cancel
Showing results for 
Search instead for 
Did you mean: 

svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack

Hi,

I am using McAfee Virus Sacn Enterprise 8.7.

I am receiving this message from the virus alert console since yesterday only.

"svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack"

Will it harm my computer anyway?? How do I need to fix it??

Yesterday I updated my Nokia PC Suite from "Nokia_PC_Suite_7_1_30_9_eng_web" to "Nokia_PC_Suite_7_1_40_1_eng_web". After updating the same I rebooted my computer. From then onwards I have been receiving the above said alert.

After I doubted that the PC suite might have caused all these problem, I uninstalled the "Nokia_PC_Suite_7_1_40_1_eng_web" and again installed the previous version of the PC suite i.e. "Nokia_PC_Suite_7_1_30_9_eng_web", but even though I have been receiving this alert. One more thing I receive this alert only when I connect my PC to the internet.

Also when I reboot my computer it show a pop-up "Generic Host Process for Win32 services" has blocked some file. Also while working on the system, the system automatically gets refreshed and the internet connection gets disconnected and to again connect to the internet I need to reboot my computer.

Please help me in fixing this problem.

Thanks

Rakesh

4 Replies
Mal09
Level 12
Report Inappropriate Content
Message 2 of 5

Re: svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack

I suspect that there is an Internet worm attempting to exploit a vulnerability in Windows on your machine.

Do you have the latest Security patches installed for your Operating system?

Also, does the Buffer Overflow Protection Log (open McAfee console, select "Buffer Overflow protection", right click and view log) give any further details?

Message was edited by: Mal09 on 11/28/09 6:55 AM

Re: svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack

Hi Thanks,

The buffer Overflow report is attached herewith. Please go through the same and let me know. Further I have installed the latest security patches on my windows machine. Today till the time I have not received any alert. Please let me know as how to fix this problem.

Thanks

Rakesh

Highlighted
maziz
Level 10
Report Inappropriate Content
Message 4 of 5

Re: svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack

Hi Rakesh

Firstly, I would recommend that you update to the latest DAT files and run a full scan on the system. Preferrably, I would recommend that the scan is scheduled and not just user initiated. Confirm that there are no detection or that detections are cleaned/deleted. You can post the On Demand Scan log file once this has been done for further review. This will also tell me if the scan is scheduled or not so please make sure it is scheduled.

Secondly, I would recommend that you set up your system to create a memory dump file for Buffer overflow detections. This will cause your machine to Blue Screen when a Buffer Overflow occurs. To do this go to the McAfee Service Portal HERE and click on "Search The KnowledgeBase" on the right hand side under Self Service. Then, in the search box, type KB54839. This will instruct you on how to do this.

The memory dump file created can then be analyzed to determine the cause of the Buffer Overflow.

Hope this helps.

Re: svchost.exe:KELNER32.LoadLibraryA / BO:writable BO:stack

Hi,

How many computers you are using in the network?

Thanks

Jenish

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community