Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Generic Host Process For W32 Services Error


  • Please log in to reply
1 reply to this topic

#1 Shev@

Shev@

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 14 August 2006 - 01:57 AM

Hi !

i have a "Generic Host Process for w32 services error". when i click send report or not send then my network shut down..and then start bar's view changes strangely..and i have to restart my computer to connect to the internet again..here is the details of the error..:
"EventType : BEX P1 : svchost.exe P2 : 5.1.2600.2180 P3 : 41107ed6
P4 : netapi32.dll P5 : 5.1.2600.2180 P6 : 411093e4 P7 : 0000a3c0
P8 : c0000409 P9 : 00000000

( i have another pc but the error is on it too...when i carry my modem to it...then it gives the same error..i have this problem since yesterday...before yesterday i didnt have such a problem..)

i've scanned with kaspersky antivirus 6.0, ad-aware SE pro and Spybot s&d...and cleaned smthg..but error is sitll continues...can you help me ?? this make me really mad...at last here is the hijack this log :

Logfile of HijackThis v1.99.1
Scan saved at 09:48:10, on 14.08.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
G:\Programlar\Kaspersky 6.0\avp.exe
G:\Programlar\Kaspersky 6.0\avp.exe
C:\Program Files\ZyXEL\ADSL USB Modem\CnxDslTb.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
G:\Programlar\RocketDock\RocketDock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
G:\Programlar\Firefox\firefox.exe
F:\Archive\İndirilenler\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - g:\programlar\Acrobatreader\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - G:\PROGRA~1\FlashGet\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - G:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SmcService] G:\PROGRA~1\SYGATE~1\smc.exe -startgui
O4 - HKLM\..\Run: [kav] "G:\Programlar\Kaspersky 6.0\avp.exe"
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZyXEL\ADSL USB Modem\CnxDslTb.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EasyTuneIV] C:\Program Files\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
O4 - HKCU\..\Run: [RocketDock] "G:\Programlar\RocketDock\RocketDock.exe"
O4 - Global Startup: Sygate Personal Firewall.lnk = G:\Programlar\Sygate PF\Smc.exe
O8 - Extra context menu item: Download All by FlashGet - G:\Programlar\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - G:\Programlar\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - G:\Programlar\Kaspersky 6.0\scieplugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - G:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://strider07.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E8C3550-81AE-48F1-AD89-8BA2096F7AA2}: NameServer = 195.175.37.14 195.175.39.39
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - G:\Programlar\Kaspersky 6.0\avp.exe" -r (file missing)
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - G:\Programlar\Sygate PF\smc.exe

edited : some time ago one of my friends started to getting this error...pls help us...!!! :thumbsup::huh::flowers:

Edited by Shev@, 14 August 2006 - 02:53 AM.


BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:11:50 PM

Posted 17 August 2006 - 07:58 AM

Hello Shev@ and welcome to the BC HijackThis forum. There appears to be a rash of these same errors all starting around the same time. I do not see any signs of viruses or malware so I do not think it is that.

I'm going to use you as a test. Let's get some information from a different scanner and see what it shows us.

Download WinPFind2.zip and unzip it to your Desktop. It will create a folder named WinPFind2. Do NOT run the program directly from the zip file.
  • Open the WinPFind2 folder and double-click on winpfind2.exe to start the program.
  • Keep the standard settings and then in the AddOn-Options box click the checkboxes for
    • HKCU_IEDesktop.def
    • Policies.def
    to select them.
  • Now click the Run All Scans button on the toolbar.
  • When the scans are complete click the Simple Report button in the lower right-hand corner to create a report file. Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button to post the information back here and I will review it when it comes in.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users