http://tech.yahoo.com/news/ap/200903...cker_countdown

My friend who works for a very high tech company that tests out the latest high speed and future speed phone company---one of the employee got infected. From there, it infected all the computers.

after trouble shooting, resintalling OS on all their puters and server. They are still having problems.

this is pretty big.

The biggest thing is to update all the security patches if one is using MicroSoft.

click here to check for security updates and download patches

although no one is sure how exactly it works.

I would suggest a few protocols:

1) do not download or view any attachments starting fro March 31-April 2nd. Even from someone you know. Especially if someone just sent you a LINK to somewhere.

2) try not to browse anywhere that you are not familiar with. Try not to click on anything/links that you are not sure of.

watch out for those fake links.

3) the past couple of versions of the worm will try to make you buy things by scaring you into thinking that your puter has been infected.

if you get that pop up. Immediately get away from that site. Run your anti-virus and anti-spyware.

although the only recourse might end up just reinstalling your OS.

4) if you haven't done so yet, back up everything.

5) update all your anti-virus and anti-spyware EVERYDAY.

~~~~~~~~~~~~~~~~~~~~

supplementary article to this worm from CNN

~~~~~~~~~~~~~~~~~~~~

We have been contacted by Avast...
They say as long as all updates are accurate, risk is very low.
They also say the risk is higher if you have NOT done the SP3 for
Windows.

I am going to turn off our two computers Mar 31 PM.
Just in case.

The fast-moving Conficker computer worm, a scourge of the Internet that has infected at least 3 million PCs, is set to spring to life in a new way on Wednesday -- April Fools' Day.


http://www.snopes.com/computer/virus/conficker.asp
http://www.technologyreview.com/wire/22364/?a=f

Am I at risk of having the Conficker worm?

Most antivirus software could detect and block the Conficker worm, so if you have updated antivirus software on your computer, you are at a much lower risk of being infected by the Conficker worm.

If you or your network administrator have not installed the latest security updates from Microsoft and your antivirus provider, and if you have file-sharing turned on, the Conficker worm could allow remote code execution. Remote code execution allows an attacker to take control of your computer and use it for malicious purposes.

http://www.microsoft.com/protect/com...conficker.mspx

I would add caution that while MicroSoft is very sure of its patch files will block the worm. That it is still only 98% fool proof.

The truth is with April Fools worm (the 3rd version), nobody really knows what it is going to be like until April Fool's day.

but the best defense it to make sure everything is updated and don't visit sites unknown, download files unknown, turn off all file sharings, turn off remote access.

those that use file sharing sites such as limewire would be very susceptible to attacks.

fastest way to check to see if your remote access is on:

right click on MY COMPUTER>>>> Properties>>> click on REMOTE Tab>>> make sure the check is OFF

and always click on "APPLY"

the anti-virus/spyware can detect the first two versions. But the third version is what will happen on April 1st. And it is still an unknown.

*while the worm is classified as a "virus" it is more than that. Malware, spyware, greyware, rogueware can be added to this particular worm. That is why nobody truly has a TOTAL defense against it.

Other names for it and more info-

[ + Alias:
# W32.Downadup.C [Symantec]
# Trojan.Win32.Pakes.ngs [Kaspersky Lab]
# W32/Confick-G [Sophos]
# Worm:Win32/Conficker.D [Microsoft]
# Worm.Win32.Conficker [Ikarus]
# Win32/Conficker.worm.88064 [AhnLab]

* Summary of the findings:

What's been found
Capability to block security-related software by modifying firewall settings and by disabling security services, such as Windows Update, Norton Autoprotect, Kaspersky Anti-Virus, etc.

Contains characteristics of an identified security risk. ]
http://www.threatexpert.com/report.a...3303a68368e116

Thank you for that remider!

If anyone has had internet problems "fixed" by making phone calls and them doing a "test"..yep..they are remotely going into your computer.

I just had to unclick mine again.

I ran the full scan. Took about 3 hours.

It found and removed
Win32.Zhelatin.a
also known as Win32/nuwar.A (McAfee)

The AVG virus scan did not pick this up. (I had run that last night after loggin goff the internet.)Don't know how long it's been there. I had McAfee on this computer up until 2 weeks ago.

Running the scan is worth it.

Rumor has it that turning off your computer for the whole day only delays it being active to the next time you turn it on.

If you have your Windows updates done, your antivirus up to date, and scanned, and a good anti spyware program like Superanitspyware.com (FREE) up and scanned, you are in good shape.

Its April 1 today.

Can you go to Microsoft.com? Can you go to Nortons.com? If so, its a 99% chance you DONT have the worm. The worm prevents you from reaching either of these two sites.

I'm fine. I went to microsoft first thing. If it was the conficker worm (which what I had wasn't listed as one of the names), then the scan got rid of it.

All of my programs are updated daily. I have to check too many links here on NT not to keep them updated.

I sure hope that rumor isn't true. I took the modem away from my husband. I know he hasn't kept the gym's computer up to par. He thought having a firewall was all he needed.