Welcome to Smokey's Security Forums.
Guests have only limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Internet hit by wave of ransom malware.

Criminals re-used an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks, a security company has reported.

Internet hit by wave of ransom malware

OTL Log Analysis and Malware Removal - Qualified PC Disinfection & Cleaning - Microsoft Security Info & Alert Center - Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on Del.icio.usShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on TwitterAuthorTopic: Conflicker Eye Chart - Infection Test  (Read 2149 times)

0 Members and 1 Guest are viewing this topic.

PeachesTopic starter

  • VIP Member
  • *****
  • Offline Offline
  • location: Beautiful B.C. Canada
  • Posts: 1103
    • WWW
Re: Conflicker Eye Chart - Infection Test
« Reply #2 on: April 05, 2009, 04:52:16 AM »
3 April 2009, 17:38
The H Security Conficker information site

On this page you will find all of the important information about the Conficker worm, including how to detect it and to guard against it. Note that some manufacturers call Conficker either Kido or Downadup.

Test pages

There are several test sites that can help you check for Conficker infection. These links open a page that performs the test and shows the result.

Conficker test from The H and heise Security
Conficker test from the University of Bonn
Info pages and removal tools from AV vendors

Many anti-virus manufacturers are offering specific tools for detecting and removing Conficker. These applications do not require installation of a complete AV package. The easiest way to proceed is to download the tool on an uninfected computer, copy it onto a USB drive and then run it on the infected system. NOTE - all of these links start a file download process.

Sophos - ssconftool_10_sfx.exe
Symantec - FixDwndp.exe
F-Secure - f-downadup.zip
McAfee - Stinger_Coficker.exe
Trend Micro - SysClean-WORM_DOWNAD.zip
Kaspersky - KKiller_v3.4.3.zip
BitDefender - bd_rem_tool.zip
Eset (NOD32) - EConfickerRemover.exe
Network Scanner

Various companies offer scanners that can detect Conficker over a network. They are based on techniques developed by security researchers Felix Leder and Tillmann Werner. These techniques do require access to TCP port 445 to reach the target systems, so they will normally only work within local networks since this port should be blocked from the internet side of any firewalls.

Nmap version 4.85Beta5
To do a basic conficker scan with Nmap, run:
nmap -sC -PN -d -p445 --script=smb-check-vulns \
--script-args=safe=1 ip-address-to-scan
Nessus plugin 36036
Confickertest from McAfee
ConfickerScanner by eEye

Heise security for more info.  http://www.h-online.com/security/The-H-Security-Conficker-information-site--/features/113002

PeachesTopic starter

  • VIP Member
  • *****
  • Offline Offline
  • location: Beautiful B.C. Canada
  • Posts: 1103
    • WWW
Conflicker Eye Chart - Infection Test
« Reply #1 on: April 03, 2009, 12:21:59 AM »
Conflicker Eye Chart
Infection Test
Thanks to Joe Stewart from SecureWorks for his awesome work.

Go to site to determine if you are infected with Conflicker

http://www.conflickerworkinggroup.org/in ... chart.html


http://www.conflickerworkinggroup.org/wiki/

Note: site may get real busy..so check back later if you can not access the test.
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
 BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content Copyright © 2006 - 2010 Smokey Services™ -- All rights reserved

Surf Smokey's with confidence: all external links in posts are checked and rated by WOT - Web of Trust
Security Knowledge-, Alert- & News Center and Comprehensive Microsoft Windows Information & Download Center
Board- and databases search functions and the download of post attachments are only available to registered board members

    


==>Think your PC is infected? Click here for OTL Log Analysis and Malware Removal Assistance<==


Smokey's Security Forums provide full qualified OTL Log Analysis & Cleaning Services
OTL (formerly OTListIt2) by OldTimer is a sophisticated, comprehensive log analysis tool to clean PCs with malicious content

Microsoft Security Info & Alert Center - most recent, real-time released Microsoft Security Bulletins, Alerts, Advisories and Vulnerabilities:
<div style="background-color: none transparent;"><a href="http://www.rsspump.com/?web_widget/rss_widget" title="rss widget">Rss widget</a></div>