| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 99052 | 2009-04-18 00:12:00 | Generic Host Process Failed | csinclair83 (200) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 766060 | 2009-04-18 00:12:00 | Heya am writing this 4 mum - shes emailed me with a computer problem and I cant seem to figure it out. Shes with slingshot and has xcelerator installed - dialup. Lately shes had a window pop up saying "Generic Host Process Win32" has failed and needs to be shut down. and if i want an error report sent to microsoft etc... when shes shut it down it forces her internet to cut off and it hangs as well - the 2 window symbol is still showing as connected but internet hangs by not loading and if u try going on a website it asks if u want to connect so she clicks connect then it says modem still active.... avg is updated and did a scan and all clean - am thinking of getting her to download hijack this and posting a log - let me know if needed :) |
csinclair83 (200) | ||
| 766061 | 2009-04-18 01:13:00 | Try this majorgeeks.com or do this in Vista www.mydigitallife.info |
feersumendjinn (64) | ||
| 766062 | 2009-04-18 01:26:00 | Sorry yeah its XP Service Pack 1...got her downloading that fix and spybot... heres the hijack log Logfile of HijackThis v1.99.1 Scan saved at 11:59:43 AM, on 4/18/2009 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\System\MSASP32.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE C:\Program Files\Slingshot Xcelerator\slipcore.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIB EP.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stuff.co.nz/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Slingshot Xcelerator\components\NOWImaging.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DSS] C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Slingshot Xcelerator\slipcore.exe" O4 - HKCU\..\Run: [EPSON Stylus CX3900 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIB EP.EXE /FU "C:\WINDOWS\TEMP\E_S83.tmp" /EF "HKCU" O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Slingshot Xcelerator.lnk = C:\Program Files\Slingshot Xcelerator\slipgui.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com O16 - DPF: {EF732B7C-BFF6-49B1-A32C-3C74C318FDCC} (VPlayer Control) - www.thesecret.tv O17 - HKLM\System\CCS\Services\Tcpip\..\{D9068CA5-BFFB-41ED-9530-57EE0BC424FC}: NameServer = 202.180.64.10 202.180.64.11 O23 - Service: Advance Service Process - Unknown owner - C:\Program Files\Common Files\System\MSASP32.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe |
csinclair83 (200) | ||
| 766063 | 2009-04-18 01:49:00 | O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe This looks suss, but wait for Speedy or WT to have a look. |
feersumendjinn (64) | ||
| 766064 | 2009-04-18 01:56:00 | I would update the service pack for a start. Youre asking for trouble Yup that entry Feer posted looks suss. Disable system restore. Tick these then tick fix checked Close browsers Then update XP O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime This maybe suss C:\Program Files\Common Files\System\MSASP32.exe This maybe spyware C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE O4 - HKLM\..\Run: [DSS] C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com O23 - Service: Advance Service Process - Unknown owner - C:\Program Files\Common Files\System\MSASP32.exe O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe Reboot then get trojan remover / malwarebytes below. Update both then scan. Then select all options under utilities in trojan remover |
Speedy Gonzales (78) | ||
| 766065 | 2009-04-18 03:27:00 | This maybe spyware C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE That is VERY nasty..download SpywareTerminator and perform a full scan, then post a fresh HJT log. Blam |
Blam (54) | ||
| 766066 | 2009-04-18 05:25:00 | just an update - went around to hers.. Have installed latest updates to SP3.... fixed what was required in HJT... currently downloading spyware terminator will post new HJT when completed |
csinclair83 (200) | ||
| 766067 | 2009-04-18 22:24:00 | heya finally got it all fixed I think - no generic error since spyware scans etc last night but who knows if I'm speaking 2 soon... heres the latest HJT... HMMM...i removed DSS agent via spyware and restarted just b4 the scan but its still showing in HJT...is tehre another removal tool? Spyware terminator is uptodate with latest one (did the update this morning) Logfile of HijackThis v1.99.1 Scan saved at 9:23:34 AM, on 4/19/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\AGRSMMSG.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Slingshot Xcelerator\slipcore.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIB EP.EXE C:\Program Files\Slingshot Xcelerator\slipgui.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Spyware Terminator\SpywareTerminator.exe C:\WINDOWS\system32\OOBE\msoobe.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HijackThis\HijackThis.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe |
csinclair83 (200) | ||
| 766068 | 2009-04-18 22:27:00 | ok now I'm confused - Just posted the posting and noticed dssagent not there but in HJT window it shows up there... | csinclair83 (200) | ||
| 766069 | 2009-04-18 22:32:00 | Where's all the entries in startup, in your last log?? I cant see dssagent, in your last log Get malwarebytes and trojan remover, like I posted in the 5th post |
Speedy Gonzales (78) | ||
| 1 2 | |||||