Page 2 of 2 First 12
  • Jump to page:
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Rep Power
    Uh, is anyone able to help me restore my computer to working condition? I'm getting the feeling my thread went dead... Hiker? Anyone?
  2. #17
  3. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Rep Power
    Since your HJT log has a lot of these...
    O23 - Service: Network Connections (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

    and svchost.exe is one of those critical things for normal operation, then I think the following things should be considered.

    1. Copy from a trusted source the svchost.exe file from another XP machine to this one.

    2. If you have limited explorer functionality, and if you haven't done so already, make a backup of anything you want to keep. At this stage, you should consider the backup contaminated, so don't be in a rush to use it without going over it with several scanners at some point.

    > I'm using a custom built desktop with windows XP operating system.
    3. Probably on another machine.
    Locate and download all the latest drivers for any hardware you've got installed in the machine.
    Locate and download all the software which you currently use.
    Locate and note any licence / registration information for any purchased software.
    If you've been busy installing / uninstalling / updating for a number of years, there could be all sorts of detritus lying around, not to mention the left-overs of whatever malware made it onto your machine.

    The reasonably safe thing to do next is buy another hard disk (almost certainly larger than the one you have, probably faster as well), re-install everything you need and then plug your old hard disk in as a slave. This can then be scanned purely as a data drive without letting any malware get any chance of running and hooking itself into the OS.

    A clean OS with just what you currently need installed should be a lot more responsive.

    One word of caution though.
    Since you're running XP, there will be well over 100 updates when MS update finally kicks in.
    You might try applying them in batches.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper
  4. #18
  5. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Oct 2009
    Nebraska, USA
    Rep Power
    If you have a bootable XP CD, you can recover that missing file using the Recovery Console [along with the EXPAND command].
    I'm sure you can find lots of tutorials, using google, to help you get into recovery console and on how to use the EXPAND command.

    this link tells you how to get into recovery console >>LINK<<

    Once in recovery console, and at the C:\ prompt, you will need to switch back to your cd/dvd drive letter [assuming X: here], then, cd to your i386 folder
    cd x:\i386
    then, issue this command to expand the svchost file into the correct place.
    expand svchost.ex_ C:\Windows\system32\svchost.exe
    Confirm by pressing Y for yes. Remove the CD.
    Then, reboot into the OS with safemode ....goto Start>Run and issue the command "sfc /scannow" (without the quotes)..reinsert your XP cd and let it scan and replace whatever corrupted/missing files it finds.
    Hopefully this will allow you to get an antivirus installed to let you scan/clean up your OS.

    Otherwise, you will need to use salem's advice.
    good luck.
    Last edited by DonR; February 10th, 2013 at 11:08 AM.
  6. #19
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Rep Power
    so i did like donR suggested and went and found the software for my svchosts. I installed it and things are all but back to normal. Having done so i've begun doing sticky's anti-virus walkthrough, the following are the logs that were generated:

    Malwarebytes Anti-Malware

    Database version: v2013.02.10.02

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Serain :: TJE-E221F6EFC6F [administrator]

    2/10/2013 3:12:53 AM
    mbam-log-2013-02-10 (03-12-53).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 204205
    Time elapsed: 3 minute(s), 19 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AntiMalware (Trojan.FakeMS) -> Data: "C:\Documents and Settings\All Users\Application Data\AntiMalware.exe" -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Documents and Settings\All Users\Application Data\AntiMalware.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.


    will update after restart
Page 2 of 2 First 12
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo