Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Weird System


  • Please log in to reply

#1
lokipi

lokipi

    Member

  • Member
  • PipPip
  • 21 posts
Everytime I enter my Windows XP Account there is this window that says "Generic Host Process for Win32 Services has encountered a problem..." When I click debug or send report, my whole computer freezes. When this window doesn't show then another shows which sasy something about svchost.exe being terminated. My taskbar takes a lot of time to load and switches from my look to old windows look and then my icons disappear for no reason. In addition, in the Sounds and Audio section it says "no audio device sound" I've tried scanning my computer for viruses, worms, trojans, etc but its clean and I've also tried other solutions but the problem persists. Also, when i do the System Restore, it says "windows could not restore your computer to the folowwing checkpoint: ... " but then my computer is all normal again. I just want to find a solution for these problems because I have to restart my computer like 20 times and restore it so it works. I dont know whats wrong HELP!!!!!!!!!!!
  • 0

Advertisements


#2
SRX660

SRX660

    motto - Just get-er-done

  • Technician
  • 4,345 posts
Welcome to Geeks to GO, Lokipi

To open up event viewer.

In the start/run box type in:

mmc.exe C:\WINDOWS\system32\eventvwr.msc

then click the Ok button. and then click OK.

See if there is any problems in the system events. This should let you know where to start. You can right click and click properties to find out more information. Usually it is some software or drivers you installed on the computer that causes this problem. It can also be caused by Maware.

Post any errors in event viewer here.

SRX660

Edited by SRX660, 25 January 2007 - 06:26 AM.

  • 0

#3
lokipi

lokipi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Well I have 1 Error entry (from source IPNATHLP) and 4 Warning entries for today (from source WinDefend)

The Error entry says:
The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.

The Warning entries all say this: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. you can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow. For more information please see the following:
http://go.microsoft....k/?linkid=74409
It also says:
Scan ID: {FA1416EC-1FDE420E-B1FF-BB691723544}
User: PANCHALEKAS/Javi
Name: Unkown
ID:
Severity: Not Yet Classified
Category: Not Yet Classified
Path Found: servicel:mchlnjDrv
Alert Type: Unclassified software
Detection Type:


These Error and Warning Entries are for this day only. How is this going to help? What might be causing my problems? Please respond back. Thank You
  • 0

#4
SRX660

SRX660

    motto - Just get-er-done

  • Technician
  • 4,345 posts
Your error message tells me you have a problem with your internet connection. You may have it set for internet connection sharing and someone has installed some kind of malware on your computer.

Microsoft NAT Helper components (ipnathlp.dll)

You can delete your internet connection and redo it to try correcting the problem. You will do this thru control panel>network and internet connections. You also may have a malware problem so you might check in with the malware forum to get a clean bill of health from there.

Read the article below and see if it applys to your problem.

http://support.micro...kb/308006/en-us

You can read this also. I'm not trying to be way over your head here. I am trying to cover all possibilities.

SRX660
  • 0

#5
lokipi

lokipi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
I've scanned for malware with McAfee, Norton, etc. but nothing shows up. I know it's not someting with the Internet or Network Connections. What could it be?
  • 0

#6
SRX660

SRX660

    motto - Just get-er-done

  • Technician
  • 4,345 posts
It looks like someone has tried a attack on your computer. They are probably trying to turn it into a zombie. Perhaps you have too much anti-malware on your computer and that is causing the problem. I would still check with the malware forum to see that you are clean.

I mentioned about ipnathlp.dll which runs NAT. You are most likely connected to the Internet and viewing this Website. There's a very good chance that you are using Network Address Translation (NAT) right now. For a computer to communicate with other computers and Web servers on the Internet, it must have an IP address. With the explosion of the Internet and the increase in home networks and business networks, the number of available IP addresses is simply not enough. This is where NAT (RFC 1631) comes to the rescue. Network Address Translation allows a single device, such as a router, to act as an agent between the Internet (or "public network") and a local (or "private") network. This means that only a single, unique IP address is required to represent an entire group of computers.

Now do you see why i an thinking you have a internet problem. This is a big thing with XP as it expects to be able to connect up to the internet while the computer is starting up if you have a DSL, Cable or wireless always on connection.

If it is mchnjDrv, I'm fairly positive that this is a false positive for UnHackMe, and nothing to be worried about. I encountered the exact same thing that you did, researched a little more and discovered that mchnjDrv is a driver related to/which TrojanHunter uses. I spoke with and asked a couple of very experienced and helpful moderators at both the Greatis software (UnHackMe) and then Mischel Internet Security (TrojanHunter) forums, and they expressed their belief that this is what it is as well. Magnus Mischel (the creator of TrojanHunter) posted this comment in his forums regarding this driver on March 2 of last year:

Quote:
TrojanHunter installs a hook to protect TrojanHunter Guard from malicious shutdowns, which is why you see this message. You can safely allow this - the driver is definitely not a trojan.

You then go on to explain that you used both Norton and McAfee to check your computer. I see a problem there if you are running both AV's on your computer. I am not getting enough information from me to continue. You should take it upon yourself to use google to search for answers. There is a lot of information there.

SRX660
  • 0

#7
lokipi

lokipi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
When I say Norton and McAfee I mean their online scans. You say someone attacked me. What does that mean? Am I at risk? What do I do to stop my initial problems? I don't have lots of anti-Malware I just use
A-Squared Services, spybot search and destroy, and avira antivirus.
  • 0

#8
lokipi

lokipi

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Also, when you say check with the malware forum just to make sure you're clean, what do you mean and how do i do it? I'm just new to this website. Thanks for all your time.
  • 0

#9
xxx1

xxx1

    Member

  • Member
  • PipPipPip
  • 241 posts
hi,

hopefully you have this resolved by now, however if you are still having issues and suspect that it is malware related I would start with our malware forum and see if they can make sure you don't have any malware installed.

post any hjt logs there.

http://www.geekstogo..._Log-t2852.html

cheers...xxx1
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP