svchost.exe what anti-virus using

svchost.exe what anti-virus using: Posted by J Johnson on August 15th, 2003; Im having this svchost.exe problem, mcafee anti-virus not
detecting any msblast or w32lovsan worm. How can I remove
the worm when I can not find it?; Posted by Steve Parry [MVP] on August 15th, 2003; J Johnson wrote:
try the follow commands on your PC from a CMD prompt

netstat -an | findstr 135

If you see alot of connections going to internet IP addresses
then it's a
good chance you have the worm. Just a little tip.

http://www.microsoft.com/security/incident/blast.asp

http://www.europe.f-secure.com/v-descs/msblast.shtml

although the removal tool link is incorrect ... it should be

ftp://ftp.f-secure.com/anti-virus/tools/F-Lovsan.zip

--
Steve Parry BA (Hons) MCP MVP

http://www.gwynfryn.co.uk; Posted by Mattie on August 15th, 2003; Me too, I reformatted my disk & now seem to be in catch
22 - can't use the patch without service pack, can't
download service pack because of the svchost error.

All virus/worm checks say I haven't got it. I've installed
Zone Alarm as recommended by MS & things have improved. I
was unable to post a message before, but the problem is
not cured.

Has anyone contacted Microsoft about this, or is that a
silly question?

Mattie; Posted by Ken Briscoe on August 15th, 2003; The silliness doesn't really apply at the "question" level, so much as the
"asker" level. Yes, Microsoft knows about this. Everyone knows about this.
You have the Blaster worm. If you don't have updated definitions of your AV
software, it may tell you that you don't have any infections when in fact
you do. You need to keep that firewall going at ALL times, especially if
you're on cable/T1/other permanent connection. You need to update your AV
software. You need to remove msblast.exe from your computer. You need to get
ALL Windows Service Packs (order them on CD if you can't download them, ask
a friend to download them for you, whatever it takes). Then, if you're still
having problems, come back and ask a "silly" question. But read the other
posts first, your questions will probably be answered more than once.

KB; Posted by Mattie on August 15th, 2003; I have read the posts, I have used my updated virus
checker, I have used the Symantec Blaster worm finder, I
have searched my registry in all the Windows folders, not
just Current Version. If it is the worm, it's doing a very
good job of hiding itself.

The only thing that seems to have helped is the firewall.
Not sure how to get the service pack on a CD, but will try.

Thanks for responding.

Mattie; Posted by George Hester on August 15th, 2003; Here's mine:

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
UDP 0.0.0.0:135 *:*

I'm going to assume this is OK. If I change the port to 80

netstat -an | findstr 80

will that tell me all client's IP addresses that are accessing my IIS
Server? Thanks.

--
George Hester
__________________________________
"Steve Parry [MVP]" <k100rs_1990@hotmailnospam.com> wrote in message
news:%23vcuKm1YDHA.2648@TK2MSFTNGP09.phx.gbl...

Similar Posts

free anti virus,anti spam, anti spyware softwares (Microsoft Windows) by softwareengineer2006@gmail.com
free anti virus,anti spam, anti spyware softwares (Help and Support) by softwareengineer2006@gmail.com
free anti virus,anti spam, anti spyware softwares (Software & Applications) by softwareengineer2006@gmail.com
free anti virus,anti spam, anti spyware softwares (Computers & Technology) by softwareengineer2006@gmail.com
Error updating anti virus signature for ZoneAlarm with Anti virus 5.5 (Virus & Worms) by B. Conners