I Got CONFICKER and I need your help!

I sent you Malwarebyte's Anti-Malware. Install it, start it and check for updates. Then run it.

HTH

UPDATE: I had to resend this as a ZIP file, since it's an EXE file that was rejected by your email delivery software...

Vince thanx for trying to help but I didn't get your email, you should resend it to carllisjames@yahoo.com

Conficker is not supposed to mess up your computer. It is a virus that embeds itself and allows the hackers to access your computer and store information on it. It also uses your computer as a proxy to conduct malicious activities on the internet. It is supposed to be undetectable to the user therefore the hackers can do their business without being noticed. This is a huge part of my 9-5 job. I work in IT (information technology) for a large printing company.

conflickr isnt that kind of virus. it doesnt slow you down, it gives a person the ability to MAYBE turn your computer into a zombie computer.

If you dont know much about the internet, there is a section of the net called IRC (Internet Relay Chat) and it is as old as the internet itself. Think of it as the basement of the internet. Its basically a free chat service with hundreds of thousands of servers and millions of users. This virus gets on your machine and makes an IRC zombie. You dont know its on your machine, but your machine will basically connect to irc through a program called telnet that is a default program on your machine and log to a specific server, go into a specific room on that server. In that room there will be 1000's of zombies, and the admin of the room (the guy who made the virus) will be able to send commands to the other 'users' in the rooms to make them carry out tasks.

So your machine can be used to do things like mass mail, or be involved in DNS attacks and you will never know it and if somehow the mail is discovered or the dns attack is tracked. the trail will lead back to the zombie computer (you) and not the actual instigator of the attack.

I also understand that this is directed at countries that do a lot of pirating because a microsoft update was put out to fix this issue and the pirated version of the o.s. dont have the update.

Microsoft has a malicious software removal tool that apprently cleans it right up but if you have it on your machine, you wont be able to get to microsoft, or places that have the fix, so someone will have to email it to you

I know, so can you please send it to me?

Ive already been to the microsoft ste and tried to download the microsoft milacious removal tool but of course it won't let me. Please send it to carllisjames@yahoo.com

Resent to new address. Hope this works...

I got it vince, but unfortunetly the damn conficker wouldn't let it download it just terminates it before it does anything.

I can only open things in my computer, any window outside of that is terminated. So if I could only get a download inside of the same (my computer) window then I could beat it, I just need to keep searching for a solution. Thanks for the help man..

Excuse me while I side-track a moment - Michael, very interesting post! IRC was the internet before there was the WWW, wasn't it? I remember there was internet and chats and bulletin boards before the WWW and the internet as we know it today. I wasn't very involved in it at the time -but I remember a little. I didn't know that IRC still existed though - so I enjoyed your post very much.

OK - sorry.

Hililuud - You have something - no doubt - but it is not Conficker. Conficker doesn't terminate things. And - you wouldn't be able to access microsoft.com or norton.com or any other security-related site. As I understand, the worm blocks access to these sites. I'm not an IT and no expert on removing various trogans or worms. Michael will be more help to you. But if you can't install the Malwarebyte's Anti-Malware that Vince sent you (I've never had this trouble. I've installed that software to computers that have been infected with trojans and successfully cleaned them.) then the only option left may be to reformat your drive and reinstall everything. Look for other solutions first of course - personally, I hate wiping a drive and rebuilding it!

Use a flash drive to download the file from your yahoo email on another computer (think library, internet cafe, even kinkos, etc...); then transfer it to your computer via USB port. That should do the trick.

HTH

Hey Hililuud,

either do this:
Or create a disk on another computer, then put the disk in the infected PC and run it while rebooting. The disk should automatically start and open the program before the booting process completes.

This way you don't have to do what I did to get rid of the darn thing - that's if it was the same. I wiped out my drive and reinstalled.

Btw if you guys think you can fool this trojan by renaming virus scanning software exe files to something else, and expect them to open, think again. I tried that one too. I was able to email a zip file by naming it as a virus, and it went thru my email client just fine, but when I opened it to run the app, the trojan quickly shut it down. Plus the file was automatically deleted from my system.


Mary

Just as a further warning, if you decide to go the route of using an external hard drive then make sure that it is free of any sensitive files or preferably any at all as depending on the nature of the virus it may spread. I once had a virus that wiped out all my back up installers as well, not a happy day.

Damn that sounds nasty! I've not had issues like that. I use Zone Alarm Pro + Node 32 and a few other apps, all paid and up-to-date.

Nothing guaranteed in any case. Good luck to you and please let us know how you vanquished the beasts.

My comp won't even play the disk! This is saddddddddddddddddddddd..........................b ut still I think you guys for trying.

I heard alot of bad news about this today. I think bitdefender, Kaspersky, and a few others are on high alert for this.

I believe BitDefender has a free cleanup tool.

I'm only using my mac for safety today.

Damn nasty bugs! I just got rid of winpc defender and while I could get to microsoft, it wouldn't allow me to run malwarebytes or AVG. Avast didn't pick up this malicious file

gaopdxserv.sys.

but root repeal did. It's a very simple program and this file usually shows up in the hidden or stealth scan. Just right click on the file and wipe it and then immediately run malwaware bytes quick scan to clean up the registry. Then run a full scan and another scan with AVG and another with superantispyware. One program does not get it all.
Also, it's a good idea to boot up in safe mode.

My husband is an IT guy and we keep these programs on a jump drive because most of the time you're unable to access antispyware programs from C drive. Hopefully, you'll be able to access rootrepeal and gain enough leverage to wipe the rest of it and then go to microsoft and download the removal tool.

Good luck!

+1 on HijackThis. Trend Micro bought it from the original developer, but it's still free. Be careful with it. You can toast stuff in your registry that you actually need if you don't know what you're doing.

You do realize that the hole the Conficker worm uses was patched by Microsoft back in October of 2008, right? If you ran Windows Update since then, you wouldn't have even been bothered with it. This whole Conficker nonsense in the media was a bunch of hype over literally nothing. It's no more of a media event than any other virus. Some moron reporter got ahold of it, and of course, the rest of the idiot mainstream media lemmings got it off the wire and turned it into some sort of flash mob over nothing.

Malwarebytes is unbeatable, especially for such a lesser known software.

Jim

System restore is on by default if you have Windows XP, see if you can load last weeks or a few day ago restore point.

1.Click Start.
2.Point to All Programs.
3.Point to Accessories.
4.Point to System Tools.
5.Click System Restore.