Generic Host Process for Win32 Services has encountered a problem........

check the suggestions here.
 "Generic Host Process for Win 32 services encountered a problem and needed to close"
http://www.computing.net/windows2003/wwwboard/forum/395.html

Go here and read the Win XP  post...

http://computing.net/windowsxp/wwwboard/forum/73643.html

And also go here for the patch...

http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

use these to test RAM.

http://www.simmtester.com 
The website for memtest is http://www.memtest86.com/
http://hcidesign.com/memtest/

Thanks forthe quick reply...Im doing some of the first things Icame across in your link now...My system doesnt crash...Or shut down...I get the error...I click dont send and go on my way for a few min....Etc....Im doing the MS Protect thing now...

None of the above seem to work....It takes forever for me to access "my computer"...flashlight and all...three error messages before I can see drives and such......ANy other Ideas?

Did u say that it takes forever u to access my computer then u might wanna try this fix too.

XP Freezing when I click on My Computer - no drives appear
search (a flashlight may appear) for a long time (for example, 5 minutes) before files appear.

Disable the Windows Image Acquisition service.
More Information:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;819017

If this does not help, uninstall 821557 hotfix.

also do u have Sp1. if u installed it recently then try to reinstall it.

I just did all the windows updates again after reformatting AGAIn...LOL..I opted not to archive the files...I always stay current with updates and virus defs...Religously...THats why im not leaning towards a virus?.......I got all the critical and other updates..+ media player 9 and its hotfix....I'll try the image link now

WIA was stopped...so that wasnt it....

I dont have an  821557 hotfix....

i would say scan your system one more time with online viruses scanner.


http://housecall.trendmicro.com/ 
http://security.symantec.com/
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
http://www.pcpitstop.com/antivirus/default.asp 


also check for adware/spyware.
SpyBot-S&D : http://www.webattack.com/download/dlspybot.shtml 
Ad-aware : http://www.webattack.com/download/dladaware.shtml

this is the general cause for this problem but u said u have done it but double check is always good.

Im also behind a 4 port router via cable modem...During my last battle earlier it seems I lost a port too.I couldnt get access....I switched ports then I could access the net..Weird...Its going on 13 hours of this....Im ready to make little pc parts...

your solution must be in above comments.  please try one more time.
i am goin to sleep now. will check tomorrow.

Did the virus again...

No Adware
N Spyware
Im going to bed to..I am burnt...

Thanks foryour help

We'll get on her tomorrow...I vcant even type anymore...LOL

Hi,
on http://www.tek-tips.com/gviewthread.cfm/lev2/3/lev3/21/pid/760/qid/733900 I found the following advice:
"For windows XP: Use CMD prompt , and TASKLIST /SVC to see whats running under the SVCHOST's sessions."
Could you do this and post the entries relevant to svchost.exe, please?
Also, I know you're tired of hearing about virii, worms or other malware, I'd be, too, probably, but if the avove does not help identify the problem, could you perhaps post a log of HijackThis (http://www.tomcoyote.org/hjt/) to help determine if the tools and onlien scans didn't miss anything (this is a remote, I agree, but possible).
Thanks and good luck,
Jérôme

Additionally, how is your CPU usage before the crash occurs? It is not by any chance at or near 100%, because I read about problems with errors in the registry that led to svchost.exe consuming a lot of CPU time. These problems could often be fixed by running regclean, also see LRI41's post at https://www.experts-exchange.com/questions/20812132/Cleaning-the-registry.html
Good luck,
Jérôme

Logfile of HijackThis v1.97.7
Scan saved at 11:16:59 AM, on 1/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\System32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\Common Files\Symantec Shared\ccApp.exe
H:\WINDOWS\System32\sstray.exe
H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
H:\WINDOWS\SYSTEM32\USRmlnkA.exe
H:\WINDOWS\SYSTEM32\USRshutA.exe
H:\WINDOWS\SYSTEM32\USRmlnkA.exe
H:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
H:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
H:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
H:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
H:\WINDOWS\explorer.exe
H:\Documents and Settings\Eric Reitzel\Desktop\HijackThis.exe
H:\Program Files\Messenger\msmsgs.exe

