How 'bout that Conficker.C trojan worm virus thang?
 

It's supposed to "hit" tomorrow... everybody ready?
_________________________________________
Last-minute Conficker survival guide

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec's Conficker (aka Downadup) tool, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.


http://tech.yahoo.com/blogs/null/132464

Hopefully I will get a bunch of phone calls in the next few days.

I love my Mac.

Ah yes... now we know who created this nasty thang. L O L

Think I removed this one from my PC last night... dang porn sites... I tell ya...

My dad predicts that it will pop up a giant middle finger followed by an Apple commercial We shall see in t minus 2.

be interesting to see who's still online tomorrow.

I am,wait this is today, but it was tomorrow yesterday, when yesterday was today , today was tomorrow and I need some coffee. But I'm still here

Skynet? :-/

I set my calendar/clock to 1943 I will be good for a bit.

Personally, I think it's a conspiracy initiated by Norton et al similar to the Y2K hysteria. It's now April 1, and I haven't seen a thing with my pc this morning that appears to be abno

all's fine here!:D

delete windows, problem solved. although i do have an xp64 box that's pretty well locked down.

Browsing from My iPhone till I can finish the conficker scan. Not letting my laptop have internet before that

Has the world ended? Have we been thrown back into the stone age?

Hello, is there anybody out there?

There are more and more worms and viruses coming out for mac's. I don't think you guys are immune anymore.

yes but they are fun viruses and worms.

What is the best antivirus app for Mac OS X?

Umm...2 fingers of scotch?

Really? Can you point to the Mac viruses seen in the wild? I'd be interested to read about them...I don't follow things as closely as I used to.

My laptop ate my youngest child.

I poured 2 fingers of scotch into the DVD slot of my iMac and now it won't start. You owe me.

No because I don't use a mac. I am sure google would be a better source

Uhhh owning it.

No operating system is immune to viruses, worms, trojans.

There are several differences between Windows and .nix systems.

1st is the approach to security. Windows has been notorious for shipping with open ports and services that the general consumer will never need. Up to at least XP it was possible to set up a new machine with a superuser, basically root account, that has no password.

Software has the ability to install without any notification to the user or any authentication.

Windows, Word, Excell, Exchange, IE share far too much base code. A vulnerability in one of them can allow access to all.

OS X ships with root disabled and enabling it takes multiple deliberate steps. It is not possible to create a user account without a password. Software installs all prompt authentication. Unless you have direct physical access to the machine getting malicious code installed is extremely difficult. Apple embrace the standard Firewall protocol, anything that is not explicitly allowed is denied.

The architecture of the OS, while not immune to being infected, makes it extremely difficult for an infection to spread to the rest of the OS much less another machine.

And OS X is in part Open Source. There are 100x's as many people looking for and shutting down vulnerabilities then there are people trying to create an exploit.

Think of it like illegal immigration, it will always happen, how often it happens is a direct result of your commitment to stopping it. Strong border feces, increased number of agents, multiple checkpoints etc...

So in other words, you made a statement based on...a feeling?

Maybe we should move this to PARF - Mac is a religion after all :p

Anti virus apps for OS X are a generally bad idea.

Every offering from Symantec, McAfee and the smaller guys have created more problems related to slow systems, instability etc... than the risk warrants.

The least problematic so far has been ClamAV (free) although performance hits have been reported.

The Symantec and McAfee solutions have in the past actually INCREASED the risk to OS X users.

No viruses in the wild for OSX, sorry, haters.

Meantime, if you're a Windows user infected with Conficker, or want to know if you are, go here:

http://www.confickerator.com/

I read about it in a tech journal dude. Im sorry for repeating it.

In your original post perhaps you should have said "I read in a tech journal that more and more viruses are coming out for Macs" as opposed to simply stating it as a fact.

The source of those statements in tech articles is usually traced back to unbiased industry experts like Symantec.

It would be very amusing if it was all an April fool's joke.

It's suspected that the 'April 1' reference found in the code is a straw man. Some feel the worm will start to activate in the next couple of weeks, when vigilance drops off.

Most malware now is created with commercial reward as the intent, not destruction.

Probably should have done that.

Apr 1 was only "phase 1" of the bug, as i read the other day.

The "sky is falling" part has not happened yet.

On my puter virus thread there are links to several free programs that will remove the conficker bug.

OK, for the last two hours I have been rebooting per the instructions and still dont see the circle!

There is one other way to detect and remove it, described in this video:

http://www.youtube.com/watch?v=oHg5SJYRHA0

All I know is that it was a nasty bug, am still recovering my pc from it right now.... got in undetected, I was using CA Security Suite, hijack this, spyware guard and spyware blaster.... will keep my cpu on automatic update from now on....

p.s. my last update was five days before infection..

So after I smashed the speakers & the monitor & ripped all of the wires off the back of my computer that means that the virus is gone?

Ian

I think you managed to de-rick it, at least.