Tell that to the IT dept at my workplace (NHS hospital in North Lincs) - they're running one of the accepted "best" virus killers, NOD32, fully updated and it never blinked when Conficker.AE came into our network. That was well over a month ago, and we're still getting the red infection notices - the IT dept is pretty much powerless to stop it by the looks of things, and cannot remove it for some reason...
Still, that might teach them not to run Windows, eh?
D.
My employers ended up with over 11,000 infections (in the UK alone) when we where hit straight after returning to work in the new year. In out dept the 3 NT4 machines caused loads of issues (one was a domain controller) as they could not be suitably patched.
Conficker also waltzed straight past our AV solution (CA) and a clients AV package too (in their case they swapped out to McAfee which did a better but no means perfect job)
As the virus installs a root kit once you are infected you end up having to clean it by hand as conficker will prevent any patches (and some AV updates) from being installed, despite being told that the update went fine.
Use GMER for finding the root kit, if you need a copy I can upload it onto my webspace (once I get home from work).
I also see that there is a network scan app to detect infected machines remotely (see http://www.theregister.co.uk)
Comments
My employers ended up with over 11,000 infections (in the UK alone) when we where hit straight after returning to work in the new year. In out dept the 3 NT4 machines caused loads of issues (one was a domain controller) as they could not be suitably patched.
Conficker also waltzed straight past our AV solution (CA) and a clients AV package too (in their case they swapped out to McAfee which did a better but no means perfect job)
As the virus installs a root kit once you are infected you end up having to clean it by hand as conficker will prevent any patches (and some AV updates) from being installed, despite being told that the update went fine.
Use GMER for finding the root kit, if you need a copy I can upload it onto my webspace (once I get home from work).
I also see that there is a network scan app to detect infected machines remotely (see http://www.theregister.co.uk)