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - h:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - H:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - H:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - H:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - h:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "H:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "H:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] H:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ScanSoft PaperPort 7 Registration Reminder] "H:\Program Files\ScanSoft\PaperPort\NAVBrowser.EXE" /r /i "H:\Program Files\ScanSoft\PaperPort\NavLoad.ini"
O4 - HKLM\..\Run: [USRpdA] H:\WINDOWS\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKCU\..\Run: [PPWebCap] H:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O8 - Extra context menu item: &Google Search - res://H:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://H:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://H:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://H:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://H:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1075451521546
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38015.9675115741
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4321/mcfscan.cab

Weird E-mail...Does this make sense or is it just one of 3,000 spam e-mails?




From: Administrator@novastar.net | Add to Address Book
To: airicr@yahoo.com
Subject: Symantec AVF detected an unrepairable virus in a message you sent (SYM:09181230803098193605)
Date: Fri, 30 Jan 2004 11:45:10 -0500
       
 


Subject of the message: Hi
Recipient of the message: Hanaka, Erik

 

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

H:\Documents and Settings\Eric Reitzel>tasklist /svc

Image Name                   PID Services
========================= ====== =============================================
System Idle Process            0 N/A
System                         4 N/A
smss.exe                     388 N/A
csrss.exe                    632 N/A
winlogon.exe                 656 N/A
services.exe                 708 Eventlog, PlugPlay
lsass.exe                    720 PolicyAgent, ProtectedStorage, SamSs
ati2evxx.exe                 880 Ati HotKey Poller
svchost.exe                  904 RpcSs
svchost.exe                 1008 AudioSrv, Browser, CryptSvc, Dhcp, dmserver,
                                 ERSvc, EventSystem,
                                 FastUserSwitchingCompatibility, helpsvc,
                                 lanmanserver, lanmanworkstation, Messenger,
                                 Netman, Nla, RasMan, Schedule, seclogon,
                                 SENS, SharedAccess, ShellHWDetection,
                                 srservice, TapiSrv, TermService, Themes,
                                 TrkWks, uploadmgr, W32Time, winmgmt,
                                 wuauserv, WZCSVC
svchost.exe                 1228 Dnscache
svchost.exe                 1264 LmHosts, RemoteRegistry, SSDPSRV, WebClient
spoolsv.exe                 1372 Spooler
ati2evxx.exe                1712 N/A
explorer.exe                1780 N/A
ccApp.exe                   1872 N/A
sstray.exe                  1908 N/A
atiptaxx.exe                1920 N/A
usrmlnka.exe                1944 N/A
usrshuta.exe                1956 N/A
PPWEBCAP.EXE                1980 N/A
usrmlnka.exe                1988 N/A
alg.exe                      280 ALG
CCEVTMGR.EXE                 320 ccEvtMgr
NAVAPSVC.EXE                 428 navapsvc
NPROTECT.EXE                 460 NProtectService
NOPDB.EXE                    996 Speed Disk service
NMain.exe                   2320 N/A
NAVW32.EXE                  3476 N/A
iexplore.exe                3956 N/A
msmsgs.exe                  4052 N/A
cmd.exe                     2236 N/A
tasklist.exe                1836 N/A
wmiprvse.exe                1420 N/A

H:\Documents and Settings\Eric Reitzel>copy
The syntax of the command is incorrect.

H:\Documents and Settings\Eric Reitzel>copy /all
The syntax of the command is incorrect.

