Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DroppeGeneric.BHHB being pickup up about every 10 minutes


  • This topic is locked This topic is locked
5 replies to this topic

#1 hobbes44

hobbes44

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 07 December 2009 - 12:06 AM

Avg Free is catching Trojan Horse DropperGeneric.BHHB about every 10 minutes while I am online. Once in awhile I also get Generic15.BLVT and AVG found Vundo.JB. Something has also is screwing up google and my searches are not going where I need them to go (a google search for hijackthis sent me to AV9.0 page).

I have been running AVG free and malwarebytes but neither has stopped them from coming.

I am running windowsXP and my browser of choice is firefox.

I am also including a log from hijackthis. Please assist me in controlling this problem.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:25:43 PM, on 12/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\wmconnect\wmtray.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\WINDOWS\system32\PackethSvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\FastNetSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\PleseHijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.callwave.com/iam/Error.asp?u=0f...ninstallCommand
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [zewaderiva] Rundll32.exe "rewuvafu.dll",s
O4 - HKLM\..\Run: [derokepad] Rundll32.exe "c:\windows\system32\hodisuto.dll",a
O4 - HKLM\..\Run: [Wpumuv] rundll32.exe "C:\WINDOWS\alayetof.dll",Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: CallWave.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Netscape Connect Tray Icon.lnk = C:\Program Files\wmconnect\wmtray.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O4 - Global Startup: Winter Fun Wallpaper Changer.lnk = ?
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1259903622906
O17 - HKLM\System\CCS\Services\Tcpip\..\{AFF39843-6F38-468D-B145-20E7D48C6E9F}: NameServer = 193.104.110.38,4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D43CB995-4B00-4EA8-A0A6-94764D1AF8C0}: NameServer = 193.104.110.38,4.2.2.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O21 - SSODL: runatoyus - {1081fe1e-d6c1-484c-af23-31a2057351b8} - c:\windows\system32\hodisuto.dll
O22 - SharedTaskScheduler: kupuhivus - {1081fe1e-d6c1-484c-af23-31a2057351b8} - c:\windows\system32\hodisuto.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: fastnetsrv Service (fastnetsrv) - Netopsystems A - C:\WINDOWS\system32\FastNetSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Virtual NIC Service (PackethSvc) - America Online, Inc. - C:\WINDOWS\system32\PackethSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 10373 bytes

BC AdBot (Login to Remove)

 


#2 hobbes44

hobbes44
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 07 December 2009 - 11:02 PM

I get online using netscapeconnect which has a built-in firewall. The Trojan horses keep coming even when I am only running this browser.
Here is my DDS report. Sorry I didn't have it on my first post.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 11/29/2009 10:41:32 PM
System Uptime: 12/7/2009 8:02:56 PM (1 hours ago)

Motherboard: ASUSTek Computer INC. | | Guppy
Processor: Intel® Celeron® CPU 2.93GHz | PGA 478 | 2933/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 86 GiB total, 56.898 GiB free.
D: is FIXED (FAT32) - 7 GiB total, 1.827 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 11/30/2009 12:31:06 AM - System Checkpoint
RP2: 12/1/2009 12:37:21 AM - System Checkpoint
RP3: 12/1/2009 7:30:54 AM - Removed Norton Security Center
RP4: 12/1/2009 5:48:43 PM - Installed AVG Free 9.0
RP5: 12/2/2009 8:38:29 PM - Avg8 Update
RP6: 12/2/2009 8:41:49 PM - Avg8 Update
RP7: 12/4/2009 12:55:07 AM - Software Distribution Service 3.0
RP8: 12/4/2009 12:25:00 PM - Configured easy Internet sign-up
RP9: 12/4/2009 8:00:28 PM - Software Distribution Service 3.0
RP10: 12/5/2009 8:00:20 PM - Software Distribution Service 3.0
RP11: 12/6/2009 2:51:19 PM - Software Distribution Service 3.0
RP12: 12/6/2009 6:39:53 PM - Configured PC-Doctor for Windows
RP13: 12/7/2009 6:48:27 PM - System Checkpoint

