A super nasty computer virus, Conficker, is due to strike tomorrow, April Fool’s Day. Here are two useful articles that may help.
~Eowyn
………
Last-minute Conficker survival guide
Tue Mar 31, 2009 1:42PM EDT
http://tech.yahoo.com/blogs/null/132464
Tomorrow — April 1 — is D-Day for Conficker, as whatever nasty payload it’s packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type — passwords, credit card numbers, etc. — and send that information back to its masters?
No one knows, but we’ll probably find out soon.
Or not. As Slate notes, Conficker is scheduled to go “live” on April 1, but whoever’s controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there’s less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C — the latest bad boy — will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there’s no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.
Conficker’s a nasty little worm that takes serious efforts to bypass your security defenses, but you aren’t without some tools in your arsenal to protect yourself.
Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.
But if Conficker’s already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss — try booting into Safe Mode, which Conficker prevents, to check — you should run a specialized tool to get rid of Conficker.
Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec’s Conficker (aka Downadup) tool, Trend Micro’s Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don’t have Conficker.)
As a final safety note, all users — whether they’re worried about an infection or know for sure they’re clean — are also wise to make a full data backup today.
What won’t work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won’t help if the malware is already on your machine — it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.
……………..
How to tell, what to do if computer is infected (AP)
Posted on Sun Mar 15, 2009 12:46PM EDT
http://tech.yahoo.com/news/ap/20090315/ap_on_hi_te/tec_inside_a_botnet_checklist
Computer-virus infections don’t cause your machine to crash anymore.
Nowadays, the criminals behind the infections usually want your computer operating in top form so you don’t know something’s wrong. That way, they can log your keystrokes and steal any passwords or credit-card numbers you enter at Web sites, or they can link your infected computer with others to send out spam.
Here are some signs your computer is infected, tapped to serve as part of “botnet” armies run by criminals:
• You experience new, prolonged slowdowns. This can be a sign that a malicious program is running in the background.
• You continually get pop-up ads that you can’t make go away. This is a sure sign you have “adware,” and possibly more, on your machine.
• You’re being directed to sites you didn’t intend to visit, or your search results are coming back funky. This is another sign that hackers have gotten to your machine.
So what do you do?
• Having anti-virus software here is hugely helpful. For one, it can identify known malicious programs and disable them. If the virus that has infected your machine isn’t detected, many anti-virus vendors offer a service in which they can remotely take over your computer and delete the malware for a fee.
• Some anti-virus vendors also offer free, online virus-scanning services.
• You may have to reinstall your operating system if your computer is still experiencing problems. It’s a good idea even if you believe you’ve cleaned up the mess because malware can still be hidden on your machine. You will need to back up your files before you do this.
How do I know what information has been taken?
• It’s very hard to tell what’s been taken. Not every infection steals your data. Some just serve unwanted ads. Others poison your search result or steer you to Web sites you don’t want to see. Others log your every keystroke. The anti-virus vendors have extensive databases about what the known infections do and don’t do. Comparing the results from your virus scans to those entries will give you a good idea about what criminals may have snatched up.
Eowyn,
Good, and timely, info. For me and Mrs. Doktor however, it’s not so much of a problem since I have Windows 2000 on our notebooks. The virus targets the “more secure” Windows XP and Vista.
Doktor ITGeek
Just a slight addition. We also both have Symantec Anti-Virus with the Definitions dated March 31, 2009. Huge thing to have an updated virus checker.
Thanks for the info, Eowyn and Dok.
Worm attacking . . . can’t hold out much longer . . . computer ge t t t i i i n n g slooooower. Must . . . . fight . . . . somehow . . . . .
Virus . . . . IS . . . . . super . . . .
Has . . . . . big . . . red . . . . . cape . . . . and . . utility . . belt . . .
Nice . . . . . . . . . boots . . . . though
Typing . . . . in . . . . . staccato . . . . fashion . . . . .
Irritating . . . . . . . . as . . . . . . hell . . . . . . .
Fading . . . . . . fast . . . . . . . . . . . . . . . . . . . . .
Augh!!!!!
Doktor Drama
April Fools!
I’m really alrig . . . .
The first thing I did this morning after getting out of bed is to turn my computer on, get onto Gio’s World, and saw this.
Thanks for starting my day with many laughs, Dok! What will we do without your peerless wit?
P.S. Perhaps someone can do an audio recording of one of your music gigs? Or if it’s a video recording, focus on the other band members but leave your face out? Michele and I and, I’m sure, your other friends on Gio’s World, would just like to hear your music.
Besides, we don’t care what you look like anyway. As if the rest of us are beauty contest material (well, excepting Jen)!
We love you just the way you are, Dok.
Good idea, Eowyn. We want to hear your band, Dok!
I wondered why my ears were burning… you’re much too kind….
And have you had your eyes checked lately, my friend?
Well, wipe all of the Vaseline off of the camera lens and give us another PICTURE.
Doktor Depiction
Took that one the other day, figured it would show my age. Those aren’t blonde hightlights, that’s pure white, baby! LOL
Doktor:
You really do make me laugh with some of your comments. Thanks for giving us some good laughs. We appreciate your humor.
You folks are giving me WAY too much credit. Really. I am just a simple guy with an abnormal, twisted mind. That’s all. Thanks anyway, though.
Speaking of the lovely Jen, both myself and Mrs. Doktor have noticed her dearth of postings. Did she say she was going on vacation or a trip? My brain’s memory doesn’t work as well as it used to – actually, it hardly ever did – and I can’t remember if she mentioned something about being gone. Just wondering.
Doktor Deviant
Dok,
I recall Jen saying that she & husband will be really busy in springtime because that’s when they get most of their business in outdoor furniture refinishing. So, I assume this is why she hasn’t been around much.
If her absence continues, I’ll send her an e-mail to inquire if she’s okay.
Jen: If you see this, please drop us a quick note so we don’t worry!
I’m here! I’m alive!
You are exactly right Eowyn, it’s the busy season. I MISS BEING HERE! I check in when I can, but i have hundreds of posts in my RSS reader waiting to be read, from here and elsewhere. I feel out of the loop right now.
Thanks so much everyone for noticing my absence. I really miss all of you! I hope to be back here regularly after the 4th of July or so.
Hey, I actually feel extraordinarily blessed to have this much work to do in the present economy.
Love to all!!
Jen!
Thanks for dropping us a line letting us know you’re okay. I’m so glad you have lots of business! Take care!
Good for you and your husband! Glad to hear you have no time due to work.
We’re all thinking of ya.
Dok