Posted by Jim/AL on 3/31/09 10:34am Msg #282828
Tech advice please, conflicker worm real or ??
Is all the talk about this conflicker worm infecting millions of PC's anything that we need to be worried about? Found nothing related in search. If so, what can or should we do to protect our PC's? I do not want to create panic, but these machines are our income sources and hard to do without.
Any advice would be appreciated. TIA
|
Reply by BrendaTx on 3/31/09 10:50am Msg #282829
Thanks for the topic. It made for interesting reading.
http://en.wikipedia.org/wiki/Conficker
I'd back up onto a usb connected exterior hard drive right now...today.
If you are hit with this bug simply reinstall windows, wiped all clean and start over.
|
Reply by Tess on 3/31/09 11:34am Msg #282837
Re: Our local news station just reported:
“If you can not access a virus software company on the web, you probable have it.”
Try typing in www.mcafee.com or your own virus software website and see if you can connect.
|
Reply by John/CT on 3/31/09 12:01pm Msg #282840
Re: Conflicker worm real or ??
Yes, it is apparently a real threat to some. Microsoft discovered earlier this month the latest variant, Conflicker.D, which is "supposed" to become active tomorrow. I went to http://www.microsoft.com/security/portal/Entry.aspx?name=Worm:Win32/Conflicker.D, clicked on and ran Microsoft Security Bulletin MS08-067. Also, just to be on the safe side, I installed and ran Microsoft Live OneCare. Hopefully, along with my anti-virus software, I'm well protected.
|
Reply by John/CT on 3/31/09 12:06pm Msg #282841
Oops ..
The name of the threat is "Conficker". I picked up the incorrect name from the earlier post. The correct site is: http://www.microsoft.com/security/portal/Entry.aspx?name=Worm:Win32/Conficker.D
|
Reply by PAW on 3/31/09 12:08pm Msg #282843
It's real alright!!
National Cyber Alert System
Cyber Security Alert SA09-088A
Conficker Worm Targets Microsoft Windows Systems
Original release date: March 29, 2009 Last revised: -- Source: US-CERT
Systems Affected
* Microsoft Windows
Overview
US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.
Solution
Install updates
The updates to address these vulnerabilities are available on the Microsoft Update site. We recommend enabling Automatic Updates.
Description
The presence of a Conficker infection may be detected if a user is unable to surf to the following websites:
* http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm * http://www.mcafee.com
If a user is unable to reach either of these websites, a Conficker infection may be indicated (the most current variant of Conficker interferes with queries for these sites, preventing a user from visiting them). If a Conficker infection is suspected, the user should run the Microsoft Windows Malicious Software Removal Tool and install updates available from the Microsoft Update site.
References
* Microsoft Windows Malicious Software Removal Tool - http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356
* Microsoft Updates Website - http://update.microsoft.com/microsoftupdate/
* US-CERT Technical Cyber Security Alert TA09-088A - http://www.us-cert.gov/cas/techalerts/TA09-088A.html
* Virus alert about the Win32/Conficker.B worm - http://support.microsoft.com/kb/962007
* The Conficker Worm - http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm
* W32/Conficker.worm - http://us.mcafee.com/root/campaign.asp?cid=54857
* Microsoft Automatic Updates - http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx
____________________________________________________________________
The most recent version of this document can be found at: http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm0 ____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send email to [e-mail address] with "SA09-088A Feedback VU#827267" in the subject.
|
Reply by davidK/CA on 3/31/09 12:14pm Msg #282845
A free Conficker scanner from Bit Defender
http://www.bdtools.net/how-to-remove-downadup.php
This requires you to download a "zipped" file to your computer, unzip the file and then run the program. Downadup is another technical name for Conficker.
|
Reply by Susan Fischer on 3/31/09 2:36pm Msg #282866
Good one, Paul. Thanks a bunch. n/m
|
Reply by MikeC/NY on 3/31/09 8:29pm Msg #282920
As long as you have been regularly updating your version of Windows, and you have an updated anti-virus program, you really don't have much to worry about. Confiker takes advantage of a bug in Windows that was fixed in October - those at risk are those who either don't bother to update Windows, or have an illegal copy of Windows that they can't update....
Also, keep in mind - it's April 1....
|