BuffettNews.com

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

http://tech.yahoo.com/blogs/null/132464

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself and your PC.

You all might wanna check your computers, JUST IN CASE. No one really knows what this is / isn't going to do.

I downloaded Norton 360 last month (had to my previous AV software was about to expire).... The latest version of some of these softwares can block this worm...

The worm makes use of exploiting a prior Windows Vulnerability (that was patched in December of 2008) You should also be okay as long as you have the latest patches

Unfortunately a large majority of people who own computers are not computer savvy enough and don't employ AntiVirus software (or don't keep it updated) or don't download the latest Microsoft Patches....These are the ones that will be in trouble from this worm...

(Of course all the reassurance in the world won't do a darn bit of good if any of the AV companies drops the ball on this one thinking they have it covered....)

I just did a Norton Symantec scan and removed two viruses: Trojan.metajuan and Packed.Generic.2.

The history said that Symantec has removed both of these viruses DAILY from my computer, the Trojan since 3/24 and the Packed.Generic since 3/15!

I tried to download an update from Symantec earlier in the year, but it said I had to print out the instructions to install it, and I don't have a working printer connected to my computer. Gonna keep my fingers crossed tomorrow.

The intranet for Canada's Parliament crashed this afternoon. I think it had something to do with this worm. Apparently the British Parliament was also affected.
It means our work has been delayed for about 4 hours tonight... and we'll have an extra 4 to catch up tomorrow. Not enough sleeping!

Macs are immune this time out.

I really do love my MacBook. It cost a little more but it's been worth it. No crashes in almost 3 years. Fewer virus worries....

SchoolGirlHeart wrote:

Macs are immune this time out.

I really do love my MacBook. It cost a little more but it's been worth it. No crashes in almost 3 years. Fewer virus worries....

My iMac is just singing along,
but I do hope this is just a hoax.

carolinagirl wrote:I just did a Norton Symantec scan and removed two viruses: Trojan.metajuan and Packed.Generic.2.

The history said that Symantec has removed both of these viruses DAILY from my computer, the Trojan since 3/24 and the Packed.Generic since 3/15!

I tried to download an update from Symantec earlier in the year, but it said I had to print out the instructions to install it, and I don't have a working printer connected to my computer. Gonna keep my fingers crossed tomorrow.

No one is really sure what "Conficker is going to do other than "phone home" for instructions. But there are a lot of people watching it...

One of the easiest problems to fix is people that allow their computers to print and file share. TURN IT OFF! DISABLE IT! This is one of the old exploits that is still around and the Conficker worm (among hackers and numerous other nasties) exploit it. It is easy to disable.

You also might want to try this.

Disable your "System Restore". The nasty can hide in there and will not ever go away. Even though the antiviral deletes or repairs them numerous times.

Restart your computer in "SAFE MODE".

Turn everything off ( ie screen saver, background, etc)
Run your antiviral. Allow it to finish. It may take some time. So don't plan on using your computer for a bit.
You may also consider running a scan disc check and defrag the computer while you are in SFE MODE AFTER THE ANTIVIRAL HAS COMPLETED it's run.
This should detect and rid your computer of anything your antiviral can get rid of. This will probably speed your computer up some as well.

Restart your computer in normal mode. Re-enable System Restore when you restart and scan it again. Just to be sure it got rid of the nasty.

There are numerous FREE antivirals available for home use, as well as FREE for "home use" firewalls. You might consider and try Avast or AVG for the free antivirals and or Zonealarm for a free firewall.
You can also go to TrendMicro and run an online antiviral check for free. I use this to check my system occasionally. (NOTE this is only a check that is valid while you are on their site. IT DOES NOT replace having an antiviral installed on your computer!) There are many other freebies out there. You may want to consider getting "Threatfire" it works along side your antiviral and it is free.
All of the above are highly rated and reputable. Not to mention they work great and quite reliable.

You can also find numerous FREE antispyware programs out there such as "Spybot" and "Ad-Aware". Be sure to update them and use them.

I highly recommend Kim Komando ( www.komando.com ) to everyone with a computer. She explains and offers tips, security and other recommendations and suggestions in common speak about computers, that anyone can understand. She also has a call in talk show.

I was looking at my history... It appears that after I shut down for the night since 03/24/09 or so there has been at least one instance of "unauthorized access" blocked by Norton after the service jobs shut down for the night.....

(Thing comes up as a DDE Server window....)

I think this means I'm protected fairly well

blackjack wrote:

Me, too.

so is this.

RinglingRingling wrote:

so is this.

and this

So far, everything here at the Schloss Radler seems to be as it was before. I'm not noticing anything unusual with my machine. Of course, I don't file-share, down-load, click on spam email links, or network with anyone. I very rarely conduct any business (using my debit card) online. And I always shut the machine down when I finally do decide to call it a day.

OTOH, did anybody ever say just *what time of day* this thing was supposed to activate?

-"BB"-

Bicycle Bill wrote:So far, everything here at the Schloss Radler seems to be as it was before. I'm not noticing anything unusual with my machine. Of course, I don't file-share, down-load, click on spam email links, or network with anyone. I very rarely conduct any business (using my debit card) online. And I always shut the machine down when I finally do decide to call it a day.

OTOH, did anybody ever say just *what time of day* this thing was supposed to activate?

-"BB"-

right....


about...

Who names these things anyway? Conficker? Although it was semi-hilarious to hear the news anchors in Denver stumble over it a few times last night...

SharkOnLand wrote:Who names these things anyway? Conficker? Although it was semi-hilarious to hear the news anchors in Denver stumble over it a few times last night...

I heard the name was derived from from the name of the orginal website that this virus was pointed too.

Buying a MAC will not solve the problems. Poor computer user behavior will just go to another OS.

LIBuffettFan wrote:

SharkOnLand wrote:Who names these things anyway? Conficker? Although it was semi-hilarious to hear the news anchors in Denver stumble over it a few times last night...

I heard the name was derived from from the name of the orginal website that this virus was pointed too.

From F-secure (http://www.f-secure.com/weblog/archives/00001636.html)

Q: Where does the name "Conficker" come from?
A: Conficker is an anagram of sorts from trafficconverter – a website to which the first variant was connecting.

Q: Why does the worm have two names – Downadup and Conficker?
A: It was found at about the same time by multiple security companies and therefore got multiple names. Today most companies use the name Conficker. There's further confusion about the variant letters among vendors. We're all sorry for that.

I thought I also read on eWeek something about it being comprised of 2 words, "configure" and a German cuss word.

I got a pop-up window with a suspicious request for my log in and password for Twitter.... Gonna run another scan now!

The funny thing is, the patch for this vulnerability was issued last October.

Microsoft Security Bulletin MS08-067


So patch now if you love to click all over the internet blindly and people send you crap in E mails.

If you were infected or think you were, use Microsoft's Malicious Software Removal Tool. You can get that from their security and update site. Follow Spider's advice above.