Jump to content


about this computer worm....


Recommended Posts

Things like this are a big nuisance for me, but just a nuisance. I support Linux servers at work and use Macs both to admin my Linux boxes and also at home. So all I worry about is collateral damage via Internet congestion. As I said, a big nuisance.

Link to comment
Share on other sites

No need to do all that. Here's the website for the Symantec Conficker removal program. Just download and run this and you'll be fine. It removes all 3 versions of the bug.

W.32Downadup Removal Tool - Symantec

The real problem with this worm is it's a real headache for network admins and there are millions of people running outdated software that don't know they're infected.

Edited by JonnyRock
Link to comment
Share on other sites

Heres all you need to know in this article. Were monitoring this at work as we deal in computer related crime etc.. Basically, Don't panic. It wont all hapen on one day. You should update Windows now, and your antivirus. Then Run a Conficker removal tool like the one above or one from this ad.


Link to comment
Share on other sites

I don't know where it came from but it took me yesterday and today to remove a virus from my computer.I thought it was gone yesterday except there was a box on my desktop with an a in it.This morning I woke up to loud heavy metal music playing for no reason. I don't know why because I don't listen to that kind of music.I pulled up history and it showed a line of A's over and over. I updated my AVG and everything seems fine.It also kept showing an ad for virus 2009 all over the screen that would not stop popping up.It is gone now.

Link to comment
Share on other sites

I only know a bit about this virus. Will a standard anti-virus software find the trojan when it first comes in? Do I need to worry if my Avast hasn't flagged anything coming in lately?

Yes it should have caught it before anything could happen if you've got Avast always-on. However, if for some reason it got by then there's a good chance Avast won't locate it. This bug's very good at disabling anti-virus software.

It never hurts to run the Symantec removal client.


Here's the GIZMODO article:

Giz Explains: How a Brainy Worm Might Jack the World's PCs on April 1

"It's lurking in millions of PCs around the world. It's incredibly sophisticated and resilient, with built-in p2p and digital code-signing technology. It revels in killing security software. On April 1, the Conficker worm will activate.

The scariest thing about the Conficker worm is that literally millions of infected Windows PCs could be linked together to do its bidding. The second scariest thing is that no one really knows what its creator is going to do with this virtual army on April 1, when it's scheduled to contact a server for instructions. It's so bad, Microsoft has a running $250,000 bounty for the author, dead or alive. (Well, they probably want him alive, but they hate his guts.)

The New York Times' John Markoff rounded up some of the more ingeniously evil possibilities in a compelling article, the most sinister being a "Dark Google," postulated by University of California at San Diego researcher Stefan Savage, that would let bad people scour zombie machines all around the world for data to sell to other bad people.

But let's back up a bit. Conficker—whose weird name is a combination of "configuration" and a slightly more polite word for f***er, according to Urban Dictionary—actually began life as a lowly, "not very successful" worm in November, says Vincent Weafer, VP at Symantec Security Response. Weafer told us it exploited a Microsoft remote server vulnerability that had already been announced and patched the previous month, so the only systems that were vulnerable were the ones that weren't up to date.

The B release, pushed in December, on the other hand, was "wildly successful," says Weafer, infecting millions of unpatched computers because it's an aggressive little bastard—the first worm in years on a scale like Blaster. It has built-in p2p capabilities, and brute forces its way into open shared folders or printers, so it can crawl an office network quickly. It also piggybacks onto USB flash and hard drives. On top of all that, it's designed to be incredibly resilient, killing security software, disabling Windows Update, and digging down deep.

The C release came out this past month. It doesn't go after new machines—it's actually a payload for computers already infected with B. It transformed Conficker from a sneezing pandemic into a seriously nasty plague. With C, its p2p powers are extended further, with digital code-signing, so it only accepts trusted code updates from itself. That means security experts can't simply inject code to neutralize it. The patch also made Conficker better at killing security software. And it expanded the scope of the domains it tries to contact for instructions from 250 to 50,000, completely neutralizing security experts' previous tactic of seizing the domains. There's effectively no way to the cut the head off of this demon snake. The stage is set: On April 1, Conficker will reach out for the millions-strong zombienet's next set of instructions.

So what will happen? Well, no one knows for sure. Conficker's creator can do whatever he wants with his army. Launch massive denial-of-service attacks, setup the "Dark Google" syndicate, target millions of new machines, or generate a tidal wave of spam that'll crash against servers all over the world.

Most likely though, Weafer told us, Conficker's creator is motivated by money—they'll rent it out. And if Conficker's used as a massive doomsday tool, they'll "quickly lose the ability to make money" with it. A low key operation harnessing the power of computers that are mainly located in developing nations may not have a big impact, though it would certainly set a terrible precedent: Whatever Conficker's results, they will lead others to develop this idea in frightening new directions.

Conficker's innovative approach that utilizes p2p, code-signing and a distributed domain setup will very possibly serve as inspiration to other malware writers, who Weafer said "you can bet" are watching Conficker's success very closely, just as Conficker's creators have clearly learned from past malware. It's like evil open source.

That doesn't mean April 1 will be a "digital Pearl Harbor." If your machine is patched and up to date, the Microsoft Report's Ed Bott tells us, you'll probably be totally fine. And yes, you can get rid of it if you happen to be infected. There is an outside chance Conficker could turn into a massive parallel computer that borders on self-aware, come April 1, but more than likely, the day will come and go without you noticing anything weird, just some extra spam in your box for some V@ltr3xxx."

Edited by JonnyRock
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...

Important Information

By using this site, you agree to our Privacy Policy and Guidelines. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.