Generic Host Process error and Windows Firewall Error
sha
for
something. A message came up from IE warning me this could be a
phising
site. I quickly left the site. I cleared cookies and ran Ad-Aware. PC
seemed
fine. Recently, I could not get onto the Internet with either IE or
Firefox.
I ran WinsockXPFix and was able to get onto the Internet. This error
message
comes up right away when the PC gets to the desktop: Generic Host
Process for
Win32 Services has encountered a problem and needs to close. For
Windows
Firewall, the message is could not start the Windows Firewall/Internet
Connection Sharing service on Local Computer. Error 5: Access is
denied. I
ran Ad-Aware again and used Trend Micro's Online program. They both
just
found cookies. I have followed the steps from these websites:
http://windowsxp.mvps.org/sharedaccess.htm ,
http://support.microsoft.com/kb/892199/en-us
I still am having issues. Any suggestions will be greatly appreciated
sha
Download sharedaccess.reg (only for systems running Windows XP Service
Pack 2) and save to Desktop. Then double-click the file to merge the
contents to the registry. The Services entry will be created. Restart
Windows (mandatory step, otherwise the following NETSH command will
display an error message).
After restarting Windows, run this from Command Prompt (cmd.exe)
NETSH FIREWALL RESET
Launch firewall applet from Control Panel, and then configure your
Windows Firewall settings.
If none of the above methods help, as a last-resort solution (before
reinstalling Windows XP Service Pack 2), give these two commands a try.
Click Start, Run and type:
rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132
%windir%\inf\netrass.inf
Restart Windows, and then run this command (from Command Prompt):
NETSH FIREWALL RESET
Attempt to start Firewall applet. Start the Windows Firewall service
when prompted.
Second website:
SYMPTOMS
After you install Microsoft Windows XP Service Pack 2 (SP2), you cannot
start the Windows Firewall service. You may experience one or more of
the following symptoms: · When you click Windows Firewall in Control
Panel, you may receive the following error message:
Windows Firewall settings cannot be displayed because the associated
service is not running. Do you want to start the Windows
Firewall/Internet Connection Sharing (ICS) service?
If you click Yes, you receive the following error message:
Windows cannot start the Windows Firewall/Internet Connection Sharing
(ICS) service.
· If you try to manually start the Windows Firewall service by using
Services, you may receive the following error message:
Could not start the Windows Firewall/Internet Connection Sharing (ICS)
service on Local Computer.
Error 0x80004015: The class is configured to run as a security id
different from the caller
Note To open Services, click Start, click Control Panel, double-click
Administrative Tools, and then double-click Services. For information
about using Services, on the Action menu in Services, click Help.
· The following events may appear in the system event log:
Event ID: 7036
Event Source: Service Control Manager
Event Type: Information
Event Category: None
Description:
The Windows Firewall/Internet Connection Sharing (ICS) service entered
the stopped state.
Event ID: 7023
Source: Service Control Manager
Type: Error
Description:
The Windows Firewall/Internet Connection Sharing (ICS) service
terminated with the following error:
The class is configured to run as a security id different from the
caller
· When you use the SC query command to determine the status for the
Windows Firewall/Internet Connection Sharing service, you see the
following output:
C:\>sc query sharedaccess
SERVICE_NAME: sharedaccess
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : -2147467243 (0x80004015)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
· If you try to start the Windows Firewall/Internet Connection
Sharing (ICS) service at the command prompt by using the net start
sharedaccess command, you see the following output:
C:\>net start sharedaccess
The Windows Firewall/Internet Connection Sharing (ICS) service is
starting.
The Windows Firewall/Internet Connection Sharing (ICS) service could
not be started.
A system error has occurred.
System error 16405 has occurred.
The system cannot find message text for message number 0x4015 in the
message file for BASE.
Note The Windows Firewall feature of Windows XP SP2 is a replacement
for the Internet Connection Firewall (ICF) in earlier versions of
Windows XP.
Back to the top
CAUSE
This problem may occur if certain Administrative Templates from the
Windows XP Security Guide were applied to the computer before Windows
XP SP2 was installed. The problem occurs because of a problem in some
of the security templates that were published as part of the Windows XP
Security Guide.
In Windows XP SP2, remote procedure call (RPC) runs using the NT
Authority\NetworkService account. The default security descriptor for
services in Windows XP SP2 gives Read access to the Authenticated Users
group, which includes the NT Authority\NetworkService account.
Back to the top
RESOLUTION
To resolve this problem, use one of the following methods:
Back to the top
Method 1: Restore the default security descriptor for the SharedAccess
service
The service that controls the Windows Firewall/Internet Connection
Sharing (ICS) service is named SharedAccess. The default security
descriptor (SD) gives READ access to LocalSystem (SY), PowerUsers (PU),
and AuthenticatedUsers (AU), and it gives Full Control access to
Administrators (BA).
To view the SD of SharedAccess, type SC sdshow SharedAccess at the
command prompt, and then press ENTER. The default SD appears and is
similar to the following:
DA;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCS
WLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
Note For more information about how to interpret the strings, visit the
following MSDN Web site and search for SDDL or "ACE strings":
http://msdn.microsoft.com/library/de...ce_strings.asp
(http://msdn.microsoft.com/library/de...ce_strings.asp)
Note To open the command prompt, click Start, click Run, in the Open
box, type CMD, and then click OK.
If you see any other output as illustrated in this example, you can
reset the SD using the SC command with the sdset option. To restore the
default SD for the SharedAccess service, type the following command at
the command prompt, and then press ENTER:
SC sdset SharedAccess
DA;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCS
WLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)
For more information about the SC sdset command, see Windows Help.