Bay 12 Games Forum
Finally... => Life Advice => Topic started by: Vaiolis on March 26, 2009, 09:32:51 pm
-
I've heard from a few sources that there is some sort of virus called the "Conficker Worm" (also Downadup) that has millions of computers infected. And apparently it is supposed to do something (bad I'm guessing) on April 1st. I've no idea how wide-spread this virus is, but I suggest that nobody turn on/have on their computer at this date. It's only affecting windows luckily, but as I'm not positive, perhaps all platforms should be wary. I just learned myself that it has been around for quite a while, but April 1st is said to be the date it does... whatever it is told to. Microsoft put $250,000 USD into trying to find this virus, and many companies are planning on turning off their computers for that day.
Now, I'm fairly skeptical with all this, but as far as I can tell, keeping a computer off for a day is far better than having who-knows-what occur. So, I suggest everyone do so, and please spread this message to anyone else who may not know about it.
If everyone here pretty much took this information as common knowledge, I apologize for my naivete. And for those who don't believe me, search for it on google or something.
As an edit, http://www.bdtools.net/ offers a tool to remove all versions of the worm. Using this might not be a bad idea either, but I haven't tried it, and have absolutely no idea if it is safe. Sounds safe enough though.
-
Here (http://news.cnet.com/8301-1009_3-10204590-83.html)'s an article on it. Look stuff up, Vaiolis.
-
Sorry, I didn't think I needed to place all that much into this. Just wanted to alert those who might not be aware of it to its existence is all. And with how fast internet rumors can go these days, I dislike stating much as fact.
-
Why turn them off? Why couldn't I simply disconnect my connection to the internet for a day?
-
Why turn them off? Why couldn't I simply disconnect my connection to the internet for a day?
Because that you may already had your computers infected, and when it can't connect to teh intertube, it wipes out your HDD.
OMG... Do I need to set up a virtual machine, just in case?
-
April 1st you say? I'd be surprised if it just popped up a humorous joke.
If it's more malicious, than I'd reckon that's pretty close to terrorism.
-
Conficker Worm? More like (http://i1.fc-img.com/CTV02/Comcast_CIM_Prod_Fancast_Image/23/260/1227621865373_10ConquerorWorm_mif_640_320.jpg)
-
Oh fisher, you dog.
And: April 1st? Evil worm virus?
I'm not shutting off my rig.
-
I'll take my risks to be on these boards then.
-
I had it at work... a partner lent me his pendrive and bam! once inside hard to get it out.
I believe the reward is like 500.000 us$ now...
The impressive thing about the virus is that it seems to be unable to be removed with any of the common Antivirus tools and prevents from downloading Microsoft's repairing services.
I detect it every time with AVG... Move it to the vault. Delete it. Whatever.... But each time I turn my computer on again I run a scan upon startup and there it is...
-
Conficker Worm? More like (http://i1.fc-img.com/CTV02/Comcast_CIM_Prod_Fancast_Image/23/260/1227621865373_10ConquerorWorm_mif_640_320.jpg)
Love.
I hope nobody minds me quoting this here, in my mind there's no such thing as too much Price (ahem, the Price is never too high ;D)
Oh, and you know in non-America (or at least, in the UK), this film was released as "Witchfinder General". I have to say that I much prefer this title; besides, Poe = nothing at all to do with this film.
-
If windows can't delete it, try with linux, check msconfig, that kind of stuff.
It could be loading through settings that can be changed in msconfig, and deleting it through linux or the windows recovery console(can be accessed through the install disk somehow) would not give it tile to recreate itself.
-
Not worried. Hell I'm not even turning off my 'net on the first.
Looking at the link put up by penguinofhonor it's obvious that the person(s) coding this is either a professional who has training or a complete out-of-the-blue savant. Regardless, for them to be able to just constantly top security measures like that it's obvious they have some pretty decent support. Which costs money. Which means either they're willing to take a pretty big financial hit, OR this a money making scheme.
If it is a money making scheme then they almost certainly DON'T want to break the system, since it's what they're stealing money from. In general I would just avoid using paypal, checking your bank statements online anything like that. I expect either a truly MASSIVE wave of spam, or out-of-the-loop people's money to go unexpectedly missing.
However for people who have heard of this I expect to experience a big lot of nothing, and a royal pain in the ass removing the thing. Hell if they're clever or real smartasses the virus will uninstall/delete itself when they're done(actually a good idea. Since the encryption method they're using right now is difficult to break it's actually smart for them to cause everything to go
"poof" so no one has time to properly break it, hence it can be used again later)
-
a truly MASSIVE wave of spam,
'Spam', is a nonpolar completely un-crystalized solid. It cannot acheive the form of a liquid except through very high temperatures.
So, by saying that we will be hit by a 'wave' of spam, you are saying, figuratively of course, that we will be doused with molten liquidated meat products.
Of course if it was just a method of speech, I can understand.
:P
-
Does Norton detect this?
-
Nope. Are You kidding me, all AV's suck cocks.
You cant do shit against properly crypted virus.
-
On the other hand, it must run to decrypt to become a virus.
I quit using java(as an IE add-on) after seeing that it could be used for a powerful online virus scanner that may have had the power to delete viruses...
One less way it could run without me knowing, right?
-
a truly MASSIVE wave of spam,
'Spam', is a nonpolar completely un-crystalized solid. It cannot achieve the form of a liquid except through very high temperatures.
So, by saying that we will be hit by a 'wave' of spam, you are saying, figuratively of course, that we will be doused with molten liquidated meat products....
In an oxygen-free kiln, or else it would combust.
That sounds downright dwarven!
-
a truly MASSIVE wave of spam,
'Spam', is a nonpolar completely un-crystalized solid. It cannot achieve the form of a liquid except through very high temperatures.
So, by saying that we will be hit by a 'wave' of spam, you are saying, figuratively of course, that we will be doused with molten liquidated meat products....
In an oxygen-free kiln, or else it would combust.
That sounds downright dwarven!
Oh god, that's given me ideas for Gobbo killing. Death by meat that's on fire anyone?
-
Well, this worm did absolutely nothing to me. Did anyone else notice anything?
-
Nope. Nadda.
-
This hit my school. At least, thats what everyine says. Interwebs was down for 3-4 hours.
-
This hit my school. At least, thats what everyine says. Interwebs was down for 3-4 hours.
whoever manages your network should get a biscuit that menaces with spikes of unemployment.
-
Yes. And rings of failure
-
Well, this worm did absolutely nothing to me.
Thats how you know your computer's been infected. It's that subtle.
-
Then you find out all your money is gone.
-
Drops gave an announcement about this at school. I promptly forgot about it and carried about my business as usual.
Nothing happened.
-
Nothing happened to me, mind you my computer's acting funny. One of the banner ads on I can has Cheesburger pulled my sisters myspace picture. So I told her not to connect to the internet till I run some anti-spyware stuff (I never turned norton back on, did I?)
She turned the computer off and killed a pair of VERY detail DFPaint maps. My computer is now password protected with my Bay 12 password.
-
http://vmyths.com/ (http://vmyths.com/)
Apparently not even the anti-virus companies were worried for the past month or more.
-
Well I'm not getting any of the symptoms. So I guess I'm in the clear.
-
My USB has it but not my computer. It's awesome, I have a sort of weapon of terror on my portable flash disk. The power is getting to me, I am sure of it.
-
Does Norton detect this?
Norton is far from being perfect, you should use Kaspersky. ;)
-
Kaspersky is far from perfect either. In fact, no AV can do anything against properly crypted virus.
-
Actually, self-modifying code can be detected(as it must specifically tell the computer not to segfault when it edits itself) and programs that modify other processes also must go through a standard detectable method.
The area where an AV program would have issues is when a program creates an .exe then runs it.
Maybe the best would be to block, or at ask the user to allow or halt, creation of executables, other-process editing, .exe editing, and self-editing. Additionally, block access to all system files areas and disallow a program automatically adding itself to startup...
Then you would be relatively safe. Mostly.
-
Bah! People think computers are the same thing as a desk; that is, permanent.
The best system is really simple and cheap; Just have data on one hard drive, back it up weekly, and every 6 months reformat the application drive.
Keep all your installers on the other drive so you don't have to find them.
Tadaaaaaa!
I use this system at work for software testing because my systems need to be "clean", no floating partially installed programs and what what.
-
http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
Click the link to see if you've got Conficker.
-
Wow that's such an amazingly simple test, yet it would be so incredibly effective. I can't belive I didn't think of that.
(for those too paranoid to click the link it's just a bunch of links to anti virus sites, and alternate os sites with images from each link. If the antivirus site images don't show up but the os ones do, confiker is blocking them. So simple yet effective.)
-
Not sure if it's working right, though. My dad's machine seems to be infected but it can see all the images. Of course, there could be proxies involved that I'm not aware of.
-
I know for sure I don't have a proxy and I see all the images. Hooray for me.
-
Such nonsense. Probably the only thing it does is edit the Hosts file to block out the IP addresses it doesn't want you looking at. Changing the hosts file so that you can go to a legitimate anti-virus website to clean out the virus is trivial.
-
If it only did that, it would be easily taken care of.