PDA

View Full Version : Grr - Virus alert at new clientCo - cheers contractorUK!



Scoobos
1st May 2012, 14:22
Sawt it aaaaaaaaaaaauut...

MAL/Conflicker-A by Sophos and Mcafee.

It's only my 2nd week in :emb

Old Greg
1st May 2012, 14:44
Sawt it aaaaaaaaaaaauut...

MAL/Conflicker-A by Sophos and Mcafee.

It's only my 2nd week in :emb

It's like you've been cottaging with wim121 and didn't use protection.

cojak
1st May 2012, 15:37
It's like you've been cottaging with wim121 and didn't use protection.

Or FireFox ..

Sysman
1st May 2012, 15:49
Bah. MSNSecurity have been wittering about this one recently and trying to blame users for choosing weak passwords.

Microsoft Notes Rise of Once-Dormant Conficker Virus (http://www.proformative.com/news/1477010/microsoft-notes-rise-once-dormant-conficker-virus)


"Conficker is one of the biggest security problems we face, yet it is well within our power to defend against,” explained Microsoft Trustworthy Computing director Tim Rains. "It is critically important that organizations focus on the security fundamentals to help protect against the most common threats."

Well pull your finger out Microsoft!

administrator
1st May 2012, 15:58
Got Avast and Malwarebytes on here and no alerts. Will stick one of the ones you mention on. Anyone else getting warnings?

Paddy
1st May 2012, 16:09
Sawt it aaaaaaaaaaaauut...

MAL/Conflicker-A by Sophos and Mcafee.

It's only my 2nd week in :emb

there are some sites with similar names that have viruses (I think one is contractuk). Check the spelling

Cliphead
1st May 2012, 16:16
Nothing on any of the machines here. Avast, AntiVir, MWB

NickFitz
1st May 2012, 16:24
Got Avast and Malwarebytes on here and no alerts. Will stick one of the ones you mention on. Anyone else getting warnings?

Had a try with my sacrificial XP/IE6 within a few minutes of the OP; didn't see anything unexpected going over the wire.

Must dash, I'm going to a private viewing at a gallery in town. Free glass of warm plonk FTW! :happy

Scoobos
1st May 2012, 16:33
I should explain, this happened yesterday morning - was on this site - I checked and didnt see anything other than the usual banner ads either.

northernladuk
1st May 2012, 16:58
Have you rebooted it?

amcdonald
1st May 2012, 20:18
I should explain, this happened yesterday morning - was on this site - I checked and didnt see anything other than the usual banner ads either.

I've not seen anything flagged up on the site, but banner ads themselves can be virus laden

NickFitz
2nd May 2012, 21:49
Conficker isn't spread by download from infected web sites, it's a network worm that can be picked up from infected media such as CDs, floppies, network shares or USB drives; can try to brute force admin passwords for local networks; or can take advantage of patched vulnerabilities in the MS Windows Server service. But you don't get it from visiting a website, or at least not variant A.

I suggest the OP's report is a false positive, a misidentification, a coincidence (the attack coming from elsewhere but happening as CUK was being viewed), or bulltulip.

minestrone
2nd May 2012, 21:53
Conficker isn't spread by download from infected web sites, it's a network worm that can be picked up from infected media such as CDs, floppies, network shares or USB drives; can try to brute force admin passwords for local networks; or can take advantage of patched vulnerabilities in the MS Windows Server service. But you don't get it from visiting a website, or at least not variant A.

I suggest the OP's report is a false positive, a misidentification, a coincidence (the attack coming from elsewhere but happening as CUK was being viewed), or bulltulip.

System.out.println("you what?");