0

Is it okay to apply patch even if the Conficker Virus was not remove?
I tried scanning using MSRT v3.9 but nothing was found yet still have the problem on visiting a websites.

When view my "Network Connection" there is a new connection "Internet Connection" appeared. I tried disabling it but i can't.

Thanks.

7
Contributors
16
Replies
17
Views
7 Years
Discussion Span
Last Post by Agapelove68
0

why don't you go into task manager and try to turn it off that way and then download and install malwarebytes and run it to see if it find anything

0

What type of internet connection are you using?
I've fixed similar problems with Mobile Internet devices!

0

This Microsoft blog appears to imply that the update can be installed before removal ....

The first step would be to install the update on all your computers and replace passwords of network shares with stronger ones. Then use the MSRT to remove the worm from infected computers. Infected computers may not be able to access Windows Update and therefore the administrator may need first to download the tool using a clean computer, and then distribute it to the other machines, for example by copying it to a share, write-protecting the share, then running the tool from there.

http://blogs.technet.com/b/mmpc/archive/2009/01/13/msrt-released-today-addressing-conficker-and-banload.aspx

Edited by Lynnw: n/a

0

Thanks for the reply.
But i tried various Conficker Virus removal tools, malwarebytes, various Anti-virus.
But it wont detect any infection and i still have the symptoms of having infected with Conficker since i cant view some of the websites.

0

Is it okay to apply patch even if the Conficker Virus was not remove?
I tried scanning using MSRT v3.9 but nothing was found yet still have the problem on visiting a websites.

When view my "Network Connection" there is a new connection "Internet Connection" appeared. I tried disabling it but i can't.

Thanks.

If you've tried all the removers and scanners with no results, it may be less a virus and more a system configuration issue. When removing anything malicious from a system, there's a good possibility it will leave problems behind due to altering aspects of the system setup.

Google "Dial-a-Fix" and download it. Then get "WinsockXPFix". Dial-a-fix comes zipped and contains both the program executable and secedit.exe in a folder called Dial-a-fix. WinsockXPfix should be a single, stand-alone executable with a big red cross icon. Neither requires installation, so if you manage to get one that tries, DELETE.

Start Dial-a-fix. Before running the main selections, go to the additional functions window (button at bottom, center, has a hammer on it) and run "Repair Permissions". If using XP Home, you may need to copy the secedit.exe in the Dial-a-fix folder to your Windows\System32 folder. Running this should take a minute or two, but can be much longer, depending in your system.

When that's finished, scroll down and run SFC purge. If you're running a pre-fab system and it has a recovery partition, or if you have an i386 folder either on your root drive or in your Windows folder, the SFC scan you'll be running next should work fine. If not, you'll need your XP CD in the drive. Once you've confirmed your i386 source, run the SFC scan.

If you get errors right near the start of the SFC scan, the registry is pointing to the wrong source. Google "SFC scannow" for directions on fixing this. If, however, you get errors towards the end (and it's asking for "disc 2"), it's probably looking for ehome-related stuff and you can ignore those. This can be confirmed in the Event Viewer under Applications.

Once the SFC scan is done, close the additional tools window, check all the boxes on the main program page (I usually exclude option 2, however...I keep my system clock current), and run it. Be aware that the second-to-last option will attempt to re-register IE files, but since Dial-a-Fix hasn't been updated in some time, it won't recognize IE8 files and will give a warning. One for each file. Click OK on each and let it finish. Not much you can do about this.

Now run WinsockXPfix. It will prompt for a reboot. Do it.

When the system returns, check your Internet Connection settings under Control Panel. Look under the Connections tab. Open the Proxy settings window and make sure only the first box is checked. (assuming you don't use a proxy) I've seen several instances where the proxy had actually been configured to 127.0.0.1 with a port specified. This will cause problems and is usually done by the initial infection. If you have a specific proxy you use, then make sure it's correct.

These steps will solve 90% of the connectivity issues left behind by malware, from my experience. If not, the problem may well be more serious and I'd consider a full system wipe and reinstall. Of course, I'm assuming you already backed up all your data!

As for the "Internet Connection" icon appearing in your network devices folder, I've seen it before, but never really understood the reason it pops up, as I've seen it on random systems, both "enabled" and "disabled", or simply not there at all. In each case, it appeared to have little or no impact on the system's Internet connectivity. I'd call this one a red herring.

I hope this helps!

0

have you been highjacked

you might get highjack this I think that is what it is called

or try a restore point to a prevease point see if that help

0

Sawyer: the problem with that is hijacking usually redirects you to another site. That's not what's happening here.

Also, my experience is that if you have an infection, a restore point usually won't help. Chances are either it'll fail or, if the AV already handled the main I fection, it'll re-infect the system. Most malware I deal with isn't something they JUST picked up, it's something that's been there a while, thus it may affect many restore points.

