Any Suggestions for Conficker Worm Protection ?

Discussion in 'other anti-malware software' started by bob1711, Mar 31, 2009.

Thread Status:
Not open for further replies.
  1. bob1711

    bob1711 Registered Member

    Joined:
    Jul 23, 2008
    Posts:
    5
    Can anyone suggest as to what precautions to take tp protect your PC against the " Conficker Worm " supposed to hit on April 1st ?

    I do not have a network. It is a single home PC.

    I have following security software installed.

    Nod 32 Antivirus

    Zone Alarm Pro Firewall

    Super Antispyware Professional

    Thank You.
     
  2. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
  3. ourstanley

    ourstanley Updates Team

    Joined:
    Feb 26, 2008
    Posts:
    804
    Location:
    South Yorkshire, England.
  4. ASpace

    ASpace Guest


    It is more talk than real danger. If your ESET NOD32 is updated (v3 or v4) , firewall enabled and Windows updated you'll have no problems . It has always been like that. :thumb:
     
  5. CrunchieBite

    CrunchieBite Guest

    That's great unless you happen to have a mail server which is running XMON and therefore limited to Nod32 v2.7!

    ~M
     
  6. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Hopefully you've kept it patched though eh? Microsoft released the fix last October.
     
  7. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    The main thrust of the concerns in the security community regarding Conficker and April 1st are focused on what the already infested machines will do. This wiley infestations makes a compromised machine appear as though it already has the official Microsoft patch that plugs the Windows component that Conficker exploits when network-borne, and typically LAN only because most enterprise firewalls don't permit the type of traffic through them to allow an exploit.

    Conficker also spreads via infected USB thumbdrives, which likely represented the initial penetration of an endpoint population followed by the network-borne vector infecting all other unpatched Windows machines on the LAN.

    Several scanning tools are available to check for Conficker's presence. A free one called nMAP, for example. I haven't personally tried it. Other paid ones from Qualys, nCircle, and Tenable come to mind. I expect all AV vendors are scrambling to add this too, so make sure your AV is able to auto-update signatures.

    For personal machines seldom exposed to a LAN with many other Windows computers, the most likely attack vector is via an infected USB thumbdrive. Though, Conficker is sophisticated and capable of growing new attack vectors. One should have robust USB malware defenses anyway because over 10% of infestations in the US, higher in Europe, and still higher in Asia are due to USB thumbdrives.

    Cheers,

    Eirik
     
  8. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    Don't plug usb drives u gave to your friends in an admin accoun
     
  9. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    i was just watching something on the news about the worm conficker, its pretty funny how much they blow it up to be like the apocalypse :D anyways, i know im protected, conficker dont got a chance with me :p
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    It's all over the Local News TV Stations and Cable Networks here plus National News affiliates made their announcements today on their normal timeslots.

    For me this is like a new coolwebsearch all over again. Remember that bunch? And all their variants?

    I do. Worked forums like 24/7 almost 365 during their stretch. :ouch:
     
  11. ambient_88

    ambient_88 Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    854
    I know what you're talking about. :)
     
  12. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,976
    Location:
    U.S.A.
    FYI. You can keep track here: Live blog: Countdown to Conficker. So far, it looks like Y2K all over again.
     
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    There's always some hype with all this sort of "news". UH?

    If people want to get paranoid, there's an easy way to block this bastard from doing whatever it wants to do, even if, somehow, you get your systems infected.

    The Conficker C, as known, or not, will communicate with 50000 domains, per day, to do whatever it needs to do.

    Solution? Block access to those domains.

    Going even further - Block access to the domains Conficker needs to get the machine's IP.

    Going even further - Block access to the domains it needs to get the current date.

    Going even further - Don't connect to the cyberworld, and you'll be just fine.

    All the systems that got previously infected, and, maybe, will become worse, got that way due to the fact that those folks never patch their systems - most don't even know how and that such is needed -, perhaps make use of pirated software, etc.

    The end result is there.

    Everyone else who is careful, I believe they shouldn't worry.

    Heck, even my family, who aren't techy folks, use their systems without antivirus and, guess what, so far, no infections. Why? They know better.
     
  14. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    I'm not a bit concerned over this entire "event".
     
  15. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Re: Conficker Worm vulnerability result

    So what does happen on a vulnerable system if you're infected by the above?
    Bill Pytlovany found out: http://billpstudios.blogspot.com/ :)
     
  16. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,129
    Location:
    USA
    Along with making sure the OS is fully patched download "USB Vaccine". It's a free tool from Panda that will protect the PC and any USB flash drives you have from spreading infection by disabling the autorun functionality.
     
  17. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
  18. Eirik

    Eirik Registered Member

    Joined:
    Oct 6, 2008
    Posts:
    544
    Location:
    Chantilly, Virginia
    Yes, much concern! The traffic to my company website (e.g., AppGuard and EdgeGuard) jumped by over a factor of 20 yesterday and today. The number of enterprise sales leads jumped by almost a factor of 100. Another interesting point, content concerned with stopping conficker NOW was dramatically more popular than stopping the NEXT conficker-like outbreak. Funny how folk are averse to planning for tomorrow.

    Cheers,

    Eirik
     
  19. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Wouldnt a patched windows and limited user account be sufficient?
     
  20. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Maybe a perfect Marketing/Income during this slugglish economy. If you visit Symantec website, you'll see how they are making money. LOL. :D
     
  21. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    Almost any up-to-date av will detect this. The media loves to make the smallest things huge.
     
  22. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    420
    Location:
    Honolulu, Hawaii
    Yeah, they're helping the AV industry. ;)
     
  23. NoIos

    NoIos Registered Member

    Joined:
    Mar 11, 2009
    Posts:
    607
    On european media you'll hear only certain news:
    - Bill Gates ....bla bla
    - Microsoft ...bla bla ( immagine that I've heard ....prime time news....there is a new version of Internet Explorer )
    - Apple ...Iphone...Ipod ( all mp3 players are Ipods )
    - Virus....disaster...

    I'm talking about the news and not computer related shows.

    I don't know what happens in the States but I think the same BS.

    It's the usual story. Incompetents working. And the tv is not a separate world. Just visit your bank, your doctor, local tech iperstore etc. Incompetents working..yes there are exceptions...but it's hard to find them.
     
    Last edited: Apr 1, 2009
Loading...
Thread Status:
Not open for further replies.