Problem with Generic Host Process 4 Win32 Services (svchost) and .exe file assocs.

By bricklyne
Jan 3, 2005
  1. Hi guys,

    I'm not sure if anyone can help me with this paticular, problem, but anyway here goes. A couple of weeks back, I installed Symantec antivirus, to try to protect my computer and after installation proceeded to do a scan and cleanup of my hard-drive. Symantec informed me that it had found a couple of viruses and immediately deleted the files infected. One of the files it mentiioned was SVChost.exe ( if I remember correctly) although I now believe it was pobably a trojan disguised as svchost ( like either svchost32.exe, or svchoster.exe or something like that). It also mentioned that rundll32.exe or something similar was also infected and likewise deleted. Anyways, after it was done, I found out that I was not able to open any program the normal way i.e. double-clicking on the executable file or shortcut icon, and only later-on did I discover that the only way to run most (not all) of my pograms was through the runas command ( right-clicking on the .exe or the icon and selecting run as) and then unchecking the "protect my computer from unauthorized program activity" checkbox. Even worse, as symantec restarted the computer as part of the cleanup procedure, most of my tray icons or startup programs and drivers ( video, audio, etc) did not load on. I thought all this was symantec's doing and that maybe the copy of svchost it left was corrupted, so I uninstalled SAV ( with great difficulty, because even control Panel was not working) and I reinstalled a copy of svchost from the WinXP CD using the expand command from the Windows XP install CD maintenance screen. Nada! I also replaced the rundll32.exe when it said it was missing or corrupted and I couldn't run control panel. Now I can't even do system restore because everytime it has to restart the computer and get back to the starting screen, it is unable to open the Restore system .EXE file (rstrui.exe) at startup like all the other drivers. Now, I'm being told by a lot of people that my only option is to nuke (format) the computer and reinstall windows XP. I really don't want to do this because I stand to lose a hell of a lot of files. Is there anything, anything else that I could possibly do? I have already tried reassociating .EXEs with the Generic Host Process, in Folder options under control panel, I've tried resetting my startup drivers in msconfig, I've tried system restore in Administrator account, . ........ nothing works.

    Like I said, most of the programs will work with the runas command, but because I can''t do that at startup or for dlls, I don't have most of the device drivers, ( no sound, no display options, no nVIDIA control) and a whole lot of other programs simply wouldn't work.

    please help :(
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,452

    Another Norton/Symantec victim....

    Uninstall that crap, and NEVER ever spend another penny on anything from that outfit!
    It will take quite some effort to rid your machine of that stuff, but do it.
    Then do a Repair of XP. See this thread here How to repair XP..

    Then install the free AVG antivirus from www.grisoft.com and the free personal firewall from either www.sygate.com or www.kerio.com
