What You Need to Know About Conficker and How to Avoid Being a Victim (Updated for April 1st)

46

Comments

+ Add a Comment
avatar

farhanmughal17

This say is active appreciatable and intellection germinate. <a href="http://funzmania.com/wallpapers">desktop wallpapers</a> Mostly the vistors organisation acuminate set of assembling. In myopic it is so awing. I one it really whatsoever

avatar

cathy5077

wow..I used to be searching for this and at last acquired it from this post. Thanks for making it easier.

Vitiligo

avatar

markweee

Thanks for the information. This is a wonderful post!!
custom dissertation | research papers

avatar

markweee

Great informative post thanks for sharing.....
custom dissertation | book report

avatar

Jd19Mia

That’s really cheap to select the custom dissertation receive the super information just like this post and bring it to thesis writing service. And the custom writing services thank you very much for it!

avatar

winmaster

I think that the creater of this bastard told it to sit still for a few more weeks because of all of the media hype. Just a thought. 

-------------------------------------------------------------------------------------------------- 

The quick brown fox jumps over the lazy dog.

avatar

Havok

 By any chance you always-on-the-internets-with-no-antivirus have like maybe 14 firewalls or are on dial-up!? Sorry if I strike a nerve, but seriously! Only those who are ignorant and have only used "free" antivirus programs and who look at tremendous amounts of pron claim that going cold turkey with AVs is the way to go.

Sure, Symantec blew chunks from 05 - 08 ish. Sure if you don't do stupid stuff on-line your infection risks decrease. Sure a lot of AVs suck and are really expensive, but WTF?

I think these are the people Gordon was thinking about when he ranted about needing a licence to go online or buy a computer.

"Excuse me, can I buy a computer and go on-line with no protection, similar to not using a condom?"

Licence denied.

 

 

OMGWTFBBQ

avatar

winmaster

There are a lot of free anti-viurs apps. I use AVG Free Edition 8.5. I also realize that my AV is important and that goining online without one would be a mistake and possibly disastorus. As for Gordon't internet license, I have written a report expanding the idea:  http://nintenpc.tripod.com/public/internet_regulation_speech.pdf. Read it. Then tell my fornesics judges, parents, and sister that I'm not a crackpot. Gordon rules and kids are stupid. 

-------------------------------------------------------------------------------------------------- 

The quick brown fox jumps over the lazy dog.

avatar

markweee

http://www.maximumpc.com/article/news/what_you_need_know_about_conficker_and_how_avoid_being_a_victim custom dissertation | book reports

avatar

c3ajeff

As a consultant, I make sure my clients don't have viruses and none of them do.
 It's not rocket science. For home users, the free anti-virus programs work great (provided they are updated frequently) so I recommend AVG or Avast.
 Second, MS updates must be turned on automatic. The days of updates causing major problems seem to be past, but on balance even if they do cause an occasional blip, let's face it, they do a lot more good than evil.
 Third, I train my clients to be aware of what they're doing. We all have a natural sense of danger when walking down a dark alley, but many don't have any sense of danger when wandering around on the internet.
 Many of us are suckers just waiting for some popup to tell us we must buy a "registry repair" program - or else... but I teach my clients to NEVER pay attention to any internet popup - ever. Any company who uses this kind of advertising is obviously unable to sell their program by means of any legitimate means, so avoid them like the plague.
 Many parents don't pay enough attention to what their kids are doing online. Yes, we've all been warned and warned and warned again, but many think so long as their kid isn't chatting with a predator, they are just fine. But these same parents who do their banking online, manage their investments online, and shop online - all which involve transmitting extremely personal information - don't pay attention when little johnny is downloading "warez" or mp3s off of torrent sites which are likely to assault their personal computer with malware, worms or viruses like conflicker.
 Many of there parents assume their kids are more, "tech savvy" than they are, but even if their kid knew more about how an engine runs would they let their 12 year old drive their new sports car in the bad part of town? How rediculous! And yet, parents allow their children to, "drive" all their personal information around the entire world of theives and miscreants. I take a, "belt and suspenders" approach to this.
 

