Messages

1

General Discussion / Re: Research Internet connectivity issue

« on: December 02, 2023, 06:26:56 am »

https://en.wikipedia.org/wiki/Conficker

Conficker D    2009-03-04

HTTP pull
        Downloads daily from any 500 of 50,000 pseudorandom domains over 110 TLDs
P2P push/pull
        Uses custom protocol to scan for infected peers via UDP, then transfer via TCP

Blocks certain DNS lookups
      Does an in-memory patch of DNSAPI.DLL to block lookups of anti-malware related web sites
Disables Safe Mode
Disables AutoUpdate
Kills anti-malware
        Scans for and terminates processes with names of anti-malware, patch or diagnostic utilities at one-second intervals
Downloads and installs Conficker E