Conficler alert - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Conficler alert

1PW wrote:
Quoted text here. Click to load it

I have a legal copy of XP Home/sp2
and without IE the patch won't apply.
...but a lot of stuff won't apply either.

Re: Conficler alert

Quoted text here. Click to load it

It's like a game sometimes - where you find how many different ways you
can spell one name.

...I got one - cornflicker - no wait! confickler.



Re: Conficler alert

On Tue, 31 Mar 2009 20:31:58 -0400 FromTheRafters wrote:

Quoted text here. Click to load it
I made a typo.  So, sure me already. ;-)
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Conficler alert

On Tue, 31 Mar 2009 22:59:26 -0500 Ernie B. wrote:

Quoted text here. Click to load it
Grrr...  Another typo.  SUE me already.
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Conficler alert

Ernie B. wrote:
Quoted text here. Click to load it


Expect a summons to be delivered by next Tuesday

Re: Conficler alert


Quoted text here. Click to load it

Actually I was referring to McAfee's use of coficker in their stinger
filename.

..your twist was good too though. :o)



Re: Conficler alert

FromTheRafters wrote:
Quoted text here. Click to load it

Erm, "ficker" is the German version of a well known Anglo-Saxon word.
Appropriate.

wolf k.

Re: Conficler alert

On Tue, 31 Mar 2009 20:31:58 -0400 FromTheRafters wrote:

Quoted text here. Click to load it
I made a typo.  So, sue me already. ;-)
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Conficler alert

On Tue, 31 Mar 2009 18:21:25 -0500, Ernie B. wrote:

Quoted text here. Click to load it

And yet, I still have people tell me Windows is so much easier than Linux.

Good luck, I hope whatever the update does to the worm is nothing
malicious.

Re: Conficler alert

On 03/31/2009 04:21 PM, Ernie B. sent:
Quoted text here. Click to load it
Hello:

Full credit goes to Autumn in the a.p.s newsgroup for passing on a more
comprehensive list of anticonficker utilities:

<http://www.confickerworkinggroup.org/wiki/pmwiki.php?n=ANY.RepairTools

Thank you Autumn!

Pete
--
1PW  @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]

Re: Conficler alert

Ernie B. wrote:
Quoted text here. Click to load it

I got a frantic call from my neighbor who told me about the alert and
about *the fix* which was to press F1, get to a command prompt, type in
MRT and press enter.
I was already running the Sophos "On Demand" scanner but tried the MRT
this am to see what it did and it brings up the Windows Malicious
Software Removal Tool which does include Win32/Conficker protection and
should be available from auto updates.

Re: Conficler alert

On Wed, 01 Apr 2009 09:40:59 -0700 ~Mickey wrote:

Quoted text here. Click to load it
Thanks for that.  I've seen it in the MS updates and know it's supposed to run
on downloading but I didn't know how to call it up on demand.
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Conficler alert

Quoted text here. Click to load it

If it runs, you don't have an active infestation. If it doesn't - you
very well may have one.

<excerpt>
The following 23 processes are immediated terminated by C's process
monitoring thread whenever they are discovered running on the victim
host:

  1.. autoruns    - malware removal tool

  2.. avenger     - antivirus / firewall

  3.. confick     - cleanup utilities

  4.. downad      - cleanup utilities
  5.. filemon     - security utility)

  6.. gmer        - rootkit detector and remover (gmer.net)

  7.. hotfix      - security patch or removal tools

  8.. kb890       - Microsoft patch

  9.. kb958       - Microsoft patch

  10.. kido        - security patch or removal tools
  11.. klwk        - Karspersky malware removal tool

  12.. mbsa.       - Microsoft Baseline Security Analyser

  13.. mrt         - Microsoft malware removal tool

  14.. mrtstub     - Microsoft malware removal tool
  15.. ms08-06     - Microsoft patch

  16.. procexp     - process explorer

  17.. procmon     - process monitor

  18.. regmon      - registry monitor

  19.. scct_       - unknown

  20.. sysclean    - Trend Micro malware removal tool

  21.. tcpview     - network packet analysis tool

  22.. unlocker    - file unlocking utility

  23.. wireshark   - network packet analysis tool

</excerpt>

From http://mtc.sri.com/Conficker/addendumC/index.html



Site Timeline