First, parents have two choices: get the kids their own computer (NOT in their own room, no matter how much you trust them) or they need their own LIMITED account on the family computer. Parents need to approve each and every download the kids make on the family computer. If the child has his or her own computer it still needs to be protected from the child particularly if the computer is networked to the parent’s computer. Also parents need to monitor the computer or shelve it. I can’t tell you how many computers I have had to “refresh” because of young one’s lack of experience with the internet. This can be expensive and time-consuming unless the parents really know what their doing. Even if the child is technical enough to do this, they obviously weren’t wise enough to protect themselves in the first place, so parents heed my advice: be careful with your children and computers, that is, unless you’re not worried about losing your data or worse yet, having your identity stolen and bank account emptied. Trust me, that’s no fun at all.

avatar

hiremenow

Do we have any damage reports yet?

avatar

markweee

I propose not to hold back until you earn enough amount of cash to order goods! You can just get the loan or auto loan and feel comfortable

custom dissertation | dissertations

avatar

saraleeuk

I’ve been most successful using your last suggestion. Nothing else has worked. I’m unable to “stack” these for some reason, so I’d love to figure that out, but thanks for the tips so far.

college term paper

avatar

billveik

supposedly Vista has the same vulnerability to this as XP, but there is some sort of difference in the systems that makes it much more difficult to activate on Vista machines. Making XP much more of a target.

avatar

AntiHero

It's the UAC (User Account Control) I turned it on on a machine i don't care about, and hunted for viruses, it does block them from executing. I tried to get AntiVirus 2009, it asks me if i was sure i wanted to install it, the thing is that most people shut it off because it blocked EVERY program you could possibly imagine, unless it had a microsoft license, and still sometimes those ones.

I don't like Microsoft, I just associate with it.

avatar

fdwhacker

 This website from Symantec has everything you need:

http://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99

Here are the instructions:

  1. Download the FixDwndp.exe file from: http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDwndp.exe.

    Note: W32.Downadup.C may block access to Symantec Web sites and network addresses. Follow these steps to remove the block:

    1. Click Start > Run or hit Windows Key + R.
    2. Type cmd and click OK.
    3. Type net stop dnscache and press Enter.
    4. Type exit and press Enter.

  2. Save the file to a convenient location, such as your Windows desktop.
  3. Optional: To check the authenticity of the digital signature, refer to the "Digital signature" section later in this writeup.

    Note: If you are sure that you are downloading this tool from the Security Response Web site, you can skip this step. If you are not sure, or are a network administrator and need to authenticate the files before deployment, follow the steps in the "Digital signature" section before proceeding with step 4.

  4. Close all the running programs.
  5. If you are on a network or if you have a full-time connection to the Internet, disconnect the computer from the network and the Internet.
  6. If you are running Windows Me or XP, turn off System Restore. For instructions on how to turn off System Restore, read your Windows documentation, or one of the following articles:

    How to disable or enable Windows Me System Restore

    How to turn off or turn on Windows XP System Restore

  7. Locate the file that you just downloaded.
  8. Double-click the FixDwndp.exe file to start the removal tool.
  9. Click Start to begin the process, and then allow the tool to run.

    NOTE: If you have any problems when you run the tool, or it does nor appear to remove the threat, restart the computer in Safe mode and run the tool again.

  10. Restart the computer.
  11. Run the removal tool again to ensure that the system is clean.
  12. If you are running Windows Me/XP, then reenable System Restore.
  13. If you are on a network or if you have a full-time connection to the Internet, reconnect the computer to the network or to the Internet connection.
  14. Run LiveUpdate to make sure that you are using the most current virus definitions.

