• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2337
  • Last Modified:

"Generic Host Process for Win32 Services error kills my audio device...

I am using a PC with Windows XP Professional Service Pack 2, which has as audio device, Realtek HD. All my drivers are up-to-date.
I have a serious a problem  few minutes after booting Windows, an error message appears saying "Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.
After this happening, my audio device dies completely (computer has no sound; in Control Panel => Sounds and Audio Devices says No audio device found; many applications refuse to run because no audio devices detected!).
Please note that while such error messages does not appear (few minutes after booting), everything is OK.
And I can tell you even more  if I open an application that obligatory needs an audio device, before such error appears, the applications continues to work well (with sound) even after such error appears and so no sound (except for applications opened before error appearance).
Do you understand? What do you suggest?

Thanks in advance.
Best regards.
0
asgarcymed
Asked:
asgarcymed
  • 5
  • 4
  • 3
  • +1
1 Solution
 
KCTSCommented:
Sounds like a driver issue - visit the manufacturers support site and make sure tou have the latest drivers
0
 
asgarcymedAuthor Commented:
I am absolutely sure that I have the latest drivers - I have an application to automatically update all drivers (Driver Genius Pro 2007) AND I visited Realtek's site and downloaded all updates/patches/hotfixes...
0
 
and235100Commented:
Check in Device Manager (start, run, type devmgmt.msc <hit enter>) for any yellow ! or ? symbols next to device entries.

The other thing - these two problems may be unrelated.

Firstly - make sure that you have the latest version of the Realtek HD codec:
http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1&PNid=14&PFid=24&Level=4&Conn=3&DownTypeID=3&GetDown=false

Also - check for a possible spyware issue:
http://www.spywareinfo.com/~merijn/downloads.html
Run the program and post the unfixed log to this question.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
asgarcymedAuthor Commented:
and235100 - On the Device Manager everything is OK, even after such error appears.
I have done many spyware scans, using  many anti-spyware applications, and all said I have no spyware (I am clean).
I have all latest  drivers/codecs/updates/patches/hotfixes from Realtek.
This seems to be an easy diagnosis/problem identification and classification (conflicts between drivers and OS) but an almost impossible treatment/resolution (programming a new driver???)...
:( :(
0
 
phototropicCommented:
What does Event Viewer say?  It should give you some more information about exactly what is happening...
0
 
and235100Commented:
Could you please post a hijackthis log - just to make sure this isn't spyware?

http://www.spywareinfo.com/~merijn/downloads.html
http://www.majorgeeks.com/download5554.html

Run the program, clcik "Do a system scan and save a logfile" - don't fix anything however - post the unfixed log to this question.
0
 
asgarcymedAuthor Commented:
Here it is - the HijaclThis' Log:

{
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:22, on 16-08-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WIN2\System32\smss.exe
C:\WIN2\system32\winlogon.exe
C:\WIN2\system32\services.exe
C:\WIN2\system32\lsass.exe
C:\WIN2\system32\svchost.exe
C:\WIN2\System32\svchost.exe
C:\WIN2\system32\spoolsv.exe
C:\WIN2\Explorer.EXE
C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\No-IP\DUC20.exe
C:\WIN2\system32\nvsvc32.exe
C:\WIN2\system32\HPZipm12.exe
C:\Program Files\UltraVnc\uvnc_service.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WIN2\system32\vmnat.exe
C:\Program Files\UltraVnc\winvnc.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\eAcceleration\Station\station.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\SpyNoMore\SNM.exe
C:\WIN2\RTHDCPL.EXE
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WIN2\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WIN2\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Jose Carlos Garcia\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://v4.windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/embed/hpsu/survey
F2 - REG:system.ini: UserInit=C:\WIN2\system32\Userinit.exe
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WIN2\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SoftwareStation] "C:\Program Files\eAcceleration\Station\station.exe" /b Startup
O4 - HKLM\..\Run: [StopSignSsTsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\sstsmon.dll",VerifyStatus
O4 - HKLM\..\Run: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus
O4 - HKLM\..\Run: [webscan] "C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe" -k
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\RunOnce: [StopSignSsSsMon] Rundll32.exe "C:\Program Files\Acceleration Software\Anti-Virus\ssssmon.dll",VerifyStatus /ro
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WIN2\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WIN2\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A41C91FB-1320-49D7-B126-446846A2C449}: NameServer = 212.113.164.52,212.113.164.28
O17 - HKLM\System\CCS\Services\Tcpip\..\{C7A58BD1-D3E7-4409-9E97-4A4DC675812D}: NameServer = 212.113.164.53,212.113.164.28
O23 - Service: Free Proxy Service (FreeProxy) - Unknown owner - C:\Program Files\Hand-Crafted Software\FreeProxy\FreeProxy.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WIN2\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WIN2\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Uvnc_service - Unknown owner - C:\Program Files\UltraVnc\uvnc_service.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WIN2\system32\vmnat.exe

