Wireshark-users: Re: [Wireshark-users] Conflicker GenB! Killed Wireshark
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: "Robert Ayers" <raa_adelphia1@xxxxxxxxxxx>
Date: Thu, 2 Apr 2009 21:58:35 -0400

Can you boot into safe mode, then rename the executable. Conficker.c does effect wireshark in that it opens then shuts down the program. It also effects

other pieces of troubleshooting software. The reboot in safe boot mode should fix your wireshark issue. I would then run a major vendor, i.e.,  any of the av

vendors conficker removal tools to clean the infection. Let me know how things go as I can probably help you further offline privately.

 

Robert

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Deneen Wardell
Sent: Thursday, April 02, 2009 8:47 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Conflicker GenB! Killed Wireshark

 

Hi Robert,

Thanks for your input... I have a VPN connection to the site and changed the executable...  wireshark.exe to TestWS.exe and tried it... Same results... Still will not load.

Deneen

 

----- Original Message -----

From: Robert Ayers

Sent: Thursday, April 02, 2009 7:33 PM

Subject: Re: [Wireshark-users] Conflicker GenB! Killed Wireshark

 

Rename the wireshark executable. Then you can run the program.

 

Robert

 

 

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Deneen Wardell
Sent: Thursday, April 02, 2009 7:18 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] Conflicker GenB! Killed Wireshark

 

I have a client that did not keep up with the updates on a Windows 2000 server and was infected a couple of weeks ago with the Conficker GenB! virus.  The server had WireShark Installed on it and it appears that the virus killed it.  When they told me it had problems I tried to run WireShark it would just come up with a the splash screen showing "Initializing dissectors..." and it would do nothing else.  I cannot do anything with it.  If I try to right click on the button in the status line and close it, it will simply tells me that the program is not responding.  The only way to clear it is to reboot the machine.  I tried uninstalling the older version and installing the newest release, but it reacts the same way. 

 

I didn't get the possible connection between the virus and the failure until I saw the news release that said Conficker was attacking WireShark.

Anyone have any ideas?

Thanks

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe