Posted on 03/31/2009 4:59:22 PM PDT by papasmurf
The conficker worm, aka:Downup, Downadup and Kido, is scheduled to become active at 00:01:00 AM on 04/01/09.
It's a complete unknown and has many experts worried. If you aren't sure about being protected on your Windows machine, please download the FREE application from Microsoft called Windows SteadyState , and install it.
It only takes a few minutes, it's very easy and simple, and it will protect your hard drive. I use it on my XP Box and my Wife's Vista laptop, and I know it works.
Download it, click to install, open it, and select "User Restrictions", and (if you do nothing else), select "Protect the Hard Disk".
After that, anything and everything that is installed will be deleted after a reboot. it's just that simple.
Read the help and "How To" that pops up after installation to find out more.
As much fun as Shadow Ace's threads are, it would be a shame to have 100 or so FReepers needing help in recovering their hard drives tomorrow.
So, remember, No disk glove, no data love!
US-CERT.GOV
http://www.uscert.gov
Note: The following text is a quote:
http://www.uscert.gov/current/index.html#conficker_worm_information
Conficker Worm Targets Microsoft Windows Systems
added March 29, 2009 at 08:18 pm | updated March 30, 2009 at 03:06 pm
US-CERT is aware of public reports indicating a widespread infection of the Conficker/Downadup worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a corporate network, if the network servers are not patched with the MS08-067 patch from Microsoft.
Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection may be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
http://www.mcafee.com
If a user is unable to reach any of these websites, it may indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet - in the case for home users.
Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Please see below for a few of those sites. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:
Symantec:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
Microsoft:
http://support.microsoft.com/kb/962007
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.
US-CERT encourages users to prevent a Conficker/Downadup infection by ensuring all systems have the MS08-067 patch (see http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software.
Last minute tech ping for conficker warning.
So, this isn’t a April Fools joke?
Excellent, thanks, Cindy.
I’ll be monitoring this board and the overseas boards right after American idol in case anyone needs assistance or can supply us with updated info.
unfortunately, it isn’t
How is Sydney fairing Up its April 1 there I think
Absolutely not. Stay safe.
Hows corn flicker, you up and running?
Thanks.
What can I expect will happen ?
One word: iMac
ping for info......
There are several good apps out that will isolate your HD and save your bacon. It’s just that I know this works, and it’s free.
I’ve tried to defeat it, and it works as advertised every time.
I got this bugger on my work computer back in December. It was hell to get rid of, but I left that duty to the “capable” hands of the hospital’s IT department. They had to completely wipe my hard drive clean to eradicate it. If it had been my personal PC that got it, I’d be so screwed.
This only hit people who didn’t stay up to date on their patches - such people would not have stayed up to date on an iMac. But they could rest soundly at night knowing their money went to help nearly every ultra liberal cause in California.
ping
And you don’t think that Bill Gates and his people are liberals. LOL
They don’t directly support nearly as many ultra liberal causes compared to those at Apple.
It isn’t even close.
Thanks for the Heads Up & the link.
ping
Yeah works great, as long as you are not running a 64bit operating system. Thanks for the heads up though.
I think I’m gonna say hell with it and take my chances. If ya don’t see me here tomorrow, you’ll know why.
“One word: iMac”
And another word: Linux
Here is a link to a fix released today if you don’t want to bother with MS:
http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDwndp.exe
What to do if you are infected If you are reading this page, your computer is probably not infected with Conficker as the worm blocks access to most security web sites. If you have a computer that is infected, you will need to use an uninfected computer to download a specialized Conficker removal tool from. The tool is available here.
Can I load it on friends computers and let them restore it as needed?
Follow some of the links in post #2 - if you can “get in” you’re safe. I tried it - and I’m OK...
Good, glad it’s useful.
Really it is. This thing is based on a virus that’s been on the detection list for all the major AVs for months, and it exploits a Windows vulnerability that got patched last year. But everybody loves the fear.
Check out Cindy’s links in reply #2 - if you can follow the link, you’re OK..
You are misleading people here.
Steady State does not protect a machine against worms, nor does it protect data.
Its purpose it to prevent changes through the user interface and rollback changes to the disk since a checkpoint.
Your data could have been irretrievably destroyed or damaged by a worm or virus. Steady State does not do the baseline backup!
You need to have a separate backup of your data — as always.
Steady State is fine as long as you also have a firewall, AV, backups, etc.
It does not do that much by itself.
What to do if you are infected
If you are reading this page, your computer is probably not infected with Conficker as the worm blocks access to most security web sites.
So I think I'm OK. I hope!
Any day someone will write a worm to wipe out Steady State’s rollback information. That’s when you really need your separate backup.
Great.
Bookmark.
That’s not what it says. It says if you are infected, you MIGHT not be able to get in.
Bookmark
I just got an alert from Macafee that I am up to date, do you think it’s ok?
Good.
I’m not a geek (the only one in the family who isn’t) so I can’t really answer you.
I know Macafee is a good system.
I really don’t want to get grumpy with you over this, I hate libs as much as the next guy, maybe even more than most.
But, I had flat had it with the Gates junk. He’s been stealing us blind for decades. I required something more than he offered and something much more dependable.... and I was willing to pay for it.
I have had my first iMac for 8 months and I haven’t turned gay, I hate Gore just as much as I always have, and this thing has been flawless.
The only issues I have had were cause by my ineptness, and on each occasion I have been able to get through on a call to a tech within 4 minutes, usually less. They have all been very helpful and will not let you get off the phone until you are satisfied.
Perhaps others have enjoyed the same experience with the Gates products, but I NEVER did.
You said, Download it, click to install, open it, and select “User Restrictions”, and (if you do nothing else), select “Protect the Hard Disk”.
After that, anything and everything that is installed will be deleted after a reboot. it’s just that simple.
What do you mean “anything and everything that is installed will be deleted after a reboot...”? Can you clarify this?
thanks.
great :(
I just did this much - “(if you do nothing else), select “Protect the Hard Disk”
firefox w/zonealarm has been just fine for me with an occassional sys/restore rollback to the day before for strange annoying popups etc.....almost never use IE unless I REALLY want to see something that ff won’t open; and have win firewall off.
In anticipation of tomorrow, I guess I’ll do a backup now, yes?
Yeah, the program is pretty self sufficient too. I don’t even do anything, automatic update, automatic fixes. And the coolest part is that it comes free with my internet provider as part of their service.
So by getting their broadband (which only cost $11 more a month than the dial up), I got a free Macafee subscription.
And I can use the same account and get internet virus protection for all the computers in the house (kid’s computer in living room, my office, laptop for taking on appointments, etc...)
My poor husband can barely turn a computer on and he’s surrounded by them. He swears they are going to wake up one night with a kitchen knife over his head, haha.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.