DownAdUp - Conficker Detection Software

Message boards : Number crunching : DownAdUp - Conficker Detection Software
Message board moderation

To post messages, you must log in.

1 · 2 · 3 · Next

AuthorMessage
Profile KW2E
Avatar

Send message
Joined: 18 May 99
Posts: 346
Credit: 104,396,190
RAC: 34
United States
Message 880907 - Posted: 31 Mar 2009, 4:25:20 UTC

In the event you missed all the hub-bub, you can get a free scanner/removal app from Symantec HERE.

Better safe than sorry. I know my farm isn't part of the 2 million or so they predicted.

Rob
ID: 880907 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 880908 - Posted: 31 Mar 2009, 4:31:37 UTC - in response to Message 880907.  

In the event you missed all the hub-bub, you can get a free scanner/removal app from Symantec HERE.

Better safe than sorry. I know my farm isn't part of the 2 million or so they predicted.

Rob

And as far as I know Mine isn't either as I get updates every day or at least when AVG has them available, I use AVG 8.5 of course(Free Version).

How goes the New cpus Rob?
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 880908 · Report as offensive
Profile KW2E
Avatar

Send message
Joined: 18 May 99
Posts: 346
Credit: 104,396,190
RAC: 34
United States
Message 880909 - Posted: 31 Mar 2009, 4:38:38 UTC - in response to Message 880908.  

I got diverted to scanning machines and updating to 6.6.20. The 6600 is going to have to wait till tomorrow. :{

It's not like there's a lot of work out there to be had right now anyway.

Rob
ID: 880909 · Report as offensive
Profile arkayn
Volunteer tester
Avatar

Send message
Joined: 14 May 99
Posts: 4438
Credit: 55,006,323
RAC: 0
United States
Message 880911 - Posted: 31 Mar 2009, 4:39:24 UTC

I know my 2 PC's are not part, since they were both just formatted and had fresh copies of the OS installed on them 2 days ago.

The iMac, not a chance.

The laptop is running Ubuntu.

ID: 880911 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 3027
Credit: 13,516,867
RAC: 13
United States
Message 880924 - Posted: 31 Mar 2009, 6:11:31 UTC

Yeah, a colleague and I were just discussing this conflicker thing over skype earlier and we have decided that at least through some of the research we've done, it's one of the first good attempts at creating Skynet.

We're just joking of course, but it seems like there shouldn't be much of a problem if the general public has their automatic updates turned on and/or updated anti-virus software.

Couldn't help but notice the supposed mass-connection on April 1st though. Seems like a well-founded April Fool's joke.
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 880924 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 880932 - Posted: 31 Mar 2009, 6:47:15 UTC - in response to Message 880924.  

Yeah, a colleague and I were just discussing this conficker thing over skype earlier and we have decided that at least through some of the research we've done, it's one of the first good attempts at creating Skynet.

We're just joking of course, but it seems like there shouldn't be much of a problem if the general public has their automatic updates turned on and/or updated anti-virus software.

Couldn't help but notice the supposed mass-connection on April 1st though. Seems like a well-founded April Fool's joke.

We'll find out I suppose how many if any get pwned by this worm on the 1st, I should update My video driver to 182.08 from 182.06, But beyond that I'm up to date, April 1st here I come and I don't care If the 1st is ready for Me or not.
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 880932 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 3027
Credit: 13,516,867
RAC: 13
United States
Message 880939 - Posted: 31 Mar 2009, 7:29:51 UTC - in response to Message 880932.  

Yeah, a colleague and I were just discussing this conficker thing over skype earlier and we have decided that at least through some of the research we've done, it's one of the first good attempts at creating Skynet.

We're just joking of course, but it seems like there shouldn't be much of a problem if the general public has their automatic updates turned on and/or updated anti-virus software.

Couldn't help but notice the supposed mass-connection on April 1st though. Seems like a well-founded April Fool's joke.

We'll find out I suppose how many if any get pwned by this worm on the 1st, I should update My video driver to 182.08 from 182.06, But beyond that I'm up to date, April 1st here I come and I don't care If the 1st is ready for Me or not.

Yeah, just in case, be ready to pull the plug on short notice. I'm almost tempted to pull the patch cable between the modem and the router just before midnight..
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 880939 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 880991 - Posted: 31 Mar 2009, 13:38:42 UTC

Here's a story I found, Hopefully I'm not duplicating someone elses posting on this: Is 'Conficker' Solved? Researchers Develop Scan Tool

It's a good read too!

I give It:
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 880991 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20801
Credit: 7,508,002
RAC: 20
United Kingdom
Message 881005 - Posted: 31 Mar 2009, 14:39:16 UTC - in response to Message 880907.  
Last modified: 31 Mar 2009, 14:39:43 UTC

I wonder why just one anti-virus company is getting so much 'free' publicity?

No Conficking silliness here! No Microsoft Windows in use.

Good luck,
Martin
See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 881005 · Report as offensive
Profile KW2E
Avatar

Send message
Joined: 18 May 99
Posts: 346
Credit: 104,396,190
RAC: 34
United States
Message 881010 - Posted: 31 Mar 2009, 14:58:06 UTC - in response to Message 881005.  

There are other tools.

M$'s Malware tools is supposed to detect and remove it now and there are a few other vendors. That's simply the only one I posted.

Doesn't matter who you get your scanner from, as long as you use one. Oh, and as long as it works.

