• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2369
  • Last Modified:

"Generic Host Process for Win32 Services error kills my audio device...

I am using a PC with Windows XP Professional Service Pack 2, which has as audio device, Realtek HD. All my drivers are up-to-date.
I have a serious a problem  few minutes after booting Windows, an error message appears saying "Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.
After this happening, my audio device dies completely (computer has no sound; in Control Panel => Sounds and Audio Devices says No audio device found; many applications refuse to run because no audio devices detected!).
Please note that while such error messages does not appear (few minutes after booting), everything is OK.
And I can tell you even more  if I open an application that obligatory needs an audio device, before such error appears, the applications continues to work well (with sound) even after such error appears and so no sound (except for applications opened before error appearance).
Do you understand? What do you suggest?

Thanks in advance.
Best regards.
  • 5
  • 4
  • 3
  • +1
1 Solution
Brian PiercePhotographerCommented:
Sounds like a driver issue - visit the manufacturers support site and make sure tou have the latest drivers
asgarcymedAuthor Commented:
I am absolutely sure that I have the latest drivers - I have an application to automatically update all drivers (Driver Genius Pro 2007) AND I visited Realtek's site and downloaded all updates/patches/hotfixes...
Check in Device Manager (start, run, type devmgmt.msc <hit enter>) for any yellow ! or ? symbols next to device entries.

The other thing - these two problems may be unrelated.

Firstly - make sure that you have the latest version of the Realtek HD codec:

Also - check for a possible spyware issue:
Run the program and post the unfixed log to this question.
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

asgarcymedAuthor Commented:
and235100 - On the Device Manager everything is OK, even after such error appears.
I have done many spyware scans, using  many anti-spyware applications, and all said I have no spyware (I am clean).
I have all latest  drivers/codecs/updates/patches/hotfixes from Realtek.
This seems to be an easy diagnosis/problem identification and classification (conflicts between drivers and OS) but an almost impossible treatment/resolution (programming a new driver???)...
:( :(
What does Event Viewer say?  It should give you some more information about exactly what is happening...
Could you please post a hijackthis log - just to make sure this isn't spyware?


Run the program, clcik "Do a system scan and save a logfile" - don't fix anything however - post the unfixed log to this question.
asgarcymedAuthor Commented:
Here it is - the HijaclThis' Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:22, on 16-08-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\UltraVnc\uvnc_service.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\Program Files\UltraVnc\winvnc.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\eAcceleration\Station\station.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SpyNoMore\SNM.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jose Carlos Garcia\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v4.windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/embed/hpsu/survey
F2 - REG:system.ini: UserInit=C:\WIN2\system32\Userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WIN2\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN2\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A41C91FB-1320-49D7-B126-446846A2C449}: NameServer =,
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7A58BD1-D3E7-4409-9E97-4A4DC675812D}: NameServer =,
O23 - Service: Free Proxy Service (FreeProxy) - Unknown owner - C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WIN2\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WIN2\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Uvnc_service - Unknown owner - C:\Program Files\UltraVnc\uvnc_service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WIN2\system32\vmnat.exe

End of file - 7343 bytes
Your HJT log looks clean - although "Acceleration anti-virus" is not industry-standard and you might want to consider upgrading your av...
I repeat, what does event viewer say...?
asgarcymedAuthor Commented:
eAcceleration (Stop-Sign) Anti-Virus (AV) is not a famous AV but I have done a lot of tests and I have no doubt it is the best - it is much better than other famous AV such as Norton, Panda, McAfee, Kaspersky, Avast, NOD32, F-Prot, Trend Micro, Bit Defender... When detecting a well-known virus/trojan file, they are all equal, but when detecting "hidden malware", only Stop-Sign detects them all.
I downloaded the client (not the server!!) of ProRat, the best Trojan/RAT, and then, using "anti-cracks" tools ("EXE Packers/Crypters/Protectors" - such as ASpack, Armadillo, PEcompact), I modified the original ProRat.exe and only Stop-Sign detected it! Amazing, "anti-crack" applications are "malware-friends"!!
If you want to infect a computer despite it has AV or not, just use "anti-cracks tools" as "malware-hidders"! (except if you Stop-Sign)...
The other advantage of Stop-Sign - low CPU/RAM usage (very "light").
So, I love my AV; I do not want to change my AV!
I think it is ridiculous that some anti-spyware tools classify Stop-Sign and VNC as malware - I conclude that anti-spyware tools detect more "false-positives" than "true-positives"!!

To see my "Event Viewer's Logs" please download the zip file at:


Best regards.
You are entitled to the opinion that "eAcceleration (Stop-Sign) Anti-Virus" is the best A/V - and it may be the best for you. But as phototropic says, it is not industry-standard, and hence not recognised in a wider sense.

I personally do not think that this A/V soultion can be better than F-Prot and NOD32, to name but two - it sounds like you work for the company in question...

Only when I see this A/V solution bandied around EE and other IT-related forums, will I ever recommend this product. There are some reports (unverified) that this software slows your PC down.

As to your event logs - this error looks to be related to Windows Installer - try reinstalling the installer (http://www.microsoft.com/downloads/details.aspx?familyid=889482FC-5F56-4A38-B838-DE776FD4138C) and/or - use the cleanup utility (http://support.microsoft.com/kb/290301)

I also notice svchost keeps stopping - I think that you require a repair install (http://www.michaelstevenstech.com/XPrepairinstall.htm)

asgarcymedAuthor Commented:
Thank you!!!!!!!!!!
Good morning!
I'm glad to see that  checking event viewer led to the resolution of your problem...
No problem.
Happy computing!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now