It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Conflicker/cyber security

page: 2
1
<< 1   >>

log in

join
share:

posted on Apr, 4 2009 @ 04:06 AM
link   
Another question I had after looking at some of the linked material. Would it be possible to add an infected drive as a slave drive to an uninfected computer for purposes of having it scanned by one of the online scanning sites, without risking damage to the uninfected drive?

(The premise of this question is that the virus on a regular drive, containing the bootup OS, blocks access to a lot of antivirus sites.)

I'm guessing no, but I thought I should run it by people who probably know more about it than I do.


[edit on 4-4-2009 by ipsedixit]




posted on Apr, 4 2009 @ 06:08 AM
link   
That depends on the virus. I don't think you'll have any problems with Confiker propagating from a slave drive to a master. If you want to be a bit safer though, most anti-virus programs have the ability to create a boot-disk for basic virus removal. At the very least, do it in safe mode - or if you can, from the command prompt.



posted on Apr, 4 2009 @ 06:20 AM
link   
reply to post by Lasheic
 


Correct, you can make a custom Bart PE disc with a low level
scanner that will check all the files on the drive.

The Bart PE site describes which ones work.

Also something to consider:

Since 2006, avast! antivirus has been a multiple winner of the Virus Bulletin VB100 Award, for detecting 100% of "in-the-wild" viruses[4].



posted on Apr, 4 2009 @ 09:59 AM
link   
reply to post by Ex_MislTech
 

Thanks for the word about Avast. In a piece of good luck I recently decided to try it on all my computers. I was impressed. It found stuff that AVG had missed.

I think I'll try slaving the laptop drive to another computer and scanning with Avast from the uninfected computer. Can't do it til Sunday though.

Edit: I'm pretty sure that Confiker or something like it is what is on the laptop because one of the characteristics is that it removes all your previous system restore points. I love system restore so I was very sad to see the recent points removed.



[edit on 4-4-2009 by ipsedixit]



posted on Apr, 6 2009 @ 02:37 PM
link   
I used Avast to scan for the Conflicker virus on my laptop and it was amateur hour all the way.

I had intended to boot into safe mode and scan the drive, which I had slaved onto my desktop (using an adaptor I bought a couple of years ago) in safe mode. I goofed that part and wound up booting up in normal mode.

I figured I might as well just go ahead and scan the drive. Avast found a Trojan in the pagefile.sys folder and nothing else. I shut off the computer disconnected the slave drive, went to microsoft.com and downloaded the current malware removal tool which is supposed to target the Conflicker virus, among others.

I rebooted, having connected the slave drive to the desktop and copied the malware remover .exe to the slave drive. I shut down, removed the slave drive, reconnected it to my laptop and booted up. I ran the malware remover and it turned up nothing on the laptop (formerly slave) drive.

I set a system restore point and called it a day.

Any thoughts? Do other things, like trojans, remove system restore points?


[edit on 6-4-2009 by ipsedixit]




top topics
 
1
<< 1   >>

log in

join