Hi malware fighters,

Scan for signs of particular Conficker here:
http://iv.cs.uni-bonn.de/fileadmin/user_upload/werner/cfdetector/

polonus

Status: There are no signs for an infection.

It is a quick test even on dial-up.

Click the image for a large view.

Isn’t this an old subject that was in a previous topic ?

I say that because I remember something very similar from the same uni, this one, http://www.confickerworkinggroup.org/infection_test/cfeyechart.html.

The strange thing, it shows my system as clean and I don’t believe it has been able to correctly ascertain this as I’m using firefox with noscript and uni-bonn.de isn’t allowed to run scripts. I see nothing in the page source other than css files and no other scripts.

So I have no idea how they have managed to confirm this, perhaps this is why it is so quick for CharleyO on dial-up, the page opened virtually instantaneously for me too , also on dial-up…

Hi DavidR,

Yes, time for a re-cap on this. The real test as you said is to be found here -as quick as load time: http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

But with 5.5 million infected computers worldwide Conficker is still very actual.
http://www.confickerworkinggroup.org/wiki/pmwiki.php/ANY/InfectionTracking#toc2
A big clean up action has to be performed in Brazil, Vietnam and China where most infected computers are located. Loads of machines are still not patched against this threat.
“The gigantic size of the botnet is caused by the fact that complete removal of the worm is rather complicated. Many infected machines has been re-infected. The worm sets very intricate ACL rights for files and registry keys it makes”, according to F-Secure’s Mikko Hypponen. “Manual removal is very hard to perform. And maling Conficker removal tools available takes quite some time, because the worm was that complex in nature.”
The best comprehensive survey on Conficker removal can be found here:
http://www.dshield.org/diary.html?storyid=5860

polonus