This content has been marked as final. Show 4 replies
ISC is reporting this resource is now offline ... Not sure if it's related to new variant?
Conficker Working Group site down
Conficker Instant Test for infections (offline currently)
McAfee information as AVERT labs has also documented this new threat:
DAT release 5579 or higher provides protection.
McAfee - Conficker Resource Center
McAfee Stinger - Can now clean latest variant
DAT 5579 just become available happy ... I'm downloading SuperDAT version now.
UPDATE -- New DAT is working well at work and home
More details have surfaced from F-Secure's blog ...
Conficker.E - Additional information on new Variant
QUOTE: A new variant of Conficker was found yesterday. We're still investigating the files but here's what we know so far.
• On April 8th a new update was made available to Conficker.C infected machines via the P2P network
• The new file, which we call Conficker.E, is executed and co-exists alongside the old infection
• Itre-introduces spreading via the MS08-067 vulnerability. Spreading functionality was removed in Conficker.C and the gang behind this maybe realized they made a mistake and added it again.
• There's a possible connection to Waledac, a spambot. Some Conficker.C infected computers connected to a well known Waledac domain and downloaded Waledac from there.
• There's also a connection to rogue anti-virus products as we've seen it end up on Conficker.C infected machines. The rogue product wasSpyware Guard 2008.
• Conficker.E deletes itself if the date is May 3, 2009 or later.
More cleaning tools and resources in links below :
CWG Home Page
CWG Recommended Repair Tools
ISC Comprehensive list of repair tools