Sponsor for PC Pals Forum

Author Topic: Conficker C is scary as hell  (Read 5146 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Conficker C is scary as hell
« on: March 22, 2009, 14:28 »
http://mtc.sri.com/Conficker/addendumC/index.html

conficker C represents a best-of-breed specimen of malware, with its swiss-army-knife-from-hell approach to digging in, staying hidden, and making your life generally miserable. Telltale symptoms: you can't view such web sites as Microsoft.com, symantec.com, avast.com, or any other computer security-related sites the worm authors have thought to include in the blacklist; you can't run any of the superb Sysinternals utilities, or many other utilities, because they get killed within a second of starting them up; your antiviral software is impotent. But none of that is the point of the worm.

more about conficker C

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #1 on: March 22, 2009, 14:33 »
:nerves:
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline davy51

  • Loyal Member
  • *****
  • Posts: 1690
Re: Conficker C is scary as hell
« Reply #2 on: March 22, 2009, 14:50 »
getting rid of this one will be a hard job it you get it on your computer
Dave

Don't walk behind me, I may not lead. Don't walk in front of me, I may not follow. Just walk beside me and be my friend

Albert Camus

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Conficker C is scary as hell
« Reply #3 on: March 22, 2009, 14:53 »
And yet they rate it 'medium'.  :dunno:
Slainthe!

Rik

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Conficker C is scary as hell
« Reply #4 on: March 22, 2009, 16:37 »
Last week F-Secure alerted me to the fact I had acquired the virus trojandownloader.win32.agent.blcq .  Spybot also showed a number of possibly related trojans which were easily removed.  However, the virus had disabled system restore and F-Secure updates.  It also prevented me from running F-Secure in Safe Mode and it took several further scans to remove it.  I've carried out a number of scans since and it seems to have disappeared. 

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #5 on: March 22, 2009, 17:55 »
No security is 100% foolproof, but it's a shame F-Secure didn't block the virus before infection, Clive.  Unless, of course, it was there as a 'timebomb', before you installed F-Secure.  :dunno:
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Conficker C is scary as hell
« Reply #6 on: March 22, 2009, 18:35 »
It turned up several weeks after I installed F-Secure.  I don't know why it didn't block it but I know I received it via an e-mail. 

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #7 on: March 22, 2009, 18:50 »
I assume you have email scanning on?  It should be, by default.
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Conficker C is scary as hell
« Reply #8 on: March 22, 2009, 19:33 »
Yes I do and it did nothing about it.  But my e-mails are pre-scanned by Symantic and I was warned by them that the e-mail - from a trusted source - contained the virus.  I  viewed the contents on the server and deleted it instead of downloading it into Outlook Express since I thought that would be safe enough.  But at the next scheduled scan F-Secure detected the virius and offered to deal with it suggesting that the best remedy was to allow it to rename it.  A second scan showed the virus was still there and this time I told it to repair.  That failed to remove it so that it when I tried system restore, safe mode and updating etc.  However, a third (or fourth) attempt to remove it did the trick.  I'm now running a scan every couple of days just to check it hasn't resurfaced.  Spybot scans clean so I'm encouraged to believe that it really has been nuked. 

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #9 on: March 22, 2009, 20:44 »
Very strange, Clive.  I don't understand how a virus could be activated from an email when only viewed on the server, as, at that point, nothing has been downloaded to your machine.  I have been using F-Secure since 2005, and nothing has ever got past it.  In fact, the one and only time I have had an infection, was when I was still using Norton!  I can only guess you were very unlucky, and the virus slipped through before F-Secure's scheduled update downloaded the definitions to protect you from it.  At least you seem to have got rid of it, thankfully.
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Conficker C is scary as hell
« Reply #10 on: March 22, 2009, 21:14 »
Yes, all's well that ends well as the Bard said.   8-)

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker C is scary as hell
« Reply #11 on: March 22, 2009, 21:42 »
I'm not going to go for the old linux argument but gosh it does make your life easier! :-D
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #12 on: March 22, 2009, 21:58 »
In some ways, I can see that it does.  I'd actually seriously consider looking at an iMac as my next computer.
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker C is scary as hell
« Reply #13 on: March 22, 2009, 21:59 »
I'm writing from my powerbook write now... still though Mac OS X doesn't cut it compared to Ubuntu in my opinion...
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker C is scary as hell
« Reply #14 on: March 22, 2009, 22:06 »
Would you concede it to be a happy medium though, Sam?
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:


Show unread posts since last visit.
Sponsor for PC Pals Forum