"Generic Host Process for Win32 Services error kills my audio device...

Posted on 2007-08-12
Last Modified: 2013-11-09
I am using a PC with Windows XP Professional Service Pack 2, which has as audio device, Realtek HD. All my drivers are up-to-date.
I have a serious a problem  few minutes after booting Windows, an error message appears saying "Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.
After this happening, my audio device dies completely (computer has no sound; in Control Panel => Sounds and Audio Devices says No audio device found; many applications refuse to run because no audio devices detected!).
Please note that while such error messages does not appear (few minutes after booting), everything is OK.
And I can tell you even more  if I open an application that obligatory needs an audio device, before such error appears, the applications continues to work well (with sound) even after such error appears and so no sound (except for applications opened before error appearance).
Do you understand? What do you suggest?

Thanks in advance.
Best regards.
Question by:asgarcymed
    LVL 70

    Expert Comment

    Sounds like a driver issue - visit the manufacturers support site and make sure tou have the latest drivers

    Author Comment

    I am absolutely sure that I have the latest drivers - I have an application to automatically update all drivers (Driver Genius Pro 2007) AND I visited Realtek's site and downloaded all updates/patches/hotfixes...
    LVL 32

    Expert Comment

    Check in Device Manager (start, run, type devmgmt.msc <hit enter>) for any yellow ! or ? symbols next to device entries.

    The other thing - these two problems may be unrelated.

    Firstly - make sure that you have the latest version of the Realtek HD codec:

    Also - check for a possible spyware issue:
    Run the program and post the unfixed log to this question.

    Author Comment

    and235100 - On the Device Manager everything is OK, even after such error appears.
    I have done many spyware scans, using  many anti-spyware applications, and all said I have no spyware (I am clean).
    I have all latest  drivers/codecs/updates/patches/hotfixes from Realtek.
    This seems to be an easy diagnosis/problem identification and classification (conflicts between drivers and OS) but an almost impossible treatment/resolution (programming a new driver???)...
    :( :(
    LVL 23

    Expert Comment

    What does Event Viewer say?  It should give you some more information about exactly what is happening...
    LVL 32

    Expert Comment

    Could you please post a hijackthis log - just to make sure this isn't spyware?

    Run the program, clcik "Do a system scan and save a logfile" - don't fix anything however - post the unfixed log to this question.

    Author Comment

    Here it is - the HijaclThis' Log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:39:22, on 16-08-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\No-IP\DUC20.exe
    C:\Program Files\UltraVnc\uvnc_service.exe
    C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    C:\Program Files\UltraVnc\winvnc.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files\eAcceleration\Station\station.exe
    C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\SpyNoMore\SNM.exe
    C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
    C:\Program Files\VMware\VMware Workstation\hqtray.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Jose Carlos Garcia\Desktop\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
    F2 - REG:system.ini: UserInit=C:\WIN2\system32\Userinit.exe
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WIN2\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
    O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
    O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
    O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus
    O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
    O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus /ro
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN2\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) -
    O17 - HKLM\System\CCS\Services\Tcpip\..\{A41C91FB-1320-49D7-B126-446846A2C449}: NameServer =,
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C7A58BD1-D3E7-4409-9E97-4A4DC675812D}: NameServer =,
    O23 - Service: Free Proxy Service (FreeProxy) - Unknown owner - C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
    O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
    O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WIN2\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WIN2\system32\HPZipm12.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
    O23 - Service: Uvnc_service - Unknown owner - C:\Program Files\UltraVnc\uvnc_service.exe
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
    O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WIN2\system32\vmnat.exe

    End of file - 7343 bytes
    LVL 23

    Expert Comment

    Your HJT log looks clean - although "Acceleration anti-virus" is not industry-standard and you might want to consider upgrading your av...
    I repeat, what does event viewer say...?

    Author Comment

    eAcceleration (Stop-Sign) Anti-Virus (AV) is not a famous AV but I have done a lot of tests and I have no doubt it is the best - it is much better than other famous AV such as Norton, Panda, McAfee, Kaspersky, Avast, NOD32, F-Prot, Trend Micro, Bit Defender... When detecting a well-known virus/trojan file, they are all equal, but when detecting "hidden malware", only Stop-Sign detects them all.
    I downloaded the client (not the server!!) of ProRat, the best Trojan/RAT, and then, using "anti-cracks" tools ("EXE Packers/Crypters/Protectors" - such as ASpack, Armadillo, PEcompact), I modified the original ProRat.exe and only Stop-Sign detected it! Amazing, "anti-crack" applications are "malware-friends"!!
    If you want to infect a computer despite it has AV or not, just use "anti-cracks tools" as "malware-hidders"! (except if you Stop-Sign)...
    The other advantage of Stop-Sign - low CPU/RAM usage (very "light").
    So, I love my AV; I do not want to change my AV!
    I think it is ridiculous that some anti-spyware tools classify Stop-Sign and VNC as malware - I conclude that anti-spyware tools detect more "false-positives" than "true-positives"!!

    To see my "Event Viewer's Logs" please download the zip file at:

    Best regards.
    LVL 32

    Accepted Solution

    You are entitled to the opinion that "eAcceleration (Stop-Sign) Anti-Virus" is the best A/V - and it may be the best for you. But as phototropic says, it is not industry-standard, and hence not recognised in a wider sense.

    I personally do not think that this A/V soultion can be better than F-Prot and NOD32, to name but two - it sounds like you work for the company in question...

    Only when I see this A/V solution bandied around EE and other IT-related forums, will I ever recommend this product. There are some reports (unverified) that this software slows your PC down.

    As to your event logs - this error looks to be related to Windows Installer - try reinstalling the installer ( and/or - use the cleanup utility (

    I also notice svchost keeps stopping - I think that you require a repair install (


    Author Comment

    Thank you!!!!!!!!!!
    LVL 23

    Expert Comment

    Good morning!
    I'm glad to see that  checking event viewer led to the resolution of your problem...
    LVL 32

    Expert Comment

    No problem.
    Happy computing!

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
    Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now