When the tool has finished running, you will see a message indicating whether the threat has infected the computer. The tool displays results similar to the following:

  • Total number of the scanned files
  • Number of deleted files
  • Number of repaired files
  • Number of terminated viral processes
  • Number of fixed registry entries

What the tool does
The Removal Tool does the following:

  • Terminates the associated processes
  • Deletes the associated files
  • Deletes the registry values added by the threat
  • Removes the scheduled jobs created by the threat

Switches
The following switches are designed for use by network administrators:
/HELP, /H, /?
Displays the help message.
/NOFIXREG
Disables the registry repair (We do not recommend using this switch).
/SILENT, /S
Enables the silent mode.
/LOG=[PATH NAME]
Creates a log file where [PATH NAME] is the location in which to store the tool's output. By default, this switch creates the log file, FixDwndp.log, in the same folder from which the removal tool was executed.
/MAPPED
Scans the mapped network drives. (We do not recommend using this switch. See the following Note.)
/START
Forces the tool to immediately start scanning.
/EXCLUDE=[PATH]
Excludes the specified [PATH] from scanning. (We do not recommend using this switch. See the following Note.)
/NOCANCEL
Disables the cancel feature of the removal tool.
/NOFILESCAN
Prevents the scanning of the file system.
/NOVULNCHECK
Disables checking for unpatched files.
/FORCEJOBSREPAIR
Removes the created scheduled jobs.

Important: Using the /MAPPED switch does not ensure the complete removal of the virus on the remote computer, because:

  • The scanning of mapped drives scans only the mapped folders. This may not include all the folders on the remote computer, which can lead to missed detections.
  • If a viral file is detected on the mapped drive, the removal will fail if a program on the remote computer uses this file.

Therefore, you should run the tool on every computer.

The /EXCLUDE switch will only work with one path, not multiple. An alternative is the /NOFILESCAN switch followed by a manual scan with AntiVirus. This will let the tool alter the registry. Then, scan the computer with AntiVirus with current virus definitions. With these steps, you should be able to clean the file system.

The following is an example command line that can be used to exclude a single drive:

"C:\Documents and Settings\user1\Desktop\FixDwndp.exe" /EXCLUDE=M:\ /LOG=c:\FixDwndp.txt

Alternatively, the command line below will skip scanning the file system, but will repair the registry modifications. Then, run a regular scan of the system with proper exclusions:

"C:\Documents and Settings\user1\Desktop\FixDwndp.exe" /NOFILESCAN /LOG=c:\FixDwndp.txt

Note: You can give the log file any name and save it to any location.

I hope this helps anyone who has been infected.

NOTE:  These are the exact instructions off of the Symantec website mentioned above.

----------------------------------------------------------------------

I HATE WINDOWS 98!!

AMD is AWESOME!

Maximum PC is AWESOME!!

Vista SUCKS!!

avatar

mesiah

I know this isn't viable for everyone, but for anyone who uses their pc to store vital information, or just doesn't want the hassle of having it knocked out by a virus, you might concider this. I have a high end computer that I use for gaming and making secure transactions. Then I have a second ultra cheap Emachines computer that I paid $299 for (including monitor) that I use only for surfing the web. I don't run many programs on it. I don't really worry about viruses on it, and if something were to happen to it, none of my personal files are on there so a quick restore is pretty simple.

avatar

Paul_Lilly

Alternately, installing a Virtual Machine or running a Linux Live CD will allow you to surf dangerously with little cost and risk to your main OS.

avatar

Dman222123222

VMs are good and all, but who wants to wait for their web browser to boot up?

avatar

smashingpumpin

I just red an informative article from Yahoo about this. http://tech.yahoo.com/blogs/null/13246. To those of you going cold turkey for a day or two, this quote from the Yahoo article is for you: "Turning your PC off tonight and back on on April 2 will not
protect you from the worm (sorry to the dozens of people who wrote me
asking if this would do the trick). Temporarily disconnecting your
computer from the web won't help if the malware is already on your
machine -- it will simply activate once you connect again. Changing the
date on your PC will likely have no helpful effect, either. And yes,
Macs are immune this time out. Follow the above instructions to detect and remove the worm."

As for the links to tools to remove it, I'm kind of a skeptic that it'll do the job but i'ts better than nothing and tried Symantecs tool and turned Windows Update "fully on" anyways. Goodluck on everyone tonight.

