Page 1 of 1
The Conficker Worm
Posted: Wed Apr 01, 2009 1:38 am
by Infelice
Theres been a lot of news about the Conficker Worm in the media over the last couple of days and apparently 1 April is D Day for its activation.
Im marginally paranoid about pc viruses and stuff and havent been able to find any information about this one that I can understand.
Does anyone know what it is, how do you get it, what bad things it will do to your puter if you get infected and if there is something for getting rid of it?
Or is this some person's sick idea of an April Fool prank??
Re: The Conficker Worm
Posted: Wed Apr 01, 2009 4:18 am
by thewormoftheworld'send
Infelice wrote:Theres been a lot of news about the Conficker Worm in the media over the last couple of days and apparently 1 April is D Day for its activation.
Im marginally paranoid about pc viruses and stuff and havent been able to find any information about this one that I can understand.
Does anyone know what it is, how do you get it, what bad things it will do to your puter if you get infected and if there is something for getting rid of it?
Or is this some person's sick idea of an April Fool prank??
en.wikipedia.org/wiki/Conficker
Removal
On October 15, 2008, Microsoft released an emergency out-of-band patch to fix vulnerability MS08-067, which the worm exploits to spread. This patch was released prior to the release of the Conficker worm. Removal tools are available from Microsoft, BitDefender, Enigma Software,ESET,
F-Secure, Symantec, Sophos, and Kaspersky Lab, while McAfee and AVG can remove it with an on-demand scan. While Microsoft has released patches for the later Windows XP Service Packs 2 and 3 and Windows 2000 SP4 and Vista, it has not released any patch for Windows XP Service Pack 1 or earlier versions (excluding Windows 2000 SP4), as the support period for these service packs has expired. Since the virus can spread via USB drives that trigger AutoRun, disabling the AutoRun feature for external media (through modifying the Windows Registry) is recommended. However the United States Computer Emergency Readiness Team (CERT) describes Microsoft's guidelines on disabling Autorun as being "not fully effective," and they provide their own guides. CERT has also made a network-based tool for detecting Conficker-infected hosts available to federal and state agencies. Microsoft has released a removal guide for the worm via the Microsoft website.
Posted: Wed Apr 01, 2009 7:57 am
by Infelice
ok thanks
Posted: Wed Apr 01, 2009 2:51 pm
by wayfriend
People should be protected if they are up to date with Windows Updates and if they are up to date with their anti-virus.
You can download a standalone program from semantec (and probably other vendors) that you can run to scan for the worm and remove it.
You can do this if you're not up to date, or have no anti-virus, or are just paranoid. (The worm does try to block access to updates.)
Posted: Wed Apr 01, 2009 3:42 pm
by High Lord Tolkien
This was a good example of "chicken little".
A non destructive virus that got some network news attention because of it's activation date I think.
It was a little bit more exciting for the networks because of the April Fools aspect to it.
I run the IT department at my work.
I knew it was no big deal because my antivirus was up to date and all the servers Windows patches were already applied BUT my boss saw the 60 minutes report on Conflicker and his boss saw it and everyone wanted to know if we were safe so I spent all day yesterday reviewing and explaining what I knew was a secure situation just because of some media hype!
But conficker, which I read as cornflicker, keeps me employed though.
