HELP! Anti-antivirus?
From: Patrick Wherley (pat_at_totalsuccessmarketing.com)
Date: 06/15/04
- Next message: cquirke (MVP Win9x): "Re: virus removal difficulty"
- Previous message: cquirke (MVP Win9x): "Re: Handling boot viruses"
- Next in thread: Jupiter Jones [MVP]: "Re: HELP! Anti-antivirus?"
- Reply: Jupiter Jones [MVP]: "Re: HELP! Anti-antivirus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 14 Jun 2004 19:12:41 -0600
I cannot run my AV programs anymore - something shuts them down within
seconds (I can run F-Prot AV in Safe Mode). I can't run regedit or sysedit
either - same thing: they are shut down in seconds.
When I did run F-Prot it found and deleted:
lsac.exe
scrgrd.exe
wuamgrd.exe
wuammgr32.exe
On bootup, AVP finds IRC/backdoor.sdbot.25.AD before it is shut down by the
mysterious anti-antivirus process.
Meanwhile, IE is occasionally being hijacked to the following URL:
http://sirux.fuker.net/sirux4.html
At that site I am asked to download a Certificate, which I of course
decline. It won't take no for an answer, however, and I have to shut down
IE through the Task Manager.
I have run both Spy Bot and Ad Aware as well as CW Shredder, and they have
had no effect on these symptoms.
Lastly, after viruses are found and successfully deleted, they reappear, the
most consistent offender is wuammgr32.exe. Again this can only be
determined by running F-Prot AV in Safe Mode (AVG apparently doesn't work at
all in Safe Mode).
I am at my wit's end and I'm preparing to reformat the hard disk.
Any ideas would sure be appreciated.
- Next message: cquirke (MVP Win9x): "Re: virus removal difficulty"
- Previous message: cquirke (MVP Win9x): "Re: Handling boot viruses"
- Next in thread: Jupiter Jones [MVP]: "Re: HELP! Anti-antivirus?"
- Reply: Jupiter Jones [MVP]: "Re: HELP! Anti-antivirus?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