0

Darvus your right I got to far a head of my self but it work on another machine before just thought i would put it up though

has you problem been fixed yet DoEds

0

Darvus your right I got to far a head of my self but it work on another machine before just thought i would put it up though

has you problem been fixed yet DoEds

0

RE: MS10-046 Patch

I have done a great deal of research on this. Depending on your operating system, the year, and other aspects of your operating system. There were two different Bulletins on this subject. I wanted to expand & collapse the options more, but as I stated in the above comment, All is dependent upon this information. I understand that you don't want to leave yourself vulnerable, by giving this information away. When I do have more time, I can go over this in more detail. For now, I can guide you to this web-sight. They have already done the research and work-arounds available that you can do. (This I can't take credit for.) The first publishing was in August 2, 2010 and it was updated August 24. That is where you need to look, because this goes into further discussion on what you can do, and yes "AS IS", or "AT YOUR OWN RISK." There is another patch for this and is not the same one which was published in the previous bulletin. Try this for now: http:www.microsoft.com/technet/security/bulletin/MS10-046.mspx Make sure its the updated August 24, 2010. It will show both dates, but the updated version: 1.2. They give recommendations and step by step guides under the sections Detection and Deployment Tools and Guidance. then your Operating System, year, 32 bit, etc. Then Bulletins Replaced by this Update. *Server Cor installation affected for other OS's, acknowledgments, (MAPP), support, Disclaimer (as is), Reversions (V1.0 for Aug 2nd), (V1.1 Aug 3rd, with FAQ's), and (V1.2 August 24, 2010.) The last one is the added update with FAQ to announce a detection change) You have to see it to understand what I am talking about. I believe the detection change is where you need to look. As I've said, I have done research on this, but Microsoft is the one whom updated this information that I am just guiding you to.
Hope this helps for a start. :)

0

I see DoEds hasn't responded, yet - I had a similar problem this past week (i.e. cleaned all malware, etc. and seemed to be able to go to any web site other than a security related site.) I eventually solved the problem by uninstalling Internet Explorer; then, installing Ie7 from Disk Media and running Microsoft updates through Ie8, from there. That solved my problem.

0

Re: [Question] Ms06-040 patch:

Yes, Lynnw. When you're trouble-shooting something this complicated, as you know there are many variables. Depending on those variables, such as what I stated in the above thread, is what default browser do they use.? You can use many, but only have one as your default. This can also impact what information is given and I can only give guidelines, due to all these instances. That is why I couldn't fully answer his question until he looked at that updated information. It's a very detailed account & is complex. "The workaround" Again it depends on a numerous amount of factors which can have variables. Not only that hun, I don't want to talk down to anyone in my explanations, yet it makes it difficult not knowing their computer experience or knowledge. But I try to put myself in their place. I would want a detailed account, step by step, that way, I know that maybe someone else might benefit from what I've typed. I can also learn from those whom offer there answers in a detailed account. Most of us always think it has to be complicated, not always the case. Some of the time it's a simplistic solution to the problem, that we overlooked before. I am happy for you that you were able to isolate your problem and I hope that it will be free sailing for you.
I think you'll like it here. I want to take the time to thank you, and everyone else at Dani-Web whom have implemented some abilities to make it more simplistic. I am finally starting to see what I was missing in the beginning. It wasn't there before. (*) 5 stars in my book for revamping Dani-Web. To you, and all other whom have helped. I'm not so :S confused anymore. Welcome and Thank you for your response. Just give him some time. DoEds is probably still trouble-shooting all of this, and he will have his problem solved soon. Sometimes it just takes longer. But I hope his is simple. Welcome again. E.G.

0

Re: [Question] Ms06-040 patch:

Yes, Lynnw. When you're trouble-shooting something this complicated, as you know there are many variables. Depending on those variables, such as what I stated in the above thread, is what default browser do they use.? You can use many, but only have one as your default. This can also impact what information is given and I can only give guidelines, due to all these instances. That is why I couldn't fully answer his question until he looked at that updated information. It's a very detailed account & is complex. "The workaround" Again it depends on a numerous amount of factors which can have variables. Not only that hun, I don't want to talk down to anyone in my explanations, yet it makes it difficult not knowing their computer experience or knowledge. But I try to put myself in their place. I would want a detailed account, step by step, that way, I know that maybe someone else might benefit from what I've typed. I can also learn from those whom offer there answers in a detailed account. Most of us always think it has to be complicated, not always the case. Some of the time it's a simplistic solution to the problem, that we overlooked before. I am happy for you that you were able to isolate your problem and I hope that it will be free sailing for you.
I think you'll like it here. I want to take the time to thank you, and everyone else at Dani-Web whom have implemented some abilities to make it more simplistic. I am finally starting to see what I was missing in the beginning. It wasn't there before. (*) 5 stars in my book for revamping Dani-Web. To you, and all other whom have helped. I'm not so :S confused anymore. Welcome and Thank you for your response. Just give him some time. DoEds is probably still trouble-shooting all of this, and he will have his problem solved soon. Sometimes it just takes longer. But I hope his is simple. Welcome again. E.G.

0

Here, I thought everything was going great and fine & guess what. I submitted, pushed it once, nothing happened, nothing posted. :S I waited, nothing. Then I pushed a second time, it double-posted the same post. Why? It seemed like it was backed up or something. I don't know anyways. I was just complimenting you at Dani-Web. Hopefully, it will correct itself. EG :)

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.