1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

generic host process error

Discussion in 'Virus & Other Malware Removal' started by cloud07, Jan 14, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    hi i have had this problem before but cannot remember how i fixed it. i recieve the error "generic host process win32 error" it causes my computer to lose connection to my wireless internet and reconnecting intermittently, and it makes my computer run really slow. i remember that it had something to do with svchost.exe, i think it was a virus disguised as a svchost file. i have a hijackthis log ready if you need it as i think that is how i fixed it before but dont want to just start deleting/fixing things because i cant understand the log very well.

    thank you
     
  2. Megabite

    Megabite

    Joined:
    Apr 5, 2008
    Messages:
    11,761
    Howdy,

    Yes that would be a good idea to post your recent Hijack log
     
  3. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:30:25 PM, on 1/14/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17093)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\Brett\My Documents\Downloads\HiJackThis.exe
    C:\WINDOWS\System32\mshta.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\mshta.exe
    C:\WINDOWS\System32\mshta.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Brett\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
     
  4. Megabite

    Megabite

    Joined:
    Apr 5, 2008
    Messages:
    11,761
    Do you not have any Anti-Virus running on this PC.....and any reason you haven't upgraded to Explorer 8
     
  5. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    yes, i have malwarebytes anti-maleware. i generally use firefox not explorer.
     
  6. Megabite

    Megabite

    Joined:
    Apr 5, 2008
    Messages:
    11,761
    Malwarebytes is a Anti malware not Antivirus......I would suggest installing a Anti Virus.....you can use the links in my sig such as AvastHome free version...or any other one of your choice.......I would install it and update it and run a scan with what ever Anti-Virus program you choose.
     
  7. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Please download and run Process Explorer (it doesn't require any installation).

    Right-click a mshta.exe process and select Properties... > Image > copy what you see in the Command line: and paste it in your next reply.
     
  8. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    sorry haven't written back recently, havent had time to get on the computer. apparently the problem fixed itself, which is wierd because last time i had it it went on for like two weeks before i fixed it. anyway thanks for your help anyway.
     
  9. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    I still need you to answer my question. I want to confirm your computer is indeed infected...
     
  10. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    Ok so i marked this solved but then it popped back up, now its worse. still have the generic host process error for win 32 services, now i have no sound whenever i play a game and most the time i have no sound for anything else. computer says it either it doesn't recognize audio hardware installed or that none is installed. just today the computer said my wireless couldn't be detected but i could get on the internet fine. also, a few minutes after i turn on my computer it will sound like its running real hard, i look at the processes and the cpu is running at full capacity and 97% of it will be on one svchost.exe which doesn't make sense, especially since i have 0 programs running. i have malware anti-malware and Microsoft security essentials. but when i go to update MSE it says it cant check for updates due to an internet or connectivity issue. i don't know whats going on please help. oh and Mr. Phantom010 please give me way more detailed instructions on the process explorer thing, i downloaded it and ran it but where do i find the stuff on svchost.exe and this mshta.exe so i can post it. thanks
     
  11. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    also i forgot to mention that it will sometimes change the bar at the bottom of my screen and the icons to look like windows 98. sometimes it will change right back other times it wont change till i restart the computer. thanks again.
     
  12. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    When running Process Explorer, you'll have a list of all running processes on your computer. I need you to right-click on one of the mshta.exe processes you'll see. The processes are located on the left side of the window, under the title Process. Nothing out of the ordinary to decipher.

    After right-clicking mshta.exe, select Properties...

    Then, click on the Image tab.

    Highlight and copy (CTRL+C) the line you see in the Command line box.

    Then, in your next reply here on the forum, paste (CTRL+V) that line.
     
  13. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    I am seeing where you are talking about but none of the processes are named mshta.exe. The only ones i have that start with "m" are MsMpEng.exe, and msseces.exe. is it bad not to have a mshta.exe? Sorry i not real smart with computers. Thanks again
     
  14. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,796
    Please post a new HijackThis log.
     
  15. cloud07

    cloud07 Thread Starter

    Joined:
    Jan 14, 2011
    Messages:
    66
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:35:26 PM, on 2/1/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17093)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ATK0100\HControl.exe
    C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\Brett\My Documents\Downloads\HiJackThis.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Brett\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

    --
    End of file - 4951 bytes
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - generic host process
  1. Mackoy
    Replies:
    0
    Views:
    503
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/974720

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice