Conficler alert

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
A friend who usually knows whereof he speaks sent this...
=========================================================
Hey everybody,

The Conficker virus is no joke about being activated April 1st.  You
may already have it on your system just waiting for the date to
change.  If you have it, it's much better to get rid of it before it
activates.  As always, keep your "bug catchers" updated regularly.

Grab this tool directly from McAfee to scan & remove this specific
threat: http://67.97.80.71/vil/conficker_stinger/Stinger_Coficker.exe

With several variants already out there, McAfee has pledged to update
this tool daily as new variants are discovered, therefore I recommend
you RUN it directly from McAfee without saving it to your computer to
get the most current update.
=============================================================
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: Conficler alert


Quoted text here. Click to load it

Here's the MS version:
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx. Click on
your operating system to download.
-- Ernie




Re: Conficler alert



Quoted text here. Click to load it




| Here's the MS version:
| http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx. Click on
| your operating system to download.
| -- Ernie

They are not "versions" of each other.

MS08-067 is the HotFix to patch the OS.

McAfee Stinger is a targeted "On Demand" scanner and removal tool if the PC is
infected.

And Here's Sophos "On Demand" scanner:
http://www.sophos.com/products/free-tools/conficker-removal-tool.html


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Conficler alert

David H. Lipman wrote:
Quoted text here. Click to load it

I get the royal runaround at that link.

Re: Conficler alert


| David H. Lipman wrote:

Quoted text here. Click to load it

| I get the royal runaround at that link.

LOL -- You're right.

You have to sign up for a name & password top download it.
https://secure.sophos.com/products/free-tools/conficker-removal-tool/download
PITA !!

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Conficler alert

David H. Lipman wrote:
Quoted text here. Click to load it

I did all that and still it didn't ever give a working DL link,
not to worry,as I don't have the malware in question.

Re: Conficler alert


Quoted text here. Click to load it

Here's the Trend Micro conficker removal program link - no sign-up required.

https://trendmicro1.rsys1.net/servlet/cc6?ljuQUBTTQSVMkLzflhgxzbOLklQgLlVaVSA

-Frank


Re: Conficler alert

Frankster wrote:
Quoted text here. Click to load it

Seems that you have to be a current subscriber to use this cleanup tool.

Re: Conficler alert

On Tue, 31 Mar 2009 20:47:34 -0400, "David H. Lipman"

Quoted text here. Click to load it

Indeed. Not much use if you are in the middle of trying to deal with
an infection.

Re: Conficler alert

Ernie Jurick wrote:
Quoted text here. Click to load it
Thanks, Ernie, I am clean as of 6:30 p.m.  Will try again tonightl

Re: Conficler alert


| Thanks, Ernie, I am clean as of 6:30 p.m.  Will try again tonightl

LOL -- If you are clean now but maybe not clean later and you have to scan
again...  You
have a BIGGER problem !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Conficler alert

David H. Lipman wrote:
Quoted text here. Click to load it
Why would I have a bigger problem if I scanned later before April 1?

I have WinXP Pro, ser. pack 3.  Also, in the Win page, there is no patch
for that.

Re: Conficler alert


| David H. Lipman wrote:

Quoted text here. Click to load it


| Why would I have a bigger problem if I scanned later before April 1?

| I have WinXP Pro, ser. pack 3.  Also, in the Win page, there is no patch
| for that.

Because if you you HAD to scan then you are assuming you WILL get infected.

If you had MS08-067 installed, disabled AutoPlay and AutoRun, were behind a NAT
Router or
a FireWall and had your AV appluication up to date then you would NOT need to do
a "On
Demand" scan specific to the Conficker worm.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Conficler alert

NoTechie wrote:
Quoted text here. Click to load it

Because the worm is "evolving" - ie, its builders are updating it. A
tech guy on CBC this am claimed that what conficker seems to do on April
1 is update itself.

Sigh.

wolf k.

Re: Conficler alert

Wolf K wrote:
Quoted text here. Click to load it

And CTV has this story saying that the earliest victims are the ones
with pirated copies of Windows OS:
http://www.ctv.ca/servlet/ArticleNews/story/CTVNews/20090401/conficker_worm_090401/20090401?hub=TopStories

After reading the article a thought, that perhaps Microsoft itself
created this worm, crossed my mind.

Re: Conficler alert

Quoted text here. Click to load it
http://www.ctv.ca/servlet/ArticleNews/story/CTVNews/20090401/conficker_worm_090401/20090401?hub=TopStories
Quoted text here. Click to load it

Preposterous!

Although some of their code *is* responsible for its great success.



Re: Conficler alert


Quoted text here. Click to load it

From the article: "And because many users in these regions use
machines with pirated copies of Microsoft operating systems, they may
not be receiving the anti-virus update services that licensed Windows
users are provided with."

My question is, what possible connection is there between a pirated
copy of Windows and an inability to get AV updates? I don't see any
relation.


Re: Conficler alert


Quoted text here. Click to load it

Typical mass-media distortion due to the reporters knowing nothing of what
they write.

Bootlegged copies of Windows don't get access to Microsoft's myriad of
updates to Windows to fix all the vulnerabilities they keep finding.

--
Bert Hyman    St. Paul, MN    bert@iphouse.com

Re: Conficler alert


Quoted text here. Click to load it

Thanks, but it's my understanding that even pirated copies of Windows
get all the security updates. They just don't get the non-security
stuff. And secondly, it seems to me that someone who has gone to the
trouble of pirating Windows is 99% of the way there, so it makes no
sense to me that they wouldn't do the last 1% and simply patch WGA so
that all types of updates work as expected. It's too easy to ignore.


Re: Conficler alert

On 04/01/2009 12:58 PM, Char Jackson sent:
Quoted text here. Click to load it

Hello:

Of course you're right about the AV updates.  However, the reference to
pirated copies of the OS could mean that the users are keeping their WU
turned off and do not seek the OS updates that would attempt to keep the
system updated (safer?).  WGA could come roaring in and drop a dime on
the user.

Hence, some users might lack MS08-067 and the Autorun fixes in an effort
to remain undiscovered by the software police.

Pete
--
1PW  @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]

Site Timeline