Posted on 03/30/2009 5:56:30 PM PDT by JoeProBono
As computer security firms play down the risk posed by the Conficker/Downadup worm, the Department of Homeland Security on Monday released a DHS-developed detection tool to help organizations scan for computers infected by the worm.
The DHS US-CERT team created worm-scanning software for federal and state government agencies, commercial vendors, and critical infrastructure owners. It's being made available through the Government Forum of Incident Response and Security Teams Portal and to private-sector partners through various Information Sharing and Analysis Centers.
http://www.us-cert.gov
US-CERT.GOV
#
Note: The following text is a quote:
http://www.us-cert.gov/current/index.html#conficker_worm_information
Conficker Worm Targets Microsoft Windows Systems
added March 29, 2009 at 08:18 pm | updated March 30, 2009 at 03:06 pm
US-CERT is aware of public reports indicating a widespread infection of the Conficker/Downadup worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a corporate network, if the network servers are not patched with the MS08-067 patch from Microsoft.
Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection may be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
http://www.mcafee.com
If a user is unable to reach any of these websites, it may indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet - in the case for home users.
Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Please see below for a few of those sites. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:
Symantec:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
Microsoft:
http://support.microsoft.com/kb/962007
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
Microsoft PC Safety hotline at 1-866-PCSAFETY, for assistance.
US-CERT encourages users to prevent a Conficker/Downadup infection by ensuring all systems have the MS08-067 patch (see http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx), disabling AutoRun functionality (see http://www.us-cert.gov/cas/techalerts/TA09-020A.html), and maintaining up-to-date anti-virus software.
bttt
Thank you Brad’s Gramma for the bump.
One good EMP detonation from North Korea and we wouldn’t have any of this to worry about anymore.
NUTZ! I am sick of hackers!
I was thinking the same thing. Then I remembered that the head of Homeland Security doesn't paricularly like worms.
Anyone on here (the thread) running Firefox???
Yup. Firefox 2.0.0.13
I guess this will be my last post before I explode.
Are YOU able to access your Security Center? (Windows)
Mine says it’s turned off. Restart computer. I did. Still turned off.
Now remember....I am SOOOOOOOOOOO computer illiterate it’s not funny.
I can’t believe the reward for turning in the Conficker hacker is only $250k, all things considered.
Can only imagine what you`d fish for with that.
Are you being funny?
Security and Windows forms an oxymoron condition.
To answer your question, I wouldn’t know where to do what you describe. I turn everything security-wise off and monitor what and where I go and what is running on my machine constantly.
Highly UNusual for me...but this time...nope. I wasn't being funny. But I see your point...
“Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. “
So what is this ‘simple test’ that the Feds talk about.
A good tool is: Windows Process Explorer (free) made by www.sysinternals.com v9.25
It’s been good to me.
“The Sysinternals web site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Microsoft acquired Sysinternals in July, 2006.”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.