Re: HELP! Anti-antivirus?

From: Jupiter Jones [MVP] (jones_jupiter_at_hotnomail.com)
Date: 06/15/04 

Date: Mon, 14 Jun 2004 22:58:10 -0600

Patrick;
What operating system?
If Windows XP, enable the firewall:
http://support.microsoft.com/?kbid=283673

Were all the tools you used updated within the last few days?
Run them again with the Windows firewall enabled.
Some viruses and/or spyware cause similar issues.

Completely uninstall your antivirus, reboot then install it again.
Do the same with your firewall 

-- 
Jupiter Jones  [MVP]
http://www3.telus.net/dandemar/
"Patrick Wherley" <pat@totalsuccessmarketing.com> wrote in message
news:uuU0WEpUEHA.2360@TK2MSFTNGP10.phx.gbl...
> Thanks, JJ:
>
> 1. I do have a firewall - Kerio Personal Firewall.  The behaviour I
> described is unaffected whether thr firewall is running, not
running, or
> completely uninstalled.
>
> 2. I have run the Panda online scanner - it did find and delete some
files,
> but that has made no difference to the problems I reported (namely
an
> inability to run AV programs).
>
> 3. CW Shredder finds no infections.
>
> 4. Ad Aware & Spybot have been run and some adware neutralized, but
again,
> nothing that affects the main problem.
>
> Any other ideas?
>
> Pat
>
> "Jupiter Jones [MVP]" <jones_jupiter@hotnomail.com> wrote in message
> news:uylzaaoUEHA.1656@TK2MSFTNGP09.phx.gbl...
> > Patrick;
> > First enable/install a  the firewall;
> > http://support.microsoft.com/?kbid=283673
> > Scan for virus online, #1 on this link:
> > http://www3.telus.net/dandemar/slowcom.htm
> > Then perform #2, #3 & #4 on the same link to check for viruses and
> > spyware;
> >
> > Follow this to help prevent this in the future:
> > http://www3.telus.net/dandemar/security.htm
> >
> > -- 
> > Jupiter Jones  [MVP]
> > http://www3.telus.net/dandemar/
> >
> >
> > "Patrick Wherley" <pat@totalsuccessmarketing.com> wrote in message
> > news:ubquVXnUEHA.1764@TK2MSFTNGP10.phx.gbl...
> > > I cannot run my AV programs anymore - something shuts them down
> > within
> > > seconds (I can run F-Prot AV in Safe Mode).  I can't run regedit
or
> > sysedit
> > > either - same thing: they are shut down in seconds.
> > >
> > > When I did run F-Prot it found and deleted:
> > >
> > > lsac.exe
> > > scrgrd.exe
> > > wuamgrd.exe
> > > wuammgr32.exe
> > >
> > > On bootup, AVP finds IRC/backdoor.sdbot.25.AD before it is shut
down
> > by the
> > > mysterious anti-antivirus process.
> > >
> > > Meanwhile, IE is occasionally being hijacked to the following
URL:
> > >
> > > http://sirux.fuker.net/sirux4.html
> > >
> > > At that site I am asked to download a Certificate, which I of
course
> > > decline.  It won't take no for an answer, however, and I have to
> > shut down
> > > IE through the Task Manager.
> > >
> > > I have run both Spy Bot and Ad Aware as well as CW Shredder, and
> > they have
> > > had no effect on these symptoms.
> > >
> > > Lastly, after viruses are found and successfully deleted, they
> > reappear, the
> > > most consistent offender is wuammgr32.exe.  Again this can only
be
> > > determined by running F-Prot AV in Safe Mode (AVG apparently
doesn't
> > work at
> > > all in Safe Mode).
> > >
> > > I am at my wit's end and I'm preparing to reformat the hard
disk.
> > >
> > > Any ideas would sure be appreciated.
> > >
> > >
> >
> >
>
>
Quantcast