_______________________________________________

...hmm no Pr0n for a day or two? I can handle that hehehehe

avatar

metafuente

You are VERY wrong to think this is just hype and that it's a goofy April Fools joke. My recently built PC got hit by this thing, HARD and even though I stopped it fast, it took me 3 weekends to recover or find new version of my files. I'll be doing some console gaming for a week or so until I'm back on the web, this thing is nasty indeed! Hope the clowns behind it end up in a cell with angry Samoan (no offense) drag-queens (no offense again, you get the picture. :O

avatar

comptech08

you just cant say i am very wrong you do not know the answer either.  Geesh i never get viruses and i do not use anti-virus software or any type of protection software.  Its all about safe web habits.  I dont download stupid stuff and i dont look at p0rn.  If you keep getting viruses then its your fault not the internets.

avatar

Keith E. Whisman

If you don't use antivirus software how do you know that you don't have a virus infection on your PC? I mean some viruses are very quiet and do all their work under the table. Like keyloggers and worms that use your PC to send spam to other pc's and all kinds of nasty stuff. Hell just being online without an antivirus program is dangerous. 

You'll be sorry if you don't install an antivirus program. I bet you in you install an Antivirus program on your computer that you probably have at least one if not many security threats from malware, spyware to viruses. 

avatar

comptech08

i am not a stupid when it comes to the internet thats why.  And I also monitor my computers resources, processes, and performance, and do clean it everyday.  I can tell if something is up.   I also dont download stupid stuff.

 

The reason why i switched to no anti-virus was because i kept getting viruses.  It didnt matter who i had.  I had norton, AVG, CA, Avast, ect.  I would eventually get a virus and used the same internet habits as i do today.  So i did an experiment to see if i could do this without protection and it worked.

avatar

GreenTurtle

?

avatar

jcollins

Well, that's totally confusing.  The reason you switched to having NO anti-virus software is because you kept getting infected with viruses???  Sounds totally backwards there.

avatar

comptech08

that is why i tried it, something different and it worked

avatar

Keith E. Whisman

Well then you know better than I do. All I know is that my dad keeps uninstalling his antivirus software and then complains when his computer starts acting crazy. It's always a bad printer driver but I use the same driver with no problems. 

Just going to popular websites without protection can get you infected.

I'm not stupid but I know it's better to be safe than sorry.

Sure I can drive my car without auto insurence but if I get into an accident or a cop pulls me over I'm completely screwed.

My AV software has no effect on the speed of my system and I rutinely play Crisis with all the eye candy turned on and I get the same frame rates as I do with my AV disabled. I just don't see any reason to risk driving without insurence or running my computer on an always on broadband connection without AV software. I'm running Norton Internet Security 2009 and it rules. 

avatar

comptech08

your car insurance story has nothing to do with a computer not having anti-virus software.  first off its the law to have car insurance and not the law to anti-virus software.  It has been 4 years since i went ant-virus software free and have not had a virus yet on my machine.  And i use the computer everyday with the internet on 24/7.

avatar

AntiHero

I do not use my AV software (AVG paid version), it's there, on, and never scans, and I have only had one virus ever, downloaded by my mom on her XP Account. I download ISO images from gamecopyworld for my games and mount them to alcohol 120% all the time, I browse the internet regularly, and I never get viruses, especially as someone who uses Torrent downloads for music and viewing movies I don't feel are worthy of even a rental (or rogers has no copies left >_>) I'm a safe browser, if someone ups a cd to a torrent site, I look at the comments before downloading to see what people are saying about it, and I've never been steered wrong. The internet is like a city, safer to be on some streets than others, and avoid the dark, unexplored alleys. Regardless, I'm back on Ubuntu for the next couple of days until this blows over. When push comes to shove, my sig makes all the more sense.

