Virus (I believe its conficker)  | | | 
February 8th, 2009, 08:20 PM
|
#1 (permalink)
| | Junior Member
Join Date: Feb 2009
Posts: 1
|  Virus (I believe its conficker)
I believe I have the conficker virus. I cannot get anywhere to remove it.
It has disabled spybot s&d and avg won't update nor does it seem to find anything anyway.
I cannot load any antivirus site, or download the removal tool from microsoft site. Most websites redirect to search pages. Computer is slow, svchost is robbing nearly all the memory.
I tried to go to the microsoft website and get the patch or the malicious software removal tool but ofcourse it won't let me do that.
Im freaking out and am at a loss for how to get this thing off my computer.
Help.  | 
|  | |
March 27th, 2009, 04:37 AM
|
#2 (permalink)
| | Banned
Join Date: Mar 2009
Posts: 16
| | |
| | |
March 31st, 2009, 01:12 PM
|
#3 (permalink)
| | Junior Member
Join Date: Mar 2009
Posts: 1
| Conficker.C description and removal instructions
| |
| | |
March 31st, 2009, 01:45 PM
|
#4 (permalink)
| | Ultimate Member
Join Date: Sep 2002 Location: Finger Lakes area
Posts: 2,374
| 
Hello OknOtok, and welcome to the TIMO forums,
Beware of following links from new posters - verify before using.
It does sound like you are infected with Conficker as it does block access to many security sites including Microsoft's. I don't know how it does that unless it patches or replaces the HOSTS file. Check to see if your HOSTS file has been changed lately (c:\windows\system32\drivers\etc\HOSTS) unless you use one of the security HOSTS files like this: Blocking Unwanted Parasites with a Hosts File , or have modified it yourself, your HOSTS file should be the default, small and have the same date as your other Windows system files.
In any case, the patch for the vulnerability of which Conficker takes advantage has been available for months (OCT. 2008). Why wasn't your system patched?
Link for an ISO for the Antivir Rescue System CD from avira.com: http://dl1.pro.antivir.de/package/re...-common-en.iso
Self booting and should be able to clean Conficker, but you should download and burn the CD on a known-clean system, so no Malware can mess with the DL or burn. The Antivir Rescue ISO is updated frequently (as often as several times a day), so download a new ISO and make an updated CD as close to use as possible to have the latest tools.
Here is a link to an eMail newsletter which came in yesterday's mail with more sources and info: Microsoft Windows XP, Vista, Internet Explorer (IE), Firefox, Windows Update - Everything Microsoft forgot to mention
Having the standard bevy of security programs for Windwoes in place (as long as they are ones that Conficker doesn't know how to disable) can provide some help. A good, two way Firewall (Comodo seems to be a popular and effective free one) should prevent Conficker from calling home.
Another option is to stop running Windwoes or at least run it isolated from the Internet. At least up to now: Linux, BSD and the Mac OSes have been much more secure.
.bh.
PS: I'll be offline a while running the latest Antivir CD against my system. .bh. 
__________________
"Our freedom depends on five boxes: soap, ballot, jury, witness; and, when all else fails, Ammo. " ?author?
Last edited by zepper : April 1st, 2009 at 01:21 PM.
| |
| | |
April 1st, 2009, 12:58 PM
|
#5 (permalink)
| | Junior Member
Join Date: Apr 2009
Posts: 4
|
hi zepper,
I have AVG Free 7.5 and I read on the net that when the microsoft update gets turned off that its a possibility that it might be the conficker at work. I noticed that mine got turned off somehow. Plus early this morning when I connected to the internet and tried to disconnect, it wouldn't disconnect. I had to disconnect the cable to stop the connection. The internet connection icon on the computer would not disappear once I disconnected the cable. When I rebooted the computer, everything seems to be fine now. I can disconnect and reconnect at will, but the automatic update still does not work like it used to. I ran AVG free before I rebooted, just updated late last night, and it didn't pick anything up. Coincidence or conficker at work? | |
| | |
April 1st, 2009, 01:36 PM
|
#6 (permalink)
| | Ultimate Member
Join Date: Sep 2002 Location: Finger Lakes area
Posts: 2,374
|
I prefer using a self-booting tool to try to get rid of pre-existing malware so the malware can't block it. I'd download a self-booting tool like the Antivir Rescue CD .ISO linked above - there are other good Conficker removal tools as well as per the newsletter link. You have to download and burn the disc or write to floppy these tools on a known-clean machine for reliable results. PC World magazine's site: Reviews and News on Tech Products, Software and Downloads - PC World has a new article on defeating the conficker worm. Good luck. As I said above, "the Windows patch to largely prevent Conficker has been available from M$ since last October." What's your excuse?
It is mainly Win XP that is vulnerable, it seems that Vista is more resistant.
.bh. | |
| | |
April 1st, 2009, 01:44 PM
|
#7 (permalink)
| | Junior Member
Join Date: Apr 2009
Posts: 4
|
sorry, I should've mentioned I'm using Windows Me. Even though the windows update has nothing to update, i used to still get the reminder pop up on the screen until about a month or so ago. thanx for the infos. will check them out. | |
| | |
April 1st, 2009, 03:22 PM
|
#8 (permalink)
| | Ultimate Member
Join Date: Sep 2002 Location: Finger Lakes area
Posts: 2,374
|
Oh, still running Me - not really any M$ support for that any more... Sorry. Even some of the available anti-conficker tools may not work with that version. Are you sure Conficker even bothers to infect Me machines?
.bh. | |
| | |
April 1st, 2009, 06:17 PM
|
#9 (permalink)
| | Junior Member
Join Date: Apr 2009
Posts: 4
|
No, Im not sure. That's why I was searching on the net to find out if anything was going on with my system. The search brought me here...it just seemed weird that the internet connection wouldn't break off without me having to manually pull the plug so to speak on April 1st, you know, the big day that all heck was to break loose. Why the windows auto update isn't working anymore when it did a month or so ago (even though it can't update) is another mystery. When i read about how conficker dismantles the auto update just kinda got me wondering. Whether the two are connected or what happened was just a freak thing, I don't know. I d/led symantec's fix conficker tool (FixDwndp.exe) just in case I did have it on my system, but wasn't sure if I could use it with AVG Free installed or if it even worked with WinMe. And now you know the rest of the story... | |
| | |
April 2nd, 2009, 01:42 PM
|
#10 (permalink)
| | Junior Member
Join Date: Apr 2009
Posts: 3
| Win ME here too, problems today
Quote:
Originally Posted by robron  No, Im not sure. That's why I was searching on the net to find out if anything was going on with my system. The search brought me here...it just seemed weird that the internet connection wouldn't break off without me having to manually pull the plug so to speak on April 1st, you know, the big day that all heck was to break loose. Why the windows auto update isn't working anymore when it did a month or so ago (even though it can't update) is another mystery. When i read about how conficker dismantles the auto update just kinda got me wondering. Whether the two are connected or what happened was just a freak thing, I don't know. I d/led symantec's fix conficker tool (FixDwndp.exe) just in case I did have it on my system, but wasn't sure if I could use it with AVG Free installed or if it even worked with WinMe. And now you know the rest of the story... | | |
| | | Thread Tools | Search this Thread | | | | |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | | Most Active Discussions  | | | | |   Recent Discussions  | | | | |
 |
hardware
prices 
