Solved

AVG, firewall, regedit, and msconfig quit after a few seconds

Posted on 2004-08-23
5
851 Views
Last Modified: 2008-02-01
Anyone know what the latest virus is that shuts down Avg, sygate firewall, regedit, and msconfig after a few seconds?  I can scan for viruses using Panda online, but can't get avg et al to hang around for more than a few seconds.  Doesn't appear to be any viral processes going on in task manager to shut down either.  This is on xp home
0
Comment
Question by:queira
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 21

Expert Comment

by:jvuz
ID: 11878453
Have you already tried to check with Stinger:

http://vil.nai.com/vil/stinger/
0
 
LVL 6

Expert Comment

by:akboss
ID: 11878493
download and try running this.

http://vil.nai.com/vil/stinger/

also download these.

Spyware/Adware removal tools
SpyBot
http://www.pcworld.com/downloads/file_description/0,fid,22262,00.asp


Ad-aware
 http://www.lavasoftusa.com/support/download/#free

Run these before running HijackThis.

HijackThis
http://www.majorgeeks.com/download3155.html

when you run HijackThis make sure you place it in its own folder. Run it and make a copy of the log. Paste it here and I or someone else will look at it and see if there is something else that needs to be done.

Try these suggestions first. If there is more to do we can work on it at that time.
0
 
LVL 6

Accepted Solution

by:
acmp earned 250 total points
ID: 11890315
The process may be disguised as a valid process, such as SVCHost.

If you use PrcView (from http://www.xmlsp.com/pview/prcview.htm)  It includes the path info for the processes. Very useful.

But I'd go with jvuz and run stinger first.

Maybe you could post a hijackthis log and/or PrcView log

acmp<><
0
 

Author Comment

by:queira
ID: 11939180
Got rid of all the viruses, but when i boot up, as windows starts, I get an error message saying hostsrv.exe could not be found.  No entries in msconfig and no entries in the run key in any of the registry keys either.  Hostsrv.exe is not running in task manager either.  It was one of the processes that was running when the viruses were running wild.  How to get rid of?
0
 
LVL 6

Expert Comment

by:acmp
ID: 11943392
I did a Google for hostsrv.exe and only got 1 hit!
http://handsoff.infomedia.it/cgi-bin/lwgate/VB-IT/archives/vb-it.log.0204/Author/article-841.html

It relates to Win95, is that your OS?

I'd try a safemode boot and see if the problem persists. can you feed back what happens and also your Win Ver.

acmp<><
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
PUP or Virus 6 94
EE experience on sites similar to VirusTotal? 4 163
Multiple Antivirus Providers  - Corporate 2 124
Behavior-based and anomalies detection for Trend Micro 2 56
As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question