Are you a Conficker Zombie?

Status
Not open for further replies.
D

DelJo63

Conflicker [A] has hit millions of systems.

Now there's Conflicker B++ too :(

The big picture Taxonomy of Conflicker is
cnfic_fr.jpg


Another common infection Taxonomy is
Virux_%20trend.jpg


(see the original article here)

The Computerworld article is here

CAUTION: Don't be overly concerned over the comment on HOST file at the bottom of that article;
MVSP.org and Spybot S&D modify the HOST file to intentionally inhibit access to known bad sites.
Such 'lockouts' are easily see on any line containing 127.0.0.1
 
Conflicker/downadup Cleanup and removal

Instructions: http://www.bleepingcomputer.com/malware-removal/remove-downadup-conficker

Bit defender Removal tool http://www.bitdefender.com/site/Downloads/downloadFile/1583/FreeRemovalTool

Microsoft patch (to prevent if not already infected or use after clean) http://www.microsoft.com/downloads/results.aspx?pocId=&freetext=ms08-067&DisplayLang=en

Mike

EDIT: New for Conflicker!

Just yesterday Mcafee introduced a special Stinger dedicated to Conflicker

Get it here http://www.majorgeeks.com/McAfee_AVE...er__d6157.html

I will edit my other post and add it there.

This is a bad one so.....

I advise anyone who supects this malware to shoot it with all 3 programs followed by MBAM , SAS and ComboFix.

And tet another from Sophos: http://www.majorgeeks.com/Sophos_Conficker_Clean-up_Tool_d6158.html
 
Hi everyone been away and busy for last few days but thought I would take time post this!

New for Conflicker!

Just yesterday Mcafee introduced a special Stinger dedicated to Conflicker

Get it here http://www.majorgeeks.com/McAfee_AVERT_Stinger_Conficker__d6157.html

I will edit my other post and add it there.

This is a bad one so.....

I advise anyone who supects this malware to shoot it with all 3 programs followed by MBAM , SAS and ComboFix.

Mike

EDIT: Another just today http://www.majorgeeks.com/Sophos_Conficker_Clean-up_Tool_d6158.html
 
How bad is this really? I've been hearing about it on the news since Sunday's 60 Minutes (on cbs). Prior to that I hadn't really heard about it.

It kind of sparks my intrest because as some of you know, I don't run any AV on my machines. I'm pretty self confident that I'm in the clear, but something 'big' like this would be the kind of thing to shake my confidence if I was comprimised.

Is this a type of thing where we don't know what it does until April 1? That is my impression at this point. And I think rather than dling and running a bunch of software I don't want on my machines I'm just going to risk it and see what happens in 5.25 hours.

Disclaimer:
Do not follow my example if you are concerned for your data, I'm assuming entire responsibility only for what happens to my computers.
 
How bad is this really? I've been hearing about it on the news since Sunday's 60 Minutes (on cbs). Prior to that I hadn't really heard about it.

It kind of sparks my intrest because as some of you know, I don't run any AV on my machines. I'm pretty self confident that I'm in the clear, but something 'big' like this would be the kind of thing to shake my confidence if I was comprimised.

Is this a type of thing where we don't know what it does until April 1? That is my impression at this point. And I think rather than dling and running a bunch of software I don't want on my machines I'm just going to risk it and see what happens in 5.25 hours.

Disclaimer:
Do not follow my example if you are concerned for your data, I'm assuming entire responsibility only for what happens to my computers.

I saw 60 minutes as well. And agree. I've run my usual backups but otherwise, I'm still waiting for Y2K to hit!
 
...It kind of sparks my intrest because as some of you know, I don't run any AV on my machines. I'm pretty self confident that I'm in the clear, but something 'big' like this would be the kind of thing to shake my confidence if I was comprimised.
and I'm big on on proactive defense and down on the reactive A/V approach.
Good router and firewall controls trump A/V everytime (imo).

If I can keep healthy, then the prescription/rx with the doctors bill can be avoided altogether :)

Oh sure I have one -- once in a while I even scan with it.

But using good software{Thunderbird, Firefox}, Spywareblaster(controlling ActiveX), Spybot S&D(controlling startups), trimming Services, and a firewall that controls in/out bound access will cover the bases 99% of the time.
 
But using good software{Thunderbird, Firefox}, Spywareblaster(controlling ActiveX), Spybot S&D(controlling startups), trimming Services, and a firewall that controls in/out bound access will cover the bases 99% of the time.

It seems to be fashionable nowadays, to award all the credit (or blame), to just the AV software, but it can't be stated how much help it's receiving from FF (with "NoScript") and Spybot, not only it's resident "Tea timer", with it also controlling the hosts file. I'm not certain, but it seems like it's got something akin to "Combo Fix", built in.
 
forgot to mention -- A/V is THE proactive protection for email -- just got to scan them for scruff :)
 
Avira is the Closest to proactive as A/V gets, and that's to know threats. What we really need is for operating systems to be built in such a way as to prevent the execution of malicious codes. An environment that would be able to decipher the codes compiled in a program to determine if it is malicious or not, simply based on what task the program was designed to carry out. This can be liken to telepathy.

Imagine being the security Guard at a Bank. The chance of robbers getting by you is high, because you can't stop and interrogate each individual. Now think of the probability of any robbers getting by you if you were able to stop,and interrogate each individual to get an idea of what their intentions are. The probability of the Bank getting robbed would be close to zero.
 
Status
Not open for further replies.
Back