What is this message/how do i get rid

By bobby123
Sep 13, 2007
Topic Status:
Not open for further replies.
  1. [​IMG]

    Keep getting this when I start up, how do I get rid?
  2. Rik

    Rik Banned Posts: 4,985

    A windows restore to a date before that began should do it.
  3. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    how do i do it? I want to take my latptop to uni on sat and just want ti fresh and clean as it will be only form of entertainment,
  4. Rik

    Rik Banned Posts: 4,985

    Click on your start button, then all programs, then accesories, then system tools, then system restore. From there, follow the onscreen instructions.
  5. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    which option shud i choose? create a new restore point
  6. Rik

    Rik Banned Posts: 4,985

    Please re-read my first post.
  7. jobeard

    jobeard TS Ambassador Posts: 13,282   +280

    restore from a restore point will not recover the file; it only reverts the registry
    to the date requested! :(

    A restore point is not the same thing as a backup.
  8. Rik

    Rik Banned Posts: 4,985

    If the file is missing because it has become corrupted then it will fix it.

    Actually, i will change that to may fix it.
  9. jobeard

    jobeard TS Ambassador Posts: 13,282   +280

    that's the functionality of SFC /SCANNOW, not restore :)
  10. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    what should i do?
  11. Rik

    Rik Banned Posts: 4,985

    Both should be worth a try.
     
  12. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,711

    svchost.exe is an essential windows file but it should be in c:\windows\system32, not where this error thinks it is.
    This attempt to run a copy from the wrong file location is perhaps the result of a fixed virus infection - does this make sense?
    You could also look in msconfig (Start > run > [msconfig] > OK) for an instruction to run the program from this location - if you find it you can disable it.
  13. jobeard

    jobeard TS Ambassador Posts: 13,282   +280

    That's correct. any copy running elsewhere is bogus :(

    first, get a command prompt and issue
    Code:
    dir \windows\system32\svchost.exe
    which must show the file at this location.

    now follow these instructions
  14. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    can someone give me exact instructions please, i am totally confused and my comp terminology is poor.
  15. jobeard

    jobeard TS Ambassador Posts: 13,282   +280

    follow the insturctions shown -- you have some virus and the instructions will
    allow us to diagnose which one.
  16. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    can u give me which instructions in an order please
  17. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,711

  18. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    i thought there was an easier way to fix it?. Are you sure i have a virus as avg runs and it hasnt report nefing
     
  19. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Your system is infected with malware.

    svchost.exe should not be in the C:\windows directory. This means that a malicious process is trying to locate a bogus copy of svchost.exe.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of bobby123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  20. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    man I am running out of time as I have to pack, hence I will give you a hjt log and results of rootkit. Please tell me what to do. thanks
  21. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Without seeing the rest of the requested log files, I won`t be able to say with any certainty whether your system is clean.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    F3 - REG:win.ini: load=C:\WINDOWS\svchost.exe

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\WINDOWS\svchost.exe

    Reboot into normal mode and rehide your protected OS files.

    Post a fresh HJT log as well as the rest of the requested log files.

    Regards Howard :)

    This thread is for the use of bobby123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  22. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    this is my combo i will do ur hjt instructions now.
  23. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Nothing wrong there mate.

    Regards Howard :)

    This thread is for the use of bobby123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
  24. bobby123

    bobby123 Newcomer, in training Topic Starter Posts: 391

    sorry but where is windows explorer cos iwent to tools and options and asked for show hidden folders and files. Located and deleted the BHO(no name) but couldnt find the other 1. Also how is it possible to locate that synchot thing you said.

    I restarted and the message isnt coming anymore
  25. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    If the file isn`t there, don`t worry about it. That`s why I said(if there)lol.

    Just post a fresh HJT log.

    Regards Howard :)

    This thread is for the use of bobby123 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.