterson\local settings\temporary internet files\Content.IE5\P2XQFOQ1\OTS[1].exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\documents and settings\william peterson\local settings\temporary internet files\Content.IE5\QDT81OBE\OTS[1].exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 15th February 2011, 3:13 pm

Still unable to run OTS.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 15th February 2011, 7:51 pm

ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 16th February 2011, 10:02 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17055 (vista_gdr.100414-0533)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=a22730d6c534444db61464f2edb95809
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-02-16 03:51:49
# local_time=2011-02-15 09:51:49 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777179 100 0 158663031 158663031 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=99585
# found=6
# cleaned=6
# scan_time=6440
C:\Documents and Settings\All Users\Application Data\AOL Downloads\SUD4131\setup.exe probably a variant of Win32/Agent.HZHBURL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\William Peterson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\cwcshoaseqkz.jar-7910cbb4-3b01c820.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\William Peterson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\d02a0679e1e.jar-5cb36c60-70254192.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\William Peterson\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\etknxldrcnyl.jar-193db890-19c682e2.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP1773\A0124838.exe probably a variant of Win32/Agent.HZHBURL trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\12543.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 16th February 2011, 11:52 pm

Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 18th February 2011, 2:00 pm

Seems there are no other issues. Thank you for your help.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 20th February 2011, 2:09 am



Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 21st February 2011, 1:07 am

Had a problem:

•Cleaned System Restore - COMPLETE
•Ran OTC - UNABLE TO RUN - Internet shuts down when I click on the link
•Ran TFC - DIDN'T ATTEMPT AFTER OTC ISSUE
•Ran Security Check - DIDN'T ATTEMPT AFTER OTC ISSUE


speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 21st February 2011, 3:15 am

Try this one instead:

[You must be registered and logged in to see this link.]


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 22nd February 2011, 2:50 am

I have the same problem with this as well. As soon as I click on the link, my internet shuts down.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 22nd February 2011, 3:05 am

Does it seem like something is blocking it, like antivirus or fake antivirus?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 22nd February 2011, 9:37 pm

It seems that way, although there is no message indicating that. When I click on the link, the window asking me to run or save the program pops up, but before I can click on anything it all shuts down.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 24th February 2011, 3:38 am

What antivirus is running?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 25th February 2011, 3:27 am

Trend Micro PC-cillin Internet Security 12

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Dr Jay on 26th February 2011, 4:25 am

One more question..even when the internet security is disabled, it still gets blocked?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13810
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302437
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 27th February 2011, 9:19 pm

I uninstalled the the anti virus and still cannot run either program.

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Kenny94 on 1st March 2011, 1:11 pm

Hi,

DragonMaster Jay is not available for the next several days and has asked us to take over..... Smile

Please read carefully and let me know if you have any questions.

Create a batch file:

Note: You will need to save any work before double clicking the fix.bat file because it will automatically restart your computer

  • Please copy and paste the following text in the Code box exactly as written into notepad (not wordpad or any other text editor):
    Code:
    @echo off
    ipconfig /release
    ipconfig /renew
    ipconfig /flushdns
    netsh winsock reset all
    netsh int ip reset all
    shutdown -r -t 10
    del /f /q %0
  • Once you've done that click on File and select Save As...
  • In the Save dialogue box click on the drop down menu next to Save as type and select All Files
  • Name the file fix.bat (the .bat extension is very important)
  • Save the file to your desktop and double click it to run it.
  • Once it runs it will automatically restart your computer
  • Once your computer boots again, check to see if your internet has improved or any shut downs?


Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33531
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 4th March 2011, 4:26 pm

I ran fix.bat, restarted the computer, then tried to run OTC.exe and had the same problem. Internet immediately shuts down. What does this program do?

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Kenny94 on 5th March 2011, 12:34 pm

OTC.exe removes the tools that was used. Lets do this:

Follow these steps to uninstall Combofix and tools used in the removal of malware


  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the x and /)

  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33531
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 8th March 2011, 1:35 am

Combofix uninstall is complete. What should I do next?

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by Kenny94 on 8th March 2011, 2:05 am

Your good to go speterson, unless your having any other issues with this PC?

Kenny94
Tech Officer
Tech Officer

Posts Posts : 2019
Joined Joined : 2010-04-22
Gender Gender : Male
OS OS : Windows 7
Protection Protection : Avira/Router and Malwarebytes
Points Points : 33531
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Internet not running properly/Generic Host Process error message rec'd

Post by speterson on 8th March 2011, 5:56 pm

I think it is okay now. Thank you!

speterson
Novice
Novice

Posts Posts : 15
Joined Joined : 2011-02-07
OS OS : Windows XP
Points Points : 21523
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum