Results 1 to 3 of 3

Thread: Generic Host Process for Win32 Services encountered a problem

  1. #1
    Junior Member
    Join Date
    Jan 2007
    Posts
    2

    Generic Host Process for Win32 Services encountered a problem

    Hi.I did everything I read in another post related ,I think, to the same problem,but it still doesn't work.The computer stucks and I have to reset.
    I add my HijackThis logfile .
    Thanks


    Logfile of HijackThis v1.99.1
    Scan saved at 3:43:20 PM, on 1/6/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe
    C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
    C:\WINDOWS\System32\telcoms.exe
    C:\Program Files\Lexmark X5100 Series\lxbabmon.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ynet.co.il/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\jkkhhge.dll
    O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\System32\ysohvjfi.dll
    O2 - BHO: support - {991EF04C-93CF-469b-A2BE-CC1B3347566F} - C:\Program Files\BHO\plugin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Smapp] "C:\Program Files\Analog Devices\SoundMAX\Smtray.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [IMONTRAY] "C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe"
    O4 - HKLM\..\Run: [Lexmark X5100 Series] "C:\Program Files\Lexmark X5100 Series\lxbabmgr.exe"
    O4 - HKLM\..\Run: [LVCOMS] "C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE"
    O4 - HKLM\..\Run: [RealTray] "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
    O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
    O4 - HKLM\..\Run: [Microsoft Telecoms Center] telcoms.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [DllRunning] "rundll32.exe" "C:\WINDOWS\System32\opiasmxe.dll",setvm
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\RunServices: [msvcc25] svcchost.exe
    O4 - HKLM\..\RunServices: [Microsoft Telecoms Center] telcoms.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [Microsoft Telecoms Center] telcoms.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: NaturalColorLoad.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{494F114E-D452-4592-9E72-0A13B0A84ACF}: NameServer = 192.115.106.35 62.219.186.7
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: jkkhhge - C:\WINDOWS\SYSTEM32\jkkhhge.dll
    O20 - Winlogon Notify: rpcc - C:\WINDOWS\
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe



    We can eliminate the malware issue, please do the following, I have never seen this related to SP2:

    Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

    Please download Ad-Aware SE 1.06 and SpyBot Search & Destroy 1.4 then set them up EXACTLY as I have written HERE. This will offer much deeper scanning than the default settings that will find more spyware/malware.

    Install and run CWShredder 2.15.

    Then do a FREE online virus scan from Kaspersky Webscan.

    Also make sure you have ALL of the latest Windows Updates (only install SP2 for XP once you are spyware FREE).

    I also HIGHLY recommend you download, update and scan with Spy Sweeper 4.0, there is a FREE 14-day trial and it is an EXCELLENT product.

    It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

    If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 as shown HERE and post a log here in this forum for us to look at.

    Once you are clean download SpywareBlaster 3.4 and set it up as shown HERE to help stay spyware free.

  2. #2
    Dr Tweak mnosteele52's Avatar
    Join Date
    Jul 2001
    Location
    Chesapeake, VA
    Posts
    11,912
    Have HijackThis fix the following:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\jkkhhge.dll
    O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\System32\ysohvjfi.dll
    O4 - HKLM\..\RunServices: [msvcc25] svcchost.exe
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: jkkhhge - C:\WINDOWS\SYSTEM32\jkkhhge.dll
    O20 - Winlogon Notify: rpcc - C:\WINDOWS\

    Try the following:

    Prior to doing anything XP users MUST disable System Restore!!! You can re enable it after you are clean.

    1. Download, install and run CrapCleaner to remove any temporary and junk files.

    2. Download Ad-Aware SE 1.06 and set it up as shown HERE.

    3. Download SpyBot Search & Destroy 1.4 and set it up as shown HERE.

    4. Download SUPERAntiSpyware, update and do a full system scan.

    5. Download AVG Anti-Spyware 7.5, update and do a full system scan.

    6. Download and run CWShredder.

    7. Do a FREE online virus scan from BitDefender Online Scan and remove all that it finds.

    8. If you aren't currently using a firewall or anti-virus profram then I suggest you install Comodo Firewall and Active Virus Shield - (setup instructions HERE), both are FREE and offer excellent protection.

    9. It is a good idea to use Sysinternal's Autoruns to make sure you have removed all of the malware.

    10. It it also a good idea to run the Winsock Fix to repair your TCP/IP stack. (you will have to redo any tweaks for your connection if this is used)

    11. If after doing ALL of the above and you are still having problems please scan with HijackThis 1.99.1 as shown HERE and post a log here in this forum for us to look at.

    12. Download SpywareBlaster 3.5.1 and set it up as shown HERE to help stay spyware free.

    13. Make sure you have ALL of the latest Windows Updates.


  3. #3
    Junior Member
    Join Date
    Apr 2007
    Posts
    1
    i have try using those programs but the problem keeps coming back.. any one can help me please..

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\switch user\Desktop\HijackThis.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C8700495-EC40-49EA-960A-5AE86A201F95}: NameServer = 165.21.100.88 165.21.83.88
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    Last edited by riceballz; 04-20-07 at 11:15 AM.

Similar Threads

  1. DSL Connection dropping randomly
    By Tomdanizer in forum General Broadband Forum
    Replies: 22
    Last Post: 07-17-11, 01:08 AM
  2. Replies: 88
    Last Post: 07-16-11, 11:23 AM
  3. Replies: 2
    Last Post: 02-27-07, 09:43 AM
  4. Generic Host Process for win32 Services error
    By p3k44 in forum Network Security
    Replies: 4
    Last Post: 10-05-06, 08:03 PM
  5. Generic Host Process different problem
    By ne0gen in forum Network Security
    Replies: 8
    Last Post: 08-30-06, 03:51 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •