Solved

Generic Win32 Host / SVChost Errors

Posted on 2007-04-04
7
746 Views
Last Modified: 2012-06-27
I have a laptop running Windows XP SP2, just recently I noticed that whenever I boot the machine I get a Generic Win32 error message and a svchost error message. I have run several spyware checks and virus scans with no luck. Looking into the Event logs it appears that my Generic Host failure is caused by a Service Control Manager Event ID: 7032. There's little information regarding the svchost other than it simply failed.

Any ideas?
0
Comment
Question by:dowhatyoudo22
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 47

Accepted Solution

by:
rpggamergirl earned 500 total points
Comment Utility
There has been a few cases that svchost errors are caused by windows auto-update software.
Try turning off auto-updates, reboot, and do a manual updates, then turn auto-updates back on again and see if that helps.

Some threads here with svchost.exe errors.
http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/Desktop_Anti-Virus/Q_22457701.html
0
 

Author Comment

by:dowhatyoudo22
Comment Utility
Here is a copy of my Hijackthis log:



Logfile of HijackThis v1.99.1
Scan saved at 8:43:47 AM, on 4/4/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\1E\SMSWakeup40\minislv.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
c:\program files\verizon wireless\vzaccess manager\venturi\Client\ventc.exe
C:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe
C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\SgLogPlayer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\DWRCST.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Mdavies\LOCALS~1\Temp\Temporary Directory 1 for hijackthis_199.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://infosource.hrh.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://infosource.hrh.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by HRH of Metro Washington
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SgeEcView] "C:\Program Files\Utimaco\SafeGuard Easy\Ecview.exe"
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Program Files\ScanSoft\PDF Professional 3.0\\RegistryController.exe"
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [EdWizard] "C:\Program Files\Utimaco\SafeGuard Easy\EdWizard.exe" as
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://infosource.hrh.com
O15 - Trusted Zone: http://www.sagitta-online.com
O15 - Trusted Zone: http://*.travelers.com
O15 - Trusted Zone: http://*.travelerspc.com
O15 - Trusted Zone: http://www.sagitta-online.com (HKLM)
O15 - Trusted Zone: http://*.travelers.com (HKLM)
O15 - Trusted Zone: http://*.travelerspc.com (HKLM)
O16 - DPF: {0006F063-0000-0000-C000-000000000046} (Microsoft Office Outlook View Control) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/outlctlx.CAB
O16 - DPF: {133FB0BC-5EB8-11D2-AA17-00104B0753B3} (Artizan.Artiload) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/Artiload.CAB
O16 - DPF: {16A31F60-60A4-4E06-A23F-0F7682A6A2C9} (AMSIDvalet.IDbot) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AMSIDvalet.CAB
O16 - DPF: {16AF6C10-0D0A-4B65-8866-ABE32D26F256} (AmsInet Control) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AMSInet.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {42B9A659-1A02-11D3-A58E-00104B0753B3} (PageMaster.Controler) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/PageMaster.CAB
O16 - DPF: {44705D5B-A145-11D4-9DD0-00805F010928} (GetWord.AMSDocument) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/GetWord.CAB
O16 - DPF: {4EEE32DD-0DA0-11D1-9716-0000C0C9767A} (SeaReach 3.0 Application Object) - https://eforms65.sagitta-online.com/AMSeForms/rakis.cab
O16 - DPF: {51562FAD-DC70-11D2-BFF0-00105A97F884} (AMSCopyMergeControl.AMSCopyMerge) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AMSCopyMerge.CAB
O16 - DPF: {629F093A-068F-48BE-B8F7-C510302F6AE2} (AeFHistCtrl.AeFHisFrm) - https://eforms65.sagitta-online.com/AMSeForms/AeFHist.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172872757365
O16 - DPF: {7823A620-9DD9-11CF-A662-00AA00C066D2} (PopupMenu Object) - https://eforms65.sagitta-online.com/AMSeForms/iemenu.cab
O16 - DPF: {943FDFA6-C7FE-11D2-AA17-3C3A09C10000} (AMSTransfer.main) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AMSTransfer.CAB
O16 - DPF: {A1B77D23-31EE-11D2-AA17-00104B0753B3} (asynchtree.tree) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/asynchtree.CAB
O16 - DPF: {C4DD002B-53B1-11D2-AA17-00104B0753B3} (AsynchGrid.Grid) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AsynchGrid.CAB
O16 - DPF: {C87910BF-030D-4D9D-B1D9-A17936F3A863} (AMSEXInt.SagExCtl) - https://wp4.sagitta-online.com/hrhma/Sagitta/active/AMSEXInt.CAB
O16 - DPF: {D2152F13-9949-4A3A-9DDD-4E62BCD3862E} (AeFEmailProject.AeFEmailControl) - https://eforms65.sagitta-online.com/AMSeForms/aefem.cab
O16 - DPF: {DF29403F-0E3C-46D2-9035-5CE999EFC10F} (AeFPrintDialog Control) - https://eforms65.sagitta-online.com/AMSeForms/amseforms.cab
O16 - DPF: {E5F3552D-6AEC-11D0-A8A1-0000C0B3632C} (LanYard 3.0 Application Object) - https://eforms65.sagitta-online.com/AMSeForms/rakis.cab
O16 - DPF: {E64DAB43-9B91-11D4-A857-00C04F21F657} (Skylon 1.0 Application Object) - https://eforms65.sagitta-online.com/AMSeForms/rakis.cab
O16 - DPF: {EDF59A80-77FB-4368-920E-27904A98172D} (AeFClCtrl.AeFFormsCl) - https://eforms65.sagitta-online.com/AMSeForms/amseforms.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4999/mcfscan.cab
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - https://eforms65.sagitta-online.com/AMSeForms/ikmenu.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = midatl.hrh.com
O17 - HKLM\Software\..\Telephony: DomainName = midatl.hrh.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = midatl.hrh.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = midatl.hrh.com
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: NotLog - C:\WINDOWS\SYSTEM32\SGLogEx.dll
O20 - Winlogon Notify: SGLogNotification - C:\WINDOWS\SYSTEM32\SGLogNotification.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: minislv - 1E Ltd - C:\Program Files\1E\SMSWakeup40\minislv.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SafeGuard Easy Control (SgeCtl) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\SgeCtl.exe
O23 - Service: SafeGuard SGLOG  Player (SgLogPlayer) - Utimaco Safeware AG - C:\WINDOWS\system32\SgLogPlayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\vzaccess manager\venturi\Client\ventc.exe
O23 - Service: SafeGuard Easy Workstation Server (WksCfgSrv) - Utimaco Safeware AG - C:\Program Files\Utimaco\SafeGuard Easy\WksCfgSrv.exe

0
 
LVL 28

Expert Comment

by:burrcm
Comment Utility
I would type this - Service Control Manager Event ID: 7032 - into Google and check for issues relating to programs you have installed. These can be difficult to pin down as the svchost processes have sub processes running below them any of which may have the real problem. A really useful tool is Process Explorer. It doesn't require installation, just run it to see the normally hidden details -
http://www.microsoft.com/technet/sysinternals/utilities/ProcessExplorer.mspx

Chris B
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 12

Expert Comment

by:ibu1
Comment Utility
0
 

Author Comment

by:dowhatyoudo22
Comment Utility
Ok, I've restarted the laptop about five times now (after turning off automatic updates) and I have yet to see the problem occur. However, I have another problem now. This laptop is on a domain and talks to its SMS services for updates, I'm affraid that turning and leaving automatic updates off may have fixed this problem but what about pulling updates?
0
 
LVL 28

Expert Comment

by:burrcm
Comment Utility
I have seen updates cause issues if the time on the server is more than a few seconds different to the workstation. Try this at a command prompt or run line - net time \\<your domain server> /set /y

Chris B
0
 
LVL 47

Expert Comment

by:rpggamergirl
Comment Utility
Thanks for the points!

After pulling updates manually, and if the problem comes back when you turn auto-updates on, I'm afraid you'll be doing it manually till MS comes up with something on how to fix the issue.
I'm not sure if they have an answer to the auto-updates problem yet.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Suggested Solutions

If you build your web application in Visual Studio you'll get at least a few binaries, or .DLL, files in your bin folder. However, there is more compiling to be done. Normally this would happen when an ASP.NET resource within the web site is request…
Are you unable to synchronize your OST (Offline Storage Table) file with Microsoft Exchange Server? Is your OST file exceeding 2 GB size limit? In Microsoft Outlook 2002 and earlier versions, there is a 2 GB size limit for the OST file. If the file …
This video discusses moving either the default database or any database to a new volume.
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now