+ Post New Thread
Page 3 of 9 FirstFirst 1234567 ... LastLast
Results 31 to 45 of 121
Windows Thread, Annoying Virus (confick-E) in Technical; Reading this thread as made me quite scared.......
  1. #31

    sippo's Avatar
    Join Date
    May 2008
    Location
    Swindon, Wiltshire
    Posts
    1,786
    Thank Post
    142
    Thanked 226 Times in 148 Posts
    Rep Power
    161
    Reading this thread as made me quite scared....

  2. #32

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,373
    Thank Post
    613
    Thanked 1,133 Times in 867 Posts
    Blog Entries
    15
    Rep Power
    497
    Quote Originally Posted by Ayatollah Pies View Post
    You could use that logic for almost all computer related issues.
    Definitely worth noting that NO single AV package available is capable of 100% disinfection of 100% of nasties. There are free packages out there with better detection rates than the most expensive packages, and some paid packages that barely do anything.

  3. #33

    sippo's Avatar
    Join Date
    May 2008
    Location
    Swindon, Wiltshire
    Posts
    1,786
    Thank Post
    142
    Thanked 226 Times in 148 Posts
    Rep Power
    161
    I have just mailed staff, put up a notice in the staff room, and in the staff bulletin to get all teachers and staff to bring their usb pens/hdd to us for scanning. Lets hope they take note!

    We've just been advised by county that their head offices have been affected.

  4. #34
    Sophos-Support-5's Avatar
    Join Date
    Jun 2007
    Location
    Abingdon, UK
    Posts
    48
    Thank Post
    0
    Thanked 7 Times in 6 Posts
    Rep Power
    17
    If you need a simple action plan for conficker...

    (1) Patch - this is your first and main priority. Patch patch patch.
    (2) Make sure your AV is installed, up to date and has working on-access/ real-time scanning - don't assume. Do check that all computers are running some protection.
    (3) Strengthen passwords for network shares. Conficker tries a large number of passwords and may guess weaker ones. Make the password long and complex - perhaps a phrase with UPPER and lowercase characters, d1g1t5 and symbols.
    (3) Disable file and printer sharing. OR divide your network up. If it's a small network you can pull the network cable and clean the machine. If you do: do NOT put it back on to the network unless you know every other computer connected is clean and will not potentially reinfect the machine.

    If you are running Sophos Anti-Virus see our "What to do" section for Conficker: Sophos Anti-Virus for Windows 2000+: removing W32/Confick and Mal/Conficker

    Regards,

    Sophos Technical Support

  5. 2 Thanks to Sophos-Support-5:

    Oops_my_bad (6th February 2009), synaesthesia (7th February 2009)

  6. #35
    Sophos-Support-5's Avatar
    Join Date
    Jun 2007
    Location
    Abingdon, UK
    Posts
    48
    Thank Post
    0
    Thanked 7 Times in 6 Posts
    Rep Power
    17
    For those that do not have SAV installed or are finding cleanup difficult please check out:

    Sophos Conficker Cleanup Tool
    Last edited by Sophos-Support-5; 6th February 2009 at 10:33 PM.

  7. Thanks to Sophos-Support-5 from:

    stariq (7th February 2009)

  8. #36

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,321
    Thank Post
    902
    Thanked 1,801 Times in 1,550 Posts
    Blog Entries
    12
    Rep Power
    467
    Been chasing this about for most of today. Can't wait until monday

  9. #37
    stariq's Avatar
    Join Date
    Feb 2008
    Location
    Birmingham
    Posts
    190
    Thank Post
    113
    Thanked 18 Times in 16 Posts
    Rep Power
    17
    We had this on our network - the lads I work with and Sophos were absolutley brilliant!! Couldnt have done this without them

    In the end I patched and updated all the servers in the school, deleted the 'random name' service using the cmd line and ran sophos.

    In the Sophos menu I selected 'delete' (or something similiar) when a virus was found and then started to deploy WSUS to do the remainder.

    All the lads kept an eye on it over the few days and the weekend, it killed the network but it was worth it.

    Now I only have an handful of PC's playing up but nothing a rebuild wouldnt fix.

    The problem is when staff bring in their laptops after long term illness/holidays and the Sophos updates their laptops and scans for any threat. It does grind the laptop right down but I think its worth having that for 10-20 mins rather than the confick appearing again.

    Hope this has helped someone

    STariq

  10. #38
    PEO
    PEO is offline
    PEO's Avatar
    Join Date
    Oct 2007
    Posts
    2,096
    Thank Post
    457
    Thanked 152 Times in 96 Posts
    Rep Power
    72
    got the virus here, Just shut the servers down till I get in opn monday morning

  11. #39
    WithoutMotive's Avatar
    Join Date
    Feb 2006
    Location
    Wigan, UK
    Posts
    631
    Thank Post
    41
    Thanked 49 Times in 43 Posts
    Rep Power
    27
    We're almost clean. Just a few more to do on Monday. Also showed me just how much staff DON'T listen to us.

