Inactive 'generic host process for win32 services' message infection?

[spkenny]

I have a customers computer that suddenly started freezing up when in windows, and the hard drive working constantly like a program was running. I have scanned with malwarebytes, spyware doctor with antivirus, ad aware, kaspersky internet security,and webroot external scans twice over. Internally, I installed the kaspersky internet security 30 day trial, and the malwarebytes doing the scans in safe mode internally, and also in regular mode. Various infections were found and removed. The system now seems to be running better (hasnt frozen up yet) but I still believe there is something going on as kaspersky is popping up with the following message:

'generic host process for win32 services from "trusted" group, run by a restricted application is trying to get access to protected passwords storage. This trusted application can be used by the restricted application to perform a priveleged operation'

Kaspersky then asks if I want to allow, or deny this operation. Is this still an infection?

 

[Bobbye]

Your customer has Restricted and Untrusted application groups. One (or more) of them is attempting to access the protected passwords. Is this an infection- probably:

I suggest checking this first: If using IE> Internet Options> Security tab> Trusted Sites> Sites> highlight and remove all sites from this zone> Apply> OK.

No sites need to be in this zone.

If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

When you have finished, leave the logs for review in your next reply .

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.