Third party information on conficker, (Fri, Feb 13th)

(This will be updated as more information becomes public)

UPDATES ARE HIGHLIGHTED IN GREEN

In an effort to provde YOU the enduser the ability to educate your self on this threat I will be posting as much information as possible, from as many sources as possible. This may lead to redundancies in the data that is avalible but I am hoping that this will allow you to pick and choose the information, removal tool, and more importantly your own path when mitigating Conficker. Please do note that ISC nor SANS is verifying the validity of any of the information or tools present here (you can check our own posts on this topic, or compare against multiple sources). ALWAYS TEST IN A DEV OR TEST ENVIRONMENT BEFORE ROLLING OUT TO PRODUCTION!
Removal Instructions
Microsoft

support.microsoft.com/kb/962007 /> Kaspersky

support.kaspersky.com/faq/ /> BitDefender

www.bitdefender.com/VIRUS-1000462-en–Win32.Worm.Downadup.Gen.html /> TrendMicro

www.trendmicro.com/vinfo/virusencyclo/default5.asp /> Sophos

www.sophos.com/support/knowledgebase/article/51416.html />

www.microsoft.com/security/malwareremove/default.mspx /> F-Secure

ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip
AhnLab

global.ahnlab.com/global/file_removeal_down.jsp?filename=12371830475821down_filename=v3conficker.zip /> Symantec

www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99 /> McAfee

vil.nai.com/vil/stinger/ /> ESET

download.eset.com/special/EConfickerRemover.exe /> BitDefender

www.bdtools.net/ /> Kaspersky

data2.kaspersky-labs.com:8080/special/KidoKiller_v3.3.3.zip /> TrendMicro

www.trendmicro.com/ftp/products/pattern/spyware/fixtool/SysClean-WORM_DOWNAD.zip /> Sophos

secure.sophos.com/support/updates/dp/full/scct_10_sfx.exe />
Conficker Cabal Information
ShadowServer

www.shadowserver.org/wiki/pmwiki.php />
(very good explanation of the importance of this group)
Arbor networks

asert.arbornetworks.com/2009/02/the-conficker-cabal-announced/ /> ICANN

www.icann.org/en/announcements/announcement-2-12feb09-en.htm /> Symantec

forums.symantec.com/t5/Malicious-Code/Coalition-Formed-in-Response-to-W32-Downadup/ba-p/388129 />
General Information
Microsoft

www.microsoft.com/protect/computer/viruses/worms/conficker.mspx />
IT Security/Professional Page

technet.microsoft.com/en-us/security/dd452420.aspx />
Centralized information about Conficker

blogs.technet.com/mmpc/archive/2009/01/22/centralized-information-about-the-conficker-worm.aspx />

www.secureworks.com/research/threats/downadup-removal/ />

mtc.sri.com/Conficker /> MNIN Security Blog

mnin.blogspot.com/2009/01/downatool-for-downadupbconflickerb.html />
(This is an awesome tool that generates domains, and ips to scan using the reversed algorithms from conficker)
ThreatExpert Blog

blog.threatexpert.com/2009/01/confickerdownadup-memory-injection.html /> CERT.at

isc.sans.org/diary.html?storyid=5695 />

isc.sans.org/diary.html?storyid=5671 />

isc.sans.org/diary.html?storyid=5830 />

isc.sans.org/diary.html?storyid=5842 />

URL: http://isc.sans.org/diary.php?storyid=5860&rss