LloydK Posted April 27, 2011 ID:421707 Share Posted April 27, 2011 I posted over on the Microsoft forums because I noticed my Automatic Updates were not updating and I was sent here. Let me begin with all the problems I am seeing. I don't know if they are all related, but I started noticing them all now because of the Auto Update problem.I noticed that my Automatic Updates yellow shield appears in the tray and disappears almost immediately. I clicked on it to open and see what it was doing and it won't open, but says 0% and then disappears. I tried going into the security center to do the updates, but the update.windows.com site won't load. It says there is a connection problem. Another problem I keep getting is a Generic Host Process Error popup. After it happens, the only thing that I notice is that the windows do not look like XP windows anymore. They look like the Safe Mode windows. Basically, they have the square corners and the grayish outline.I also noticed that my AVG had the exclamation point, so I tried to update that as well, but it gets all the way to the final step(the finishing installation bar completely filled) and then stops and says "update failed, general error." I ran AVG as it was and it found nothing. I ran Super Anti-Spyware and it just found tracking cookies. I ran Anti-Malware and on a full scan, it doesn't complete. It scans for about an hour and a half I guess, and then a pop up says it had to quit because it encountered an error. I can perform a quick scan, but it finds nothing.I downloaded and ran the new Microsoft Safety Scanner, and again, it found nothing.I read some other forums and tried one of the online scanners suggested there, Panda Security Active Scan 2.0. I will paste the log at the bottom of the page.I cannot install HijackThis. I get an error that says "The system administrator has set policies to prevent installation." I don't know if thats from the virus. It could also be from the IT guy at the company I used to work for, since this computer used to be on their network and he was also an Administrator.I also have an svchost.exe under the SYSTEM user name that climbs up to over 1 gig of memory. It sometimes drives the CPU up, but for the most part stays around 10-20%. I installed Process Monitor, but when it starts it says it can't load the device driver. I am running in Safe Mode, so I do not know if that has something to do with it.I am guessing that all of this stuff is related since I started noticing it all around the same time. But maybe they are separate issues? My system information:XP Pro 2002 SP3Dell Vostro 400Intel Core 2 Quad CPUQ6600 @ 2.40GHz2.39 GHz, 3.25 GB of RamBelow is the Panda Security Scanner Log:;***********************************************************************************************************************************************************************************ANALYSIS: 2011-04-26 15:11:45PROTECTIONS: 1MALWARE: 27SUSPECTS: 0;***********************************************************************************************************************************************************************************PROTECTIONSDescription Version Active Updated;===================================================================================================================================================================================AVG Anti-Virus Free Edition 2011 10.0 Yes Yes;===================================================================================================================================================================================MALWAREId Description Type Active Severity Disinfectable Disinfected Location;===================================================================================================================================================================================00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@trafficmp[1].txt00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@casalemedia[1].txt00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@doubleclick[1].txt00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@doubleclick[2].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@atdmt[1].txt00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@atdmt[1].txt00145405 Cookie/RealMedia TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@247realmedia[1].txt00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@fastclick[1].txt00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@fastclick[1].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@tribalfusion[1].txt00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@tribalfusion[2].txt00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@mediaplex[1].txt00167753 Cookie/Statcounter TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@statcounter[2].txt00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@ad.yieldmanager[1].txt00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\localservice\cookies\system@ad.yieldmanager[1].txt00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@ad.yieldmanager[2].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\localservice\cookies\system@apmebf[1].txt00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@apmebf[2].txt00168076 Cookie/BurstNet TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@burstnet[2].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@serving-sys[1].txt00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\localservice\cookies\system@serving-sys[1].txt00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@bs.serving-sys[2].txt00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@www.burstbeacon[1].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@advertising[1].txt00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@advertising[1].txt00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@ads.pointroll[2].txt00170556 Cookie/RealMedia TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@realmedia[2].txt00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@questionmarket[2].txt00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@zedo[1].txt00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\documents and settings\lloyd\cookies\lloyd@zedo[1].txt00194327 Cookie/Go TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@go[1].txt00194327 Cookie/Go TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@go[3].txt00199984 Cookie/Searchportal TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@searchportal.information[1].txt00207338 Cookie/Target TrackingCookie No 0 Yes No c:\documents and settings\localservice\cookies\system@target[2].txt00207338 Cookie/Target TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@target[1].txt00207862 Cookie/did-it TrackingCookie No 0 Yes No c:\documents and settings\networkservice\cookies\system@did-it[1].txt03864140 Bck/DService.TK Virus/Trojan No 1 Yes No c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp571\a0135286.exe06320774 Adware/AntimalwareDoctor Adware No 1 Yes No c:\windows\system32\config\systemprofile\application data\08d548570864dfdc9bffb0b25b5a09d7\enemies-names.txt06832766 Bck/DService.AFQ Virus/Trojan No 0 No No c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp571\a0131825.exe[c:\system volume information\_restore{46de8921-1d39-44d2-a9e9-64119261f211}\rp571\a0131825.exe][pcilic.exe];===================================================================================================================================================================================SUSPECTSSent Location;===================================================================================================================================================================================;===================================================================================================================================================================================VULNERABILITIESId Severity Description;===================================================================================================================================================================================1000578 HIGH MS11-0141000577 HIGH MS11-0131000576 HIGH MS11-0121000575 HIGH MS11-0111000573 HIGH MS11-0071000572 HIGH MS11-0061000567 HIGH MS11-003224931 HIGH MS10-090223904 HIGH MS10-071222626 HIGH MS10-053221290 HIGH MS10-035219647 HIGH MS10-018217169 HIGH MS10-002215938 HIGH MS09-072214071 HIGH MS09-054212530 HIGH MS09-034;=================================================================================================================================================================================== Link to post Share on other sites More sharing options...
Firefox Posted April 27, 2011 ID:421713 Share Posted April 27, 2011 Hello, and Welcome to MalwarebytesIf you think you are infected, here are the steps needed to get your computer cleaned....Please read the following so that you can begin the cleaning process:You have 3 Options that you can choose from as listed below:[*]Option 1 Link to post Share on other sites More sharing options...
LloydK Posted April 27, 2011 Author ID:421736 Share Posted April 27, 2011 Ok Firefox, I am doing all the steps right now and I will make a new topic in the other forum. Thank you Link to post Share on other sites More sharing options...
Firefox Posted April 27, 2011 ID:421803 Share Posted April 27, 2011 You are welcome, you will be in good hands there, they will help you get your computer back to working order.... Link to post Share on other sites More sharing options...
Recommended Posts