Monday, August 31, 2009

Conficker Detector

I received an interesting piece of feedback over the weekend. A user wanted to let us know that even though he had AVG installed as an antivirus, and runs Spybot (Search & Destroy, presumably), PeerBlock was the only tool that detected that his machine was infected with the Conficker worm!

I'm not sure which list(s) he was using, and we probably only caught it because PeerBlock is a new enough project that the worm creators didn't put in anything to check if we were running (and torch us if so), but that's just neat, and I thought it worth sharing.

Anyone else find any unexpected uses of running an IP-blocker like PeerBlock or PG2?

        ---  Mark  ---
Posted by at 2:12 PM

3 comments:

  1. Doubt AVG was up to date or even running properly as a service. But its cool known that PeerBlock picked up the connections.
    ReplyDelete
  3. I would just like to say that Thank you to the author of Peer Block for making such a great program after PG2. Peer Block manage to inform me that my computer was trying to access to a Conficker site and blocked it using the Bluetack Spyware blocklist.

    McAfee 8.7i didn't pick up anything on the On Access scan but found the virus after I did an On Demand Scan.

    Thank you again and keep up the good work.

    -Andy-
    ReplyDelete

Subscribe to: Post Comments (Atom)