H:\Documents and Settings\Eric Reitzel>

H:\Documents and Settings\Eric Reitzel>

H:\DOCUME~1\ERICRE~1\LOCALS~1\Temp\WER9.tmp.dir00\svchost.exe.mdmp
H:\DOCUME~1\ERICRE~1\LOCALS~1\Temp\WER9.tmp.dir00\appcompat.txt

Running Applications by Window Title



Norton AntiVirus
SysFader
NetDDE Agent
Windows XP: Generic Host Process for Win32 Services has encountered a problem........ http://www.e
PC Pitstop Troubleshooting - Microsoft Internet Explorer
ActiveMovie Window
ActiveMovie Window
MSP PNP Notification Window
CRTCClient
CRTCIMService
DDE Server Window
MCI command handling window
DDE Server Window
Netropa Hot Key
Netropa OnScreen Display
UnErase Process
Smart Office Keyboard
DIEmWin
Connections Tray
Power Meter
MS_WebcheckMonitor
Web Page Capture
ATI Tray Icon Application
ccApp
ATI video bios poller client
ATI video bios poller
Program Manager

with my Visioneer 9020 scanner unplugged I get no error and I can access mycomputer as normal...Off to visioneer....AGGGGHHHH

Also AiricR, it will be good if u run this

CoolWebShredder
http://www.spychecker.com/program/coolwebshredder.html

and then check the hijack log again.

Also check your device manager for device conflict.

I have as stated above disconnected my scanner....Visioneer 9020...SInce doing that,I get no errors and i can access mycomputer and such....Ive done to many things to this computer to accept it as a clean and ready system so Im off to write zeros and such and try another clean install...without installing my scanner drivers...I will post its outcome...

I accepted an answer from "shivsa" because the topic was close to what seems to have corrected my situation.....

ANyone find related topics to my scanner and this error please post

Thank you all for your time and efforts

Hi,
see White_star_gazer's comment at https://www.experts-exchange.com/questions/20398316/SYSTEM-process-problem.html which specifically mentions problems with Visioneer USB scanners and offers a workaround.
Good luck,
Jérôme

Cheers,

I've noticed that many people have this or similar problem. So have I.
Did you fix the problem?

I saw that your primary hard disk has an H drive letter, mine is E. Maybe this is just dumb but, do you think that could cause a problem?

G.

The problem was with the VIsioneer Driver. What I did was copied everything off the driver Cd to a folder on my Desktop.Downloaded the Newest Driver. I deleted the old driver from the folder and replaced it with the new one. I burnt a copy of the "New" Driver cd and it installed without a hitch and no Errors.

Hope this Helped

I noticed that your running processes have only two svchost.exe services running. Is it possible that you disabled a service that may be dependent of another service you have running.  I usually have 4 svchost.exe services showing. 2 system services one network service and one local service.  You can get to services by going into control panel, performance and maintenence, administrative services.  Hope this helps.

http://support.microsoft.com/?id=821690

Hi  this is Dave W in Brisbane Australia.
i have had some bizzarre things happening with my 2003 Server.
I have 3 servers with identical builds, except i recently upgraded to a new SCSI SONY  tape drive. The server with this drive suddenly yesterday started  having the NT system warning error your system will now shut down. HMM buggrr!!  did the usual rebooted, ran patches virus checkers the whole box n dice, no luck.
System only remains stable if i disconnect both my NIC's. So this morning, after loading another MICROSOFT!!! patch. that error has not returned, but now i have the general host win32 eror, and must now close.  This is one of my critical servers, unbeleiveable it has been running quite stable since install 2 months ago, and now suddenly this.
Is is possible the tape drivers are causing the issue?  Any help and sugesstions would be appreciated Ta

To Dave

Did you try uninstalling the Sony Driver and then Reinstalling.  Maybe the first install had some interference from another program that was running.  My husband tried to install a Sony Image Transfer Program for his camera.  He had to turn of his firewall, virus protection and spyware blockers before it would install properly.  Make sure you are not connected to the internet if you disable these programs.  If you still have problems try to uninstall the microsoft patch and do the above steps again.  You may also want to make sure you have no unneeded programs running in the background when you reinstall. (things like Microsoft Office) and check to be sure you have no left over drivers from you previous tape drive