  12. #40

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,373
    Thank Post
    613
    Thanked 1,133 Times in 867 Posts
    Blog Entries
    15
    Rep Power
    497
    Worth noting that if you have the option of using a DNS server other than local authority. OpenDNS have added a "catcher" for conficker - meaning if you have an infected machine which tries to call one of it's many homes, OpenDNS will let you know about it.
    Nice little article here: OpenDNS rolls out Conficker tracking, blocking ? The Register

    I use openDNS at home as it's quicker/more reliable than Be/O2's orrible servers so bonus here Not sure how that translates to school networks but if you register with openDNS you can use it to block all sorts of traffic, it's very handy and very free.

  13. Thanks to synaesthesia from:

    azrael78 (8th February 2009)

  14. #41

    sippo's Avatar
    Join Date
    May 2008
    Location
    Swindon, Wiltshire
    Posts
    1,786
    Thank Post
    142
    Thanked 226 Times in 148 Posts
    Rep Power
    161

  15. #42
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    42
    I went to the Sophos Open day yesterday. Was rather impressed, and not just with the free Umbrella!

    Graham Clueley is rather Dan Ackroyd esq in the flesh, unlike in his pictures.

  16. #43

    Join Date
    Feb 2008
    Location
    Wiltshire
    Posts
    899
    Thank Post
    282
    Thanked 141 Times in 114 Posts
    Blog Entries
    28
    Rep Power
    42
    This thread is filling me with dread!

    Sophos caught Conficker on a USB that one of the kids plugged in a couple of weeks ago.

    We panic'd when I got the e-mail from the console appear in my mailbox and swiftly downed the machine and run an off-line scan on it. (Came up clean).

    I disabled the pupils account and he had to come and see me about it, but just seemed completely oblivious to it. :wall:

    Pete

  17. #44
    PEO
    PEO is offline
    PEO's Avatar
    Join Date
    Oct 2007
    Posts
    2,096
    Thank Post
    457
    Thanked 152 Times in 96 Posts
    Rep Power
    72
    Does anyone know if eset nod32 can do the same thing... email me if a virus is found. we find alot of people in the school close the warning and not tell us.

  18. #45
    Sophos-Support-5's Avatar
    Join Date
    Jun 2007
    Location
    Abingdon, UK
    Posts
    48
    Thank Post
    0
    Thanked 7 Times in 6 Posts
    Rep Power
    17
    Quote Originally Posted by FragglePete View Post
    This thread is filling me with dread!
    You shouldn't let it.

    Conficker isn't that bad if you're protected. This virus is causing a certain amount of panic because, in all honesty, it's exposing how poorly protected some networks are. Microsoft released the patch back in October and loads of networks still don't have it installed.

    If you're patched on ALL machines and you have up-to-date AV on ALL machines then you won't suffer.

    Asked "are you 100% patched?" the usual answer is "yes, certainly, yes, yes, yes. Ah, well probably." If you have no central management of either (1) patch control or (2) minimum AV requirement on every machine allowed to communicate on the network then how can you be sure you're protected?

    Answer: Sophos Endpoint Security 8 (which includes SophosNAC) or Sophos NAC Advanced (that doesn't require SAV to be installed):

    Endpoint control - How much control do you want?

    Our vulnerabilities list shows three vulnerabilities in February, one in January and nine back in December. Hands up who is 100% patched on 100% of their machines and can prove it.

    Latest vulnerabilities analysis

    Regards,

    Sophos Technical Support

  19. Thanks to Sophos-Support-5 from:

    Oops_my_bad (5th March 2009)



SHARE:
+ Post New Thread
Page 3 of 9 FirstFirst 1234567 ... LastLast

Similar Threads

  1. [Video] Most Annoying Runner Ever
    By mattx in forum Jokes/Interweb Things
    Replies: 1
    Last Post: 13th January 2009, 02:51 PM
  2. Top 10 annoying technologies
    By FN-GM in forum IT News
    Replies: 14
    Last Post: 8th December 2008, 12:05 PM
  3. Annoying thing!
    By chrbb in forum Windows Vista
    Replies: 3
    Last Post: 2nd September 2008, 03:10 PM
  4. Annoying Error Message
    By firefox_2006 in forum Windows
    Replies: 7
    Last Post: 7th April 2007, 09:14 PM
  5. Bloddy annoying
    By GrumbleDook in forum Jokes/Interweb Things
    Replies: 28
    Last Post: 12th July 2006, 02:09 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •