Posted 31 October 2010 - 12:55 PM
I have a windows XP machine and I get this error "Generic Host process for Win32 services has encountered a problem and needs to close we are sorry for the inconvenience" at least 2 to 3 times a day. The computer runs normally without any problems even after the error. I send this error message to Microsoft and no reply from them. The noticeable changes that I see after the error occurs, is that, the screens taskbar color changes to light brownish and then after a couple of minutes, it returns back to normal blue color. Just before this error, I have noticed that there is a flurry of activity in my computer, in terms of floppy disk drive lighting up and showing that its reading a disk. The HDD is reading for a couple of minutes and I know that I can expect this message very soon. I noticed later, that my windows firewall is deactivated and any attempts to activate it, is futile as it says an error 5 - "you do not have permission". I have been reading forums regarding this error and some have said to change the windows time server and deactivate the windows update, all with no luck. I have noticed before this problem started to occur, my computer doesn't respond if left idle and on further investigation I noticed, in my task manager, my processor is running at 100%. I found the process to be "svchost.exe" and there are multiple of them. I was so frustrated that I stopped the process. I did this a couple of times. I also checked with Process Explorer(PE) to identify and pinpoint which one is taking up so much CPU time. From the PE, I noticed, there are at least 10 -12 sub process running of svchost and so I couldn't do much. In some other forums, it was mentioned that executing this command "netsh winsock reset" would solve but to no avail, the problem persisted. I checked up the windows error log and I noticed this message "Applicatio n Error - Faulting application svchost.exe version 5.1.2600.5512 faulting module ntdll.dll, version 5.1.2600.5755 fault address 0x00023845" at the time of error. The message is as what was displayed. I didn't get the part, which said the two version number. Does it mean its old version or is it a version mismatch?. I noticed there was a size difference in the service pack and the windows system 32 directory for the file ntdll.dll. In the svc pack it was 690Kb and in Sys32 it was 698KB. I have replaced with the higher one but no luck on that front either.
Yesterday, I ran MBAM and I got a whole bunch of infections totalling 10, they were - "Trojan hiloti", "Spyware.Passwords.XGen", "Malware.Trace", "Trojan.Agent"
I don't know if its an infection or is my computer being infected at the time when there is no firewall or its already infected.....I have no idea. I would appreciate if someone could help me in solving this issue.
Thanks and Regards