Rob
ID: 881010 · Report as offensive
Stefan Ver3
Avatar

Send message
Joined: 17 Sep 07
Posts: 40
Credit: 418,139
RAC: 0
Antarctica
Message 881028 - Posted: 31 Mar 2009, 16:10:23 UTC
Last modified: 31 Mar 2009, 16:11:08 UTC

If you have installed M$ Security Update (KB958644) released back on 10/22/2008 - all flavors of M$ OS' , you are already excluded from being affected by this worm.
The Search for Extra Terrestrial KItties!!

ID: 881028 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 881030 - Posted: 31 Mar 2009, 16:27:12 UTC - in response to Message 881028.  

If you have installed M$ Security Update (KB958644) released back on 10/22/2008 - all flavors of M$ OS, you are already excluded from being affected by this worm.

For Me and XP x64 This update was installed on 02/24/2009 according to Add or Remove Programs.
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 881030 · Report as offensive
Profile ccappel
Avatar

Send message
Joined: 27 Jan 00
Posts: 362
Credit: 1,516,412
RAC: 0
United States
Message 881033 - Posted: 31 Mar 2009, 16:33:52 UTC - in response to Message 881030.  

For Me and XP x64 This update was installed on 02/24/2009 according to Add or Remove Programs.

This poses the question: If infection occurred before the patch was installed, does that mean the computer is still infected? Or does installing the patch nullify the infection?
"Life is a tragedy for those who feel, and a comedy for those who think."

"I never get into an argument that I cannot win."
ID: 881033 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 881040 - Posted: 31 Mar 2009, 16:40:04 UTC - in response to Message 881033.  

For Me and XP x64 This update was installed on 02/24/2009 according to Add or Remove Programs.

This poses the question: If infection occurred before the patch was installed, does that mean the computer is still infected? Or does installing the patch nullify the infection?

It does from what I've read, You'd have to delouse Your PC and then maybe reinstall the patch.
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 881040 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 3027
Credit: 13,516,867
RAC: 13
United States
Message 881041 - Posted: 31 Mar 2009, 22:00:21 UTC

I still find it funny that Microsoft released a patch for it before Conficker A cropped up and made itself known. Still sounds like an inside job to me. :p
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 881041 · Report as offensive
Profile ML1
Volunteer moderator
Volunteer tester

Send message
Joined: 25 Nov 01
Posts: 20801
Credit: 7,508,002
RAC: 20
United Kingdom
Message 881042 - Posted: 31 Mar 2009, 22:02:09 UTC - in response to Message 881028.  

If you have installed M$ Security Update (KB958644) ... you are already excluded from being affected by this worm.

I'm intrinsically excluded from being directly affected by this worm. I don't run a Microsoft OS.

Unfortunately, I'll no doubt be caught up in the surrounding shrapnel and crossfire and mess.

Whether this one really is a fool's disaster or a damp squid for 1st April, the wasted time and effort and attention is still rather expensively silly, world-wide.


And then the Dinosaurs became extinct.

Good luck,
Martin

See new freedom: Mageia Linux
Take a look for yourself: Linux Format
The Future is what We all make IT (GPLv3)
ID: 881042 · Report as offensive
Profile ccappel
Avatar

Send message
Joined: 27 Jan 00
Posts: 362
Credit: 1,516,412
RAC: 0
United States
Message 881076 - Posted: 1 Apr 2009, 0:43:32 UTC

Well, it's April 1 UTC time, any reports of problems across the pond?
"Life is a tragedy for those who feel, and a comedy for those who think."

"I never get into an argument that I cannot win."
ID: 881076 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 66123
Credit: 55,293,173
RAC: 49
United States
Message 881108 - Posted: 1 Apr 2009, 2:17:30 UTC - in response to Message 881076.  

Well, it's April 1 UTC time, any reports of problems across the pond?

I'm good, But Here we're still Marching on until Midnight.
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 881108 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 3027
Credit: 13,516,867
RAC: 13
United States
Message 881185 - Posted: 1 Apr 2009, 5:04:05 UTC

I was watching TV and lost track of time. Next thing I know, it's a few minutes to 1am, and the computers have not revolted. Checked wireshark (formerly ethereal) and nothing strange in there. Also checked the router connection logging (a handy feature only in the Linksys BEFR* non-wireless routers) and there's nothing on either side of midnight within about 10 minutes, and the connections before and after midnight are for routine things (outlook refreshing mailboxes, multiple BOINC clients phoning home, linux server getting its NTP update). Everything is clear here.

That colleague I mentioned earlier on came up with a genius plan, but we didn't end up doing it. We were going to install XP Pro (the base release that doesn't have ANY updates at all) on a spare box and put it in the DMZ, just to see what happens. Only problem was that I mentioned we would need to find and infect these testbeds for it to do anything. We searched for hours and could not find anything or anywhere to grab this thing so we could play with it.

Such a disappointment. Though I saw this comic the other day and got a good laugh out of it.. http://xkcd.com/350/
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 881185 · Report as offensive
Profile champ
Volunteer tester
Avatar

Send message
Joined: 12 Mar 03
Posts: 3642
Credit: 1,489,147
RAC: 0
Germany
Message 881210 - Posted: 1 Apr 2009, 6:35:42 UTC - in response to Message 881076.  

Well, it's April 1 UTC time, any reports of problems across the pond?



All my crunchers are clean. No problems here. If someone had the Conflicker, it would be great so see a screenshot.
ID: 881210 · Report as offensive
1 · 2 · 3 · Next

Message boards : Number crunching : DownAdUp - Conficker Detection Software


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.