Conficker Worm – information you can use
There has been a lot of media hype over the last couple of days regarding a worm called Conficker which is supposedly going to create mass havoc on April 1. We have received several calls from concern clients regarding this and I wanted to provide an authoritative source of information you, our valued clients. I have been disturbed by the way the national media has reported on this worm as they provided background information, but do not answer your basic question… what do I do now?
The Conficker worm has been infecting computers since 2008 and has been silently operating on many computers across the global. They are part of a wider know series of threats known as BOTNETs which can effectively turn infected computers into “BOTs” to perform the desired tasks of the maker, such as sending spam or hacking activity. More information on Conficker and BOTNETS can be found below.
What is supposed to happen on April 1
The actual threat is unknown; however up to the moment reports show that we have seen no significant problem with our clients. Experts who have examined the code have indicated that it will simply contact the maker of the worm to receive new instructions. But no illicit activity has been indicated.
Am I really at risk?
Probably not, Microsoft released a security update in October 2008 to protect against Conficker. If you keep your system up to date, you shouldn’t have to worry about Conficker.
What do I need to know or do?
- If you are running a currently supported Microsoft Windows operating system (Windows XP or Vista) then all you need to do is run Windows Update on your computer, and ensure that you have installed all the updates available. You should make sure that you run the update process multiple times until there are no new updates available.
- If you are not running a currently support Microsoft Windows operating system, then running current anti‐virus software is an absolute must as Microsoft does not provide security updates for your software.
- Ensure that your anti ‐virus software is installed, up‐to‐ date and actually running; then perform a manual scan of your entire hard drive (typically called “full scan” or “on demand scan”).
How would I know if I’m infected?
Just like your doctor, we don’t diagnose any system we cannot interact with, however here are some common symptoms that your computer is infected with Conficker or another virus, worm or other malware
- Your computer is suddenly running much slower than normal;
- You see a red shield icon which says your anti-virus or firewall has been disabled;
- You notice that your anti-virus software is not running, or attempts to go to security websites fail;
- Browsing the internet will bring you to unexpected websites;
- While visiting known commercial websites (google, msn, apple, walmart, etc) you are plagued with popup advertisements;
- You receive a pop-up warning that your computer is infected from something other than your current anti‐virus software (if you use Symantec, only Symantec should be warning you about virus, no other software can magically detect that you’re infected);
- You begin to receive a significant increase in spam or junk e-mail
What can I do if I know I’m infected
There are several tools available online to remove a virus once you’ve been infected. It can sometimes be difficult and you just might want to have us resolve the problem for you. However, every major (and reputable) anti-virus software vendor has a FREE tool which will remove this worm, as well as Microsoft. The only free tools you should use must come from a reputable company (Microsoft, Trend Micro, Symantec, McAfee, AVG, etc) – if you’ve never heard of the software company, don’t take their free tool. Here is a partial list of removal tools, and the successful use of ONE of these will do the trick:
- Microsoft’s Malicious Software Removfal Tool:
- Microsoft Windows Live OneCare Safety Scanner
- McAfee’s Stinger Tool:
- Symantec’s Removal Tool:
- Sophos Removal Tool:
This article was based in part on the following websites, where you can find additional detailed information: