Showing results for 
Search instead for 
Did you mean: 
Level 7

Virus disables Firewall, but scan and stinger find nothing

Running XP with SP2, neither the full scan nor the stinger reports any hits.  However, while running in "safe mode with network", McAfee shows red because "Realtime scanning is off".  If I click to turn Realtime Scanning on, it stays on for a second or two, with McAfee showing green, but then Realtime Scanning reverts to off (and McAfee to red).  Before running the scan, I also observed that the firewall was off, with the same symptom: namely that if I clicked with the mouse to turn it on, it turned off again within a second or so.

The user is not sure which of the following URLs was browsed, either  (removed for security reasons) which is now returning a "403 Forbidden" when I try to retrieve it with).  Whichever one it was instructed her to load a file called ff-update.exe from a location which she does not recall.  As soon as she tried to install the ff-update.exe, McAfee popped up an error, and we shut down the machine, and rebooted it in safe mode to try to clean the machine.

I'm assuming that the clean scan means that the problem is too new to have a signature yet.  Any suggestions?  Thank you.

Message was edited by: Ex_Brit on 28/07/10 8:24:03 EDT AM
0 Kudos
1 Reply
Level 21

Re: Virus disables Firewall, but scan and stinger find nothing

McAfee SecurityCenter is inoperative in any of the various safe modes but you can still initiate a scan by right-clicking the taskbar icon and selecting "Run a Scan".  There will be no indication that anything is happening but if you hover over the taskbar icon you will get a progress report.

Follow the guidelines in THIS document.

If that doesn't help get the FREE version of THIS software and update it before running (important).  Let it remove  everything it finds and reboot if asked to to complete the scan.

*******Meanwhile, and this is very  important.  It is vital that you install SP3 in order to continue to be  supported by Microsoft for security patches.  They stopped supporting  SP2 and under on July 13.

Check out THIS document for more information, and THIS thread for help.   SP3 is not auch a painful install as SP2 was.

There have been numerous updates since SP3 so keep updating with all critical and non-critical updates via Microsoft Update (as against Windows Update) as it will update everything.

Message was edited by: Ex_Brit on 28/07/10 8:24:48 EDT AM
0 Kudos