I don't like Microsoft, I just associate with it.

avatar

JonnyNYK

Its outright arrogant to think you won't ever get infected with just "Safe WebBrowsing". Although I believe it's best practice to stay away suspect websites, unknown email attachments and public hotspots, you can't control what another person does on your network. Worms can work thier way through the network onto your pc. I know because back home my brother always got himself into a virus and on some occasions found it's way onto my pc. I also know just because you have virus protection doesn't make you immune. It does a good job of batting away most problems, but it's not perfect. That's where doing a bit of homework comes in.

You also do realize that because you don't visibly notice something that's "up" doesn't mean your safe, right? You guys ever hear of a keylogger? Maybe a Trojan that's just looking for only a snippet of information like say...your logon for your bank account? Legit websites are prone to infection too buddy.

My computer is protected so it's no skin off my back, but if you're that arrogant it's only time before your humbled.

avatar

Keith E. Whisman

I give up. We are not going to win. These anti antivirus people just have their minds made up. To them they are right and we are wrong. It's just not worth arguing about it with them. But I do have a problem with people like that convincing other people that going without AV software is the proper way to use the internet when it's not. 

 

With this logic of no AV you probably agree that all guns should be banned so you have to rely on the cops to protect you from rapists and armed robbers and trust in these thugs and robbers not to kill you as they assult you and take your belongings. But at least you'll be able to call the cops afterword and they can investigate.

Go without AV is like going without a means to protect yourself. But I'm not going to argue with these anti AV guys I'm just going to try and convince others from going that route.  

avatar

winmaster

The replies to the original comment are becomming difficult to follow. 

 

ANTI-VIRUS SOFTWARE IS A NECESSARY EVIL.  

-------------------------------------------------------------------------------------------------- 

The quick brown fox jumps over the lazy dog.

avatar

comptech08

I have this feeling that this conflicker worm is a april fools joke in itself.  All this hype about it getting everybody worried and trying to get protected, then April 1st comes and nothing happens, or it just attacks everbody on April 2nd and we still all die.  So who knows :)

avatar

DBsantos77

I agree, but better be safe then sorry no? Haha

avatar

Geeksquadmyss

nothing will happen but like i said before i got hit once and i to do a reinstall and lost  a lot of stuff and im not taking any chances

avatar

DBsantos77

Everyone should check their updates to see if KB958644 is installed. Apparently this protects against this worm and was made in October '08....

avatar

Geeksquadmyss

i got hit by this thing once (my family enjoys using my desktop and being careful at what they do on the internet.   And its a real (c word here) it destroys your whole computer.  Im backing up all my movies game saves etc  and checking my pc!  Its PC Armageddon, or could be 

avatar

bingojubes

time to unplug the netword card+cable from my computer before bed. got enough offline games to play for a day or two, anyways. i can stand withouht the internets for a day i think...

avatar

robtom

unplugging your computer won't work. If you've read anything at all about this you know then that it will wait until you can access the internet again and then recieve it's instructions.

avatar

doomhart

Put a link to this article on your email, facebook, myspace, twitter, friendster and other ways to contact your friends. Call your friends to go to maximum PC.

Good Luck to all tommorow. 

avatar

Asevening

Love the "Tremors" movie poster.

avatar

DBsantos77

WE'RE ALL GONNA DIE!!!!!!!

 

Thanks for the article, interesting read. 

avatar

AntiHero

I second this. And in response to vista being vulnerable to executing it... turn UAC on for a secondary measure, more than likely it runs as admin though, so it could Bypass UAC. Things like this are why UAC was made. even though i have it turned off. I'm in the technical field for work, so when i mass email everyone i know to prepare, they damn well listen.

I don't like Microsoft, I just associate with it.

avatar

LatiosXT

An Extreme Tech article claims that "Windows Vista is technically vulnerable in this way (Windows RCP facilities exploit), but the exploit is almost impossible to execute on it. Anyone's take on this?

avatar

Lord Omega

I just downloaded and now scanning my PC with the Symantec tool jus to be on the safe side. I can access all major computer security sites, so that there says I am safe. I also did a test with a .exe name "ConfickrRemover.exe" and nothing happened.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.