It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Conflicker/cyber security
page: 2share:
Another question I had after looking at some of the linked material. Would it be possible to add an infected drive as a slave drive to an uninfected
computer for purposes of having it scanned by one of the online scanning sites, without risking damage to the uninfected drive?
(The premise of this question is that the virus on a regular drive, containing the bootup OS, blocks access to a lot of antivirus sites.)
I'm guessing no, but I thought I should run it by people who probably know more about it than I do.
[edit on 4-4-2009 by ipsedixit]
(The premise of this question is that the virus on a regular drive, containing the bootup OS, blocks access to a lot of antivirus sites.)
I'm guessing no, but I thought I should run it by people who probably know more about it than I do.
[edit on 4-4-2009 by ipsedixit]
That depends on the virus. I don't think you'll have any problems with Confiker propagating from a slave drive to a master. If you want to be a bit
safer though, most anti-virus programs have the ability to create a boot-disk for basic virus removal. At the very least, do it in safe mode - or if
you can, from the command prompt.
reply to post by Lasheic
Correct, you can make a custom Bart PE disc with a low level
scanner that will check all the files on the drive.
The Bart PE site describes which ones work.
Also something to consider:
Since 2006, avast! antivirus has been a multiple winner of the Virus Bulletin VB100 Award, for detecting 100% of "in-the-wild" viruses[4].
Correct, you can make a custom Bart PE disc with a low level
scanner that will check all the files on the drive.
The Bart PE site describes which ones work.
Also something to consider:
Since 2006, avast! antivirus has been a multiple winner of the Virus Bulletin VB100 Award, for detecting 100% of "in-the-wild" viruses[4].
reply to post by Ex_MislTech
Thanks for the word about Avast. In a piece of good luck I recently decided to try it on all my computers. I was impressed. It found stuff that AVG had missed.
I think I'll try slaving the laptop drive to another computer and scanning with Avast from the uninfected computer. Can't do it til Sunday though.
Edit: I'm pretty sure that Confiker or something like it is what is on the laptop because one of the characteristics is that it removes all your previous system restore points. I love system restore so I was very sad to see the recent points removed.
[edit on 4-4-2009 by ipsedixit]
Thanks for the word about Avast. In a piece of good luck I recently decided to try it on all my computers. I was impressed. It found stuff that AVG had missed.
I think I'll try slaving the laptop drive to another computer and scanning with Avast from the uninfected computer. Can't do it til Sunday though.
Edit: I'm pretty sure that Confiker or something like it is what is on the laptop because one of the characteristics is that it removes all your previous system restore points. I love system restore so I was very sad to see the recent points removed.
[edit on 4-4-2009 by ipsedixit]
I used Avast to scan for the Conflicker virus on my laptop and it was amateur hour all the way.
I had intended to boot into safe mode and scan the drive, which I had slaved onto my desktop (using an adaptor I bought a couple of years ago) in safe mode. I goofed that part and wound up booting up in normal mode.
I figured I might as well just go ahead and scan the drive. Avast found a Trojan in the pagefile.sys folder and nothing else. I shut off the computer disconnected the slave drive, went to microsoft.com and downloaded the current malware removal tool which is supposed to target the Conflicker virus, among others.
I rebooted, having connected the slave drive to the desktop and copied the malware remover .exe to the slave drive. I shut down, removed the slave drive, reconnected it to my laptop and booted up. I ran the malware remover and it turned up nothing on the laptop (formerly slave) drive.
I set a system restore point and called it a day.
Any thoughts? Do other things, like trojans, remove system restore points?
[edit on 6-4-2009 by ipsedixit]
I had intended to boot into safe mode and scan the drive, which I had slaved onto my desktop (using an adaptor I bought a couple of years ago) in safe mode. I goofed that part and wound up booting up in normal mode.
I figured I might as well just go ahead and scan the drive. Avast found a Trojan in the pagefile.sys folder and nothing else. I shut off the computer disconnected the slave drive, went to microsoft.com and downloaded the current malware removal tool which is supposed to target the Conflicker virus, among others.
I rebooted, having connected the slave drive to the desktop and copied the malware remover .exe to the slave drive. I shut down, removed the slave drive, reconnected it to my laptop and booted up. I ran the malware remover and it turned up nothing on the laptop (formerly slave) drive.
I set a system restore point and called it a day.
Any thoughts? Do other things, like trojans, remove system restore points?
[edit on 6-4-2009 by ipsedixit]
new topics
-
Israeli Missile Strikes in Iran, Explosions in Syria + Iraq
World War Three: 12 minutes ago -
George Knapp AMA on DI
Area 51 and other Facilities: 5 hours ago -
Not Aliens but a Nazi Occult Inspired and then Science Rendered Design.
Aliens and UFOs: 5 hours ago -
Louisiana Lawmakers Seek to Limit Public Access to Government Records
Political Issues: 8 hours ago -
The Tories may be wiped out after the Election - Serves them Right
Regional Politics: 9 hours ago -
So I saw about 30 UFOs in formation last night.
Aliens and UFOs: 11 hours ago
top topics
-
BREAKING: O’Keefe Media Uncovers who is really running the White House
US Political Madness: 12 hours ago, 25 flags -
George Knapp AMA on DI
Area 51 and other Facilities: 5 hours ago, 19 flags -
Biden--My Uncle Was Eaten By Cannibals
US Political Madness: 13 hours ago, 18 flags -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest: 13 hours ago, 7 flags -
Louisiana Lawmakers Seek to Limit Public Access to Government Records
Political Issues: 8 hours ago, 7 flags -
Russian intelligence officer: explosions at defense factories in the USA and Wales may be sabotage
Weaponry: 17 hours ago, 6 flags -
So I saw about 30 UFOs in formation last night.
Aliens and UFOs: 11 hours ago, 5 flags -
Israeli Missile Strikes in Iran, Explosions in Syria + Iraq
World War Three: 12 minutes ago, 4 flags -
The Tories may be wiped out after the Election - Serves them Right
Regional Politics: 9 hours ago, 3 flags -
Do we live in a simulation similar to The Matrix 1999?
ATS Skunk Works: 12 hours ago, 3 flags