Solved

AVG, firewall, regedit, and msconfig quit after a few seconds

Posted on 2004-08-23
5
852 Views
Last Modified: 2008-02-01
Anyone know what the latest virus is that shuts down Avg, sygate firewall, regedit, and msconfig after a few seconds?  I can scan for viruses using Panda online, but can't get avg et al to hang around for more than a few seconds.  Doesn't appear to be any viral processes going on in task manager to shut down either.  This is on xp home
0
Comment
Question by:queira
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 21

Expert Comment

by:jvuz
ID: 11878453
Have you already tried to check with Stinger:

http://vil.nai.com/vil/stinger/
0
 
LVL 6

Expert Comment

by:akboss
ID: 11878493
download and try running this.

http://vil.nai.com/vil/stinger/

also download these.

Spyware/Adware removal tools
SpyBot
http://www.pcworld.com/downloads/file_description/0,fid,22262,00.asp


Ad-aware
 http://www.lavasoftusa.com/support/download/#free

Run these before running HijackThis.

HijackThis
http://www.majorgeeks.com/download3155.html

when you run HijackThis make sure you place it in its own folder. Run it and make a copy of the log. Paste it here and I or someone else will look at it and see if there is something else that needs to be done.

Try these suggestions first. If there is more to do we can work on it at that time.
0
 
LVL 6

Accepted Solution

by:
acmp earned 250 total points
ID: 11890315
The process may be disguised as a valid process, such as SVCHost.

If you use PrcView (from http://www.xmlsp.com/pview/prcview.htm)  It includes the path info for the processes. Very useful.

But I'd go with jvuz and run stinger first.

Maybe you could post a hijackthis log and/or PrcView log

acmp<><
0
 

Author Comment

by:queira
ID: 11939180
Got rid of all the viruses, but when i boot up, as windows starts, I get an error message saying hostsrv.exe could not be found.  No entries in msconfig and no entries in the run key in any of the registry keys either.  Hostsrv.exe is not running in task manager either.  It was one of the processes that was running when the viruses were running wild.  How to get rid of?
0
 
LVL 6

Expert Comment

by:acmp
ID: 11943392
I did a Google for hostsrv.exe and only got 1 hit!
http://handsoff.infomedia.it/cgi-bin/lwgate/VB-IT/archives/vb-it.log.0204/Author/article-841.html

It relates to Win95, is that your OS?

I'd try a safemode boot and see if the problem persists. can you feed back what happens and also your Win Ver.

acmp<><
0

Featured Post

Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question