Beware Conficker worm come April 1

[Dark Knight]

In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.


Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.


Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.


Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.


At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.


Microsoft also offers a free online safety scan here, which should be able to detect all Conficker versions.


http://tech.yahoo.com/blogs/null/128...-come-april-1/

[RiverRat]

Scanning now! I heard a tiny part of this story on the news and knew right where to turn for the details!

[Aperture]

Thanks for this, DK. Making sure the Windows p/c is up-to-date, but the mac book should be good to go.

[SeekingJana]

I had a heck of a time getting Microsoft's " stuff" off my PC this AM after I installed what I thought was a scan applet on my PC.
I would like to suggest the site that is home to Norton Security. www.symantec.com

They offer a free PC check for both viruses and malware and will scan all of the PC or just certain files and folders of your choice.
It took hours to deal with the Microsoft stuff. I don't recommend it except for the Update page to make sure all critical updates are installed.

OR just use Firefox and a good AV suite with all updates on April 1- seems to be the easier thing to do. Firefox is stable and is a free Mozilla browser, not a MS program.

[~Lisa~]

Does anyone know why when I try to update Windows I get this message...

The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.
Error number: 0x8024D007

I can't figure it out!!

[Dark Knight]

Maybe it was a blessing in disguise when I tried downloading IE 8 my browser stopped working altogether, which forced me to switch to Firefox.

[SewingDeb]

Janet, what problems did you have? I clicked on the link for the free scan in the article and it scanned but then my internet went down and I lost the scan results when I restarted the computer. I guess I downloaded the stuff for the scan and hope it won't be a problem.

[PattyCake]

Can this be avoided by not going online for April 1? I really don't know about these things and how they work.

[Elphaba]

Quote:

Originally Posted by PattyCake

Can this be avoided by not going online for April 1? I really don't know about these things and how they work.

No... 4/1 is just the date it starts running. You could avoid going online on 4/1, but as soon as you boot up on 4/2, go online and come across something carrying the worm, you will still get hit. So that is why it is urgent to get the patch.

Or buy a Mac... (slaps my hand... bad me! Believe me, even Macs have their issues... just the script kiddies find it a waste to develop worms/viruses for us Mac users. I guess because a majority of computers in use are PCs... messing with Macs don't have much of an impact on the computer using society, I guess...)

[SewingDeb]

If it's already on your computer, not going online on April 1st won't help.

Here's info from Symantec:

http://www.symantec.com/norton/theme...conficker_worm

[Elphaba]

Oh, so it is embedded... now those are the ones that REALLY suck... ticking time bomb programs are mean little buggers.

[SewingDeb]

Yeah, I believe it is embedded but will activate on April 1st if your computer is already infected. I hope someone collects the quarter of a million dollars for finding the person responsible for this little time bomb.

[SewingDeb]

On the Symantec site, it said one way to know if your computer is infected with this worm is if you are blocked from the major security sites.

[SeekingJana]

Quote:

Originally Posted by SewingDeb

On the Symantec site, it said one way to know if your computer is infected with this worm is if you are blocked from the major security sites.

WHOA! Yep, that would be a major sign of a badly infected computer. Scary to think about!

BTW, a few basic things will protect people from email worms.
First, disable the "preview" option in email. Opening emails one at a time, with the others closed in your inbox, is the best way I can describe what email looks like with the preview option disabled.
Only open and view emails with your email AV scanning processes working, and don't open an email that looks like it's either " undeliverable" with a Mail- daemon address, a Postmaster address, or which has an attachment and is from a questionable site or unknown person. Delete them unopened.
You can view the TRUE sender of all email by not opening the mail, but going to the menu and selecting " Properties". It will give you the sender's email address as well as the print contents while the email stays safely closed.

Next, if anyone gets the Conflicker or like malware, or ever goes to a photo link or video link that has been corrupted by an outside force that starts multiplying or putting other nasty uncontrollable things on the screen, which happens here on WS sometimes, you will probably have to do a " hard" shut down of your PC ( pressing the OFF button quickly and holding it down until the computer shuts down instead of using the Windows shut down menu option.)

If this happens to you like it has to me several times recently in some older cases which have corrupted external site photo or other news media links, you should protect your computer as best as possible with a safe and limited restart.
To protect your files and hard drive, restart your PC only in SAFE mode, and run a full system AV/ Malware scan before doing anything else, including before starting your web browser or opening your email program.
If you find anything, let your program remove it if possible. Don't do a System Restore with any " bugs" still showing up in a system scan. You'll just corrupt your last System Restore point. That date will have to be deleted from the " System Restore" calendar menu.

How to start your computer in SAFE MODE with Windows XP:
During start up, hold down the F8 key. The computer will tell you that it is starting up in safe mode and that all features and functions will not be available.

How to start your computer in SAFE MODE with Windows VISTA:
To get into the Windows Vista Safe mode, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode" and press your Enter key.

With some computers if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the "F8 key", tap the "F8 key" continuously until you get the startup menu.

I hope we all stay safe, but I am finding lots of older case media links with badly compromised malware on the re-directed sites. It's not the fault of anyone on WS, but something that happened with the outside source page.

Maria

[smart blonde]

Bump...

[MCDRAW]

When I tried to run the scan it said it encountered a error.

[southcitymom]

Makes me glad I'm on a Mac these days.

[txsvicki]

Does anyone if anti-malware software the Avg virus scanner or would that be in my Spybot program?

[scandi]

Quote:

Originally Posted by RiverRat

Scanning now! I heard a tiny part of this story on the news and knew right where to turn for the details!

Hi RiverRat, If it doesn't hit till the 1st what will a scan show tonight?

I am totally perplexed. I tried Dark Knight's link for free protection and it wouldn't work for me. I have a Windows 2000 and it wasn't listed ;{



Dark Knight, Thanks so much for this thread.

[PattyCake]

Thank you Bill Gates for building an inferior product that allows for crap like this to happen, causes me worry, stress, money & time to protect my life, identity and more.

I will never EVER buy a PC again.

[SeriouslySearching]

So...I guess if I don't see you guys tomorrow...the worm got me. I updated and did everything I think (except I didn't update windows patch as I heard it crashed a few computers already).

Can't these people use their brilliant minds for good instead of evil?!

[SeriouslySearching]

Quote:

Originally Posted by southcitymom

Makes me glad I'm on a Mac these days.

My next one will be a Mac! I am sick of replacing pcs.

[sadyjade]

hmph!!! hope I am still here tomarrow! PC I am, and AVG protected w/o the MS patch (unless automatic update happened w/o me seeing it) I did go into "Tools" (IExp) and disable my smiley add on as I think that may have been where I got last years malware issues from.

Here's to all of us bounding back from carp feeinding bottom dwellers!

CHEERS! See ya on the flipside

[Laneymae]

Quote:

Originally Posted by SewingDeb

On the Symantec site, it said one way to know if your computer is infected with this worm is if you are blocked from the major security sites.

As of 1:55 am Central Standard time, I am worm free!! Yay ...

I was able to get into the major security sites and all is well.

I was able to get into this website easily, also.

Laney

[Laneymae]

Quote:

Originally Posted by SeriouslySearching

So...I guess if I don't see you guys tomorrow...the worm got me. I updated and did everything I think (except I didn't update windows patch as I heard it crashed a few computers already).

Can't these people use their brilliant minds for good instead of evil?!

~ bold mine ~

SS, I hope I see you today, then I will know all is well with you and your computer.

Laney