Jump to content
Fly Fusion Forums

Recommended Posts

Posted

Make sure that you have updated your OS and virus software. You might want to turn on the news channel before surfing tomorrow as well. And be sure to back up anything important.

 

To quickly find out if your PC might be one of the millions infected by Conficker, try clicking to Microsoft.com. Next try Symantec.com. Now try McAfee.com. If you can get to these sites, you are not infected. But if your browser will not let you access any of these websites, as shown below, then you very likely are infected with Conficker.

 

http://lastwatchdog.com/combatting-conficker/

Posted

Here's the blurb from Symantec. Links in the blurb will not work, you'll have to go to the site (if you can). Good post Darren, thanks for reminding everyone. I blame it all on the Russians. (See Rickr, it`s not the Americans that screw everything/one up.)

 

http://www.symantec.com/norton/theme.jsp?t..._conficker_worm

 

 

 

Worried about the Conficker worm striking on April 1st? A few simple steps can protect you.

 

 

Target: All users of Windows XP and Windows Vista.

 

If you’re worried about the Conficker worm striking on April 1st, don’t be.

 

On April 1st the Conficker worm will simply start taking more steps to protect itself. Beginning on April 1st the worm will use a communications system that is more difficult for security researchers to interrupt.

 

* What does the Conficker worm do?

* Who is at risk?

* What to do if you are infected?

* FAQ

* Norton Recommends

 

 

The Conficker worm, sometimes called Downadup or Kido has managed to infect a large number of computers. Specifics are hard to come by, but some researchers estimate that millions of computers have been infected with this threat since January. Current users of Symantec’s Norton security products are protected. Users who lack protection are invited to download a trial version of Norton AntiVirus 2009,Norton Internet Security 2009 or Norton 360 Version 3.0. If you are unable to reach our web site, you may be infected. In that case you will need to get to a computer that is not infected, download our specialized Conficker removal tool and run it on the infected machine before installing new antivirus software. Symantec has a detailed technical analysis of the threat here.

 

CBS correspondent Leslie Stahl met with Steve Trilling, Symantec’s VP of Security Technology and Response, to talk about the impact of Conficker worm.

 

The video is currently unavailable. Click here to read the transcript.

 

What does the Conficker worm do?

The Conficker worm has created secure infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.

 

The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

 

How does the worm infect a computer?

The Downadup worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

 

Who is at risk?

Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.

 

What to do if you are infected

If you are reading this page, your computer is probably not infected with Conficker as the worm blocks access to most security web sites.

 

If you have a computer that is infected, you will need to use an uninfected computer to download a specialized Conficker removal tool from. The tool is available here.

 

Advice to Stay Safe from the Downadup Worm:

 

1. Run a good security suite (we are partial to Norton Internet Security 2009 and Norton 360 Version 3.0).

2. Keep your computer updated with the latest patches. If you don’t know how to do this, have someone help you set your system to update itself.

3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.

4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.

5. Be smart with your passwords. This includes

 

1. Change your passwords periodically

2. Use complex passwords – no simple names or words, use special characters and numbers

3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

 

6. Use a passwords management system such as Identity Safe (included in Norton Internet Security 2009 and Norton 360 Version 3.0) to track your passwords and to fill out forms automatically.

7. Run Norton Internet Security 2009, Norton AntiVirus 2009 or Norton 360 Version 3.0. You can also try Norton Security Scan.

 

 

 

FAQ

Q: What should I do if my PC is infected?

 

A: If you have a computer that is infected, you will need to use an uninfected computer to download a specialized Conficker removal tool from. The tool is available here.

 

Q: Am I safe if I don’t go to questionable web sites?

 

A: No. The Conficker worm seeks out computers on the same network. You can be in a coffee shop, an airport or in the office and the worm will quietly try to attach to your computer and run itself.

 

Q: How do I know if I am infected?

 

A: The best way to know if you are infected is to run a good antivirus product. One symptom that may indicate you are infected is finding that your computer is blocked from accessing the web sites of most security companies.

 

Q: Can’t I just run free antivirus software?

 

A: Yes, but free products often aren’t thorough or comprehensive. Worse, the internet is overflowing with fake free security scanners that actually infect your computer. Fake scanners such as “Antivirus 2008” are difficult to identify and have plagued hundreds of thousands of users around the world.

 

Norton Recommends

Run Norton Internet Security 2009, Norton AntiVirus 2009 or Norton 360 Version 3.0. All of these products will detect and remove the Downadup worm.

 

You can also exchange ideas and developments on Downadup at the Norton Forums. Detailed blogs on Downadup and other malicious programs can be found on Symantec’s Malware Blog.

Posted

I just want to quickly clarify that tomorrow is just the day that the worm starts checking for updates. If nothing happens tomorrow, that does not mean it's all done and you can't get infected any more. A lot of people have been focused on that April 1st date, but the worm can update itself after that as well. Use Windows Update to install all the security patches and run up to date antivirus software to protect yourself. This worm can also copy itself to things like USB thumb drives, so be careful sharing files that way. Don't panic, but exercise caution.

Posted

Contrary to Norton's view of free virus protection, AVG Free 8.5 is totally effective against this worm. But, systematic daily updates are critical. One must also have XP SP3 downloaded and updated daily(for XP systems).

j

Posted

sometimes you gotta wonder if the virus/security software companies are in cahoots with the virus writers?

 

I say this tongue in cheek, but without one the other would not exist. Why could virus protection software not be written into the new operating systems such as Vista?

Posted
sometimes you gotta wonder if the virus/security software companies are in cahoots with the virus writers?

 

I say this tongue in cheek, but without one the other would not exist. Why could virus protection software not be written into the new operating systems such as Vista?

A lot of this stuff exists because of flaws and security holes in Windows. Would you really want the same people who are responsible for those flaws to be the only ones protecting you from them?

Guest girlsfishtoo
Posted

Thanks for the reminder and all the info ... I hope I've covered my ass :unsure:

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...