==== Installed Programs ======================

Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 10 Plugin
Adobe Reader 6.0.1
AI RoboForm (All Users)
AiO_Scan
AiOSoftware
AVG Free 9.0
Blackhawk Striker 2 from Hewlett-Packard Desktops (remove only)
Blasterball 2 from Hewlett-Packard Desktops (remove only)
Blasterball 2 Holidays from Hewlett-Packard Desktops (remove only)
Blasterball 2 Remix from Hewlett-Packard Desktops (remove only)
Bounce Symphony from Hewlett-Packard Desktops (remove only)
BufferChm
CallWave
CameraDrivers
Copy
CP_AtenaShokunin1Config
cp_dwSharkTaleAlbums1
cp_dwSharkTaleCards1
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CP_PLSBusinessFlyers
CreativeProjects
CreativeProjectsTemplates
Crystal Maze from Hewlett-Packard Desktops (remove only)
CueTour
Data Fax SoftModem with SmartCP
Destinations
Director
DocProc
DocumentViewer
Easy Internet Sign-up
Fax
Final Drive Nitro from Hewlett-Packard Desktops (remove only)
Help and Support Additions
HijackThis 2.0.2
Hotfix for Windows XP (KB976098-v2)
HP Boot Optimizer
HP Deskjet 3840
HP Deskjet Printer Preload
HP Help and Support 4.0
HP Image Zone 4.8.6
HP Image Zone Plus 4.8.6
HP Organize
HP Photosmart Cameras 4.5
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HPIZplus450
HpSdpAppCoreApp
HPSystemDiagnostics
InstantShare
Intel® Extreme Graphics Driver
IntelliMover Data Transfer Demo
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
KBD
Lexibox Deluxe from Hewlett-Packard Desktops (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft Office Standard Edition 2003
Microsoft Plus! Dancer LE
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Overball from Hewlett-Packard Desktops (remove only)
PanoStandAlone
Phoenix Assault from Hewlett-Packard Desktops (remove only)
PhotoGallery
Photosmart 320,370,7400,8100,8400 Series
Polar Bowler from Hewlett-Packard Desktops (remove only)
Polar Golfer from Hewlett-Packard Desktops (remove only)
PrintScreen
PS2
PSPrinters06
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QFolder
QuickProjects
QuickTime
Readme
RealPlayer
Remove Microsoft Money 2005 installer
Scan
ScannerCopy
Security Update for Windows XP (KB944338-v2)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB974571)
Shooting Stars Pool from Hewlett-Packard Desktops (remove only)
SkinsHP1
Slyder from Hewlett-Packard Desktops (remove only)
Sonic Express Labeler
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Super Granny from Hewlett-Packard Desktops (remove only)
Tradewinds from Hewlett-Packard Desktops (remove only)
TrayApp
Unload
Update for Windows XP (KB898461)
Update for Windows XP (KB967715)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Updates from HP
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB891781

==== Event Viewer Messages From Past Week ========

12/7/2009 4:26:34 AM, information: Windows File Protection [64004] - The protected system file atapi.sys could not be restored to its original, valid version. The file version of the bad file is unknown The specific error code is 0x00000000 [The operation completed successfully. ].
12/6/2009 6:39:13 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/6/2009 6:16:02 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\WININET.dll. Reference error message: The operation completed successfully. .
12/6/2009 5:57:44 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\shdocvw.dll. Reference error message: Error Message is unavailable .
12/6/2009 5:50:46 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WindowsShell.manifest. Reference error message: Error Message is unavailable .
12/6/2009 5:50:38 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\SHELL32.dll. Reference error message: Error Message is unavailable .
12/5/2009 8:07:56 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
12/5/2009 8:07:56 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
12/4/2009 12:22:16 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: fasttx2k
12/4/2009 1:12:51 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file atapi.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
12/4/2009 1:12:49 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\drivers\atapi.sys could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/4/2009 1:12:44 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\drivers\atapi.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
12/4/2009 1:11:17 AM, information: Windows File Protection [64003] - File replacement was attempted on the protected system file c:\windows\system32\drivers\atapi.sys. This file was restored to the original version to maintain system stability. The file version of the bad file is unknown.
12/2/2009 8:42:38 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avg9wd service.
12/1/2009 8:28:04 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/1/2009 8:13:04 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
12/1/2009 7:39:13 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .
12/1/2009 7:39:13 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\AVG\AVG8\avgui.exe. Reference error message: The operation completed successfully. .
12/1/2009 7:39:13 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
12/1/2009 7:32:32 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe. Reference error message: The operation completed successfully. .
12/1/2009 7:32:32 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Kodak\Kodak EasyShare software\bin\Kfx.dll. Reference error message: The operation completed successfully. .
12/1/2009 7:31:36 AM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
12/1/2009 7:27:44 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\AVG\AVG8\avgtray.exe. Reference error message: The operation completed successfully. .

==== End Of File ===========================

#3 hobbes44

hobbes44
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 07 December 2009 - 11:05 PM

I am not sure if I have any script blockers running. I didn't seem to have any troubles getting this report. Any questions or comments to this nature please include in reply.

#4 hobbes44

hobbes44
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 08 December 2009 - 12:18 AM

Root repeal report, if individual reports are need have them also.

Attached Files



#5 hobbes44

hobbes44
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 08 December 2009 - 05:08 PM

It is getting worse. I had two new trojan horses last night.

#6 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:09:20 AM

Posted 14 December 2009 - 07:42 PM

This thread is closed - The member is trying AII first.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users