--
End of file - 7343 bytes
}
0
 
phototropicCommented:
Your HJT log looks clean - although "Acceleration anti-virus" is not industry-standard and you might want to consider upgrading your av...
I repeat, what does event viewer say...?
0
 
asgarcymedAuthor Commented:
eAcceleration (Stop-Sign) Anti-Virus (AV) is not a famous AV but I have done a lot of tests and I have no doubt it is the best - it is much better than other famous AV such as Norton, Panda, McAfee, Kaspersky, Avast, NOD32, F-Prot, Trend Micro, Bit Defender... When detecting a well-known virus/trojan file, they are all equal, but when detecting "hidden malware", only Stop-Sign detects them all.
I downloaded the client (not the server!!) of ProRat, the best Trojan/RAT, and then, using "anti-cracks" tools ("EXE Packers/Crypters/Protectors" - such as ASpack, Armadillo, PEcompact), I modified the original ProRat.exe and only Stop-Sign detected it! Amazing, "anti-crack" applications are "malware-friends"!!
If you want to infect a computer despite it has AV or not, just use "anti-cracks tools" as "malware-hidders"! (except if you Stop-Sign)...
The other advantage of Stop-Sign - low CPU/RAM usage (very "light").
So, I love my AV; I do not want to change my AV!
I think it is ridiculous that some anti-spyware tools classify Stop-Sign and VNC as malware - I conclude that anti-spyware tools detect more "false-positives" than "true-positives"!!



To see my "Event Viewer's Logs" please download the zip file at:

https://backup.filesanywhere.com/v.asp?v=%89ki%88%5Cf%A9%A8%AC%A0

Thanks.
Best regards.
0
 
and235100Commented:
You are entitled to the opinion that "eAcceleration (Stop-Sign) Anti-Virus" is the best A/V - and it may be the best for you. But as phototropic says, it is not industry-standard, and hence not recognised in a wider sense.

I personally do not think that this A/V soultion can be better than F-Prot and NOD32, to name but two - it sounds like you work for the company in question...

Only when I see this A/V solution bandied around EE and other IT-related forums, will I ever recommend this product. There are some reports (unverified) that this software slows your PC down.

As to your event logs - this error looks to be related to Windows Installer - try reinstalling the installer (http://www.microsoft.com/downloads/details.aspx?familyid=889482FC-5F56-4A38-B838-DE776FD4138C) and/or - use the cleanup utility (http://support.microsoft.com/kb/290301)

I also notice svchost keeps stopping - I think that you require a repair install (http://www.michaelstevenstech.com/XPrepairinstall.htm)

0
 
asgarcymedAuthor Commented:
Thank you!!!!!!!!!!
0
 
phototropicCommented:
Good morning!
I'm glad to see that  checking event viewer led to the resolution of your problem...
0
 
and235100Commented:
No problem.
Happy computing!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now