* Conficker C & April 1st *

aliEnRIK

jingle68 wrote: »

should i remove my AVG Free & install AVIRA ?

Yes

Uninstall it then use the 32 bit AVG removal tool (JUST uninstalling leaves bits behind)
http://www.avg.com/download-tools

yorksrabbit

aliEnRIK wrote: »

What happening April 1st anyways? Nuclear war? aliEns start taking over the world? Atlantis rises from the depths?

Well I didn't know anything about Imminent Doom (OK, perhaps not) but apparently our friend's son is a member (?) of PC Pitstop and read this blog:

http://billpstudios.blogspot.com/2009/03/conficker-judgement-day-on-april-1st.html

I'm a Windows Secrets subscriber (used to be the old LangaList) and can't recollect seeing any such warning on WS.

Marty_J

Wow, I'm glad I don't use Windows. Good luck with all that.

Still, it might not be as bad as it seems:

http://www.channelregister.co.uk/2009/03/30/conficker_signature_discovery/

S0litaire

How about this.....

Tell the person on question if they are worried about what will happen on the 1st...
Don't turn the PC on!
Have a day away from the PC,
Go out and do something interesting outside.

simples!

Oh and run a virus check

yorksrabbit

Marty:

Many thanks for that link: it certainly made for interesting reading!

Must admit, I myself was a *little* concerned (i.e., definitely not panicking) after being given the link to the Pitstop blog, because its author didn't seem to be a crank or one of the usual drama queens prophesying Armageddon.

Solitaire: er, I can understand your reasoning, but I've already down-played the "threat" to our friend's PC to the extent that when she asked if she should not use it at all on April 1st, I told her not to be silly -- on the basis that if I'd given too much credence to her anxiety, she might then have started worrying all over again on April 2nd.

Conficker does seem to have worried a lot of IT specialists though. Be interesting to hear any IT news -- if any -- after April 1st.

PROLIANT

yorksrabbit wrote: »

Conficker does seem to have worried a lot of IT specialists though. Be interesting to hear any IT news -- if any -- after April 1st.

Well, it is not worrying me at the moment, just certain people in the IT industry get over exited sometimes - being stuck in a server room most of the day without sunlight has adverse mental effects, or is it the 50Hz emf interfering with our brains?
Anyway, be sure that you have the MS08-067 vulnerability closed ASAP as this will minimise infection and/or spread as it embeds itself in the registry and spreads via UNC Shares/Network Drives.

yorksrabbit

Thanks proliant -- yup, that's a patch I've had for a while but I did send the Knowledge Base link through to our friend and she's installed it (or already had it via auto updates.)

fwor

PROLIANT wrote: »

just certain people in the IT industry get over exited sometimes

I don't think they are getting over excited. The problem here is fear of the unknown. They don't know what the 1st April "payload" will be programmed to do.

For example, if each "owned" PC were instructed to send a continuous stream of data to random IP addresses which were known to be on a different continent - something that would be easy to program - then 3 million PCs would I guess easily overwhelm any international links that they chose to target.

However, the experts seem to reckon that a Denial of Service/blackmail attack on one or more internet businesses is more likely. If they are right, most of us probably won't even know it happened - I'm led to believe (but have no way of confirming) that big businesses generally pay up rather than take the hit on their internet connections.

PROLIANT

fwor wrote: »

I don't think they are getting over excited. The problem here is fear of the unknown. They don't know what the 1st April "payload" will be programmed to do.

For example, if each "owned" PC were instructed to send a continuous stream of data to random IP addresses which were known to be on a different continent - something that would be easy to program - then 3 million PCs would I guess easily overwhelm any international links that they chose to target.

However, the experts seem to reckon that a Denial of Service/blackmail attack on one or more internet businesses is more likely. If they are right, most of us probably won't even know it happened - I'm led to believe (but have no way of confirming) that big businesses generally pay up rather than take the hit on their internet connections.

Fwor, yes the threat level is high, however good ICT System management will minimise the threat, good security appliance like CISCO, SNORT Based UTM appliance detect and deal with network Trojans et al; I think security experts are just being cautious.
Bring it on! As long as it stays away from my network or else.

spud17

Received this article today,

http://windowssecrets.com/2009/03/30/01-Run-a-Conficker-removal-tool-before-April-1