RESOLUTION Here : http://support.microsoft.com/default.aspx?scid=kb;en-us;894391

SYMPTOMS

After you install security update 873333 (MS05-012), you experience the following problems:• You may receive the following error message after you start the computer:
                                                 Generic Host Process for Win32 Services Error
Note This problem only occurs in Microsoft Windows XP Service Pack 2 (SP2).
• File names are not displayed in e-mail messages that include file attachments when the following conditions are true:• The file name contains double-byte character set (DBCS) characters.
• The file name is longer than 42 characters.
Note This problem only occurs when the e-mail message format is Rich Text.
• An application that implements the IMallocSpy debugging interface may experience heap corruption after you install security update 873333. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
894194 An application that implements the IMallocSpy debugging interface may experience heap corruption after you install security update 873333  
For more information about security release MS05-012, click the following article number to view the article in the Microsoft Knowledge Base:
873333 MS05-012: Vulnerability in OLE and COM could allow remote code execution

How to FIX This?
Again, this tutorial is based on my experienced in dealing with this problems... heres how;

1. DISABLE THE SYSTEM RESTORE of your PC..

2. Then Download and Install Task Killer here http://www.rsdsoft.com/zip/tksetup.exe... If you want to learn more on this app, gohere  http://www.rsdsoft.com/task_killer... After installing, you'll see an NEW ICON in your System Tray, Click it and navigate on the current TASK.... Just place the Cursor on the task and take note of the manufacturer of that Task...if its not Legit, END it...

3. Then, Download and Install the COMBOFIX.EXE-http://download.bleepingcomputer.com/sUBs/ComboFix.exe-It removes all malicious App in your PC

4. Then, Download and Install also the SDFix.exe-http://downloads.andymanchesta.com/RemovalTools/SDFix.exe- To fix your Registry and many problem in your PC...You need to run it in SAFEMODE... Once installed, go to C:\SDFIx folder and run the [B]Run_This.bat[/B] File..

5. Then, this Optional, Download and Install CCCLeanerhttp://www.filehippo.com/download/91d3b585c87e9a61236a9f922b94aadb/download/- To clean your Temporary Files..

6. Update your ANTIVIRUS' Database or in worse scenario, REINSTALL/REPLACE it...

Try this:

http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&cc=uk&docname=c00273968&dlc=en&printable=yes&encodeUrl=true&

http://h10025.www1.hp.com/ewfrf/wc/document?lc=en&cc=uk&docname=c00273968&dlc=en&printable=yes&encodeUrl=true&

If you have an HP PSC or AIO on your system

I would also take out your memory and check to see if they are still good they might be bad.  Run a memory tester if you got one

Symptoms:

    * You are surfing the internet or are engaged any type of Internet activity when suddenly all your Network activity goes to hault. You can still see the Internet connected icon in the tray but you cannot surf, browse or do anything.
    * You get an error message something like "Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience."
    * Error message reporting about faulting netapi32.dll and svchost.exe.
    * You try to disconnect your Internet because of no activity observed but the Internet icon wont disappear.
    * You recieve an error message something like "Your PC has recovered from a serious problem" etc.

Solution:

Follow these simple steps and your Windows will be fully cured of this menace :D

Close Port 445:

1. Start Registry Editor (Regedit.exe) by clicking Start menu, and then click the Run icon.
2. In the small box that Opens, type: regedit then click the OK button. The Registry Editor will now have opened.
3. Locate the following key in the registry:
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesNetBTParameters
In the right-hand side of the window find an option called TransportBindName.
Double click that value, and then delete the default value, thus giving it a blank value.

Close Port 135:

1. Then you must now navigate to the following registry key:
HKEY_LOCAL_MACHINESoftwareMicrosoftOLE
2. You will see there is a String Value called: EnableDCOM
Set the value to: N (it should currently be Y)
3. Close the Registry Editor. Shutdown and Restart your computer.

Well thats all :) but if you want you can disable NETbios.

srinu_007

Closing the port 445 and 135, per your instructions, did make the PC functional.  But do you know what caused the problem.  I'm assuming virus\malware\spyware, but can not detect anything.

Do I have to worry about other's on the network getting infected?

I suffered this problem, and after going round the houses with it, fixed it by booting into the recovery console and using CHKDSK to fix disk errors.  The volume was not marked "dirty" so had to use the option to force a detailed check, and ran it again with the "fix" option.