A Quick List Of Software Tools For Battling The Conficker C Virus

March 26, 2009 10:19 by Kris Abel

A great deal of attention is being given to a battle currently taking place between internet security experts and a malicious worm referred to as “Conficker.C”. Security experts and anti-virus companies wage fights of this kind every day, around the clock, but this one in particular, because it is designed to activate in some way on April 1st and because its sophisticated nature is making it a tough adversary for experts to stop, has grabbed our imaginations and the media spotlight. It’s a story that is motivating many people to search for anti-virus tools and so in response to a growing number of requests I’m listing here a collection of links to the free software, both for the Conficker worm and malware in general.

Conficker.C General Knowledge

The Conficker.C virus currently is infecting computers running Microsoft Windows. Computers running other operating systems such Macs are not affected.

Users who are already running commercial Anti-Virus software and have the latest Windows updates are protected.

Should your computer somehow become infected, there are tools available to for removing it (see below).

This is the third version of this virus released (previously there was Conficker.A and Conficker.B) and with each new version the creators are learning from their mistakes. There may be another version (it will no doubt be called Conficker.D) which can potentially be stronger in which case new removal tools will have to be created for it.

If My Current Anti-Virus Software Is Fine, Why Is This Such A Big Deal?

Despite the ease with which popular anti-virus software can protect against Conficker.C, experts have noticed that there are hundreds of thousands, if not millions of computers around the globe that, for one reason or another, are not currently running anti-virus software or have not been updated. These machines have become infected.

Conficker.C is a very sophisticated virus that has the ability to organize these infected computers into an independent network, one where the infected computers can communicate with each other, share files, and receive commands from the virus writers themselves. A network of this kind creates an amount of computing power that can be used for a number of malicious purposes, from harvesting financial information to performing online attacks.

We know that the infected machines have been instructed to receive a set of commands to perform some kind of action on April 1st, what exactly, is unknown.

The theoretical danger isn’t that the world’s computers and services will be shut down from a widespread infection, but that an organized group of infected computers can be used to perform some kind of attack. The general public can’t take any steps to protect against this, instead this is a battle for security experts who are working to prevent such an attack from taking place.

It’s important to keep in mind that this is a theoretical danger, we have seen similar viruses used to organize infected computers before, usually to distribute spam or harvest credit card information. There is no specific reason to believe an attack of some kind is coming, but as always in matters of security experts are taking the matter very seriously just in case. For this reason, the Conicker.C story is receiving more media attention than normal.

Running Windows Update

Click on the Start Button, then All Programs, then Windows Update

You can also visit http://windowsupdate.microsoft.com

Free Protection Software Links

AVG Free Edition

http://free.avg.com/

AVG is a very effective anti-virus software and the free version covers all your basic needs with constant updates for all the latest viruses including the Conficker variants.

Ad-Aware

http://www.lavasoft.com/

Ad-Aware is designed specifically to battle spyware and malware, scanning and removing infections with ease.

SpyBot Search & Destroy

http://www.safer-networking.org

Also designed to tackle spyware and malware, this free program includes the ability to immunize your system against a list of malicious software in advance.

Conficker Removal Tools And Instructions

Although existing commercial Anti-Virus software is effective in removing the Conficker virus, the Internet Storm Center is maintaining an excellent list of removal resources for system administrators that you can view here, just in case:

http://isc.sans.org/diary.html?storyid=5860

Conficker.C White Paper

For those with a technical background who are interested in reading more on this worm and its new levels of virus sophistication, SRI International has written this in-depth analysis:

http://mtc.sri.com/Conficker/addendumC/

Conficker.E Worm Spreads Rapidly In Asia, Attacks University Of Utah, Wants To Sell You Fake Anti-Virus Software Update: Facebook Solves Worm Problem Anti-Virus Companies Investigating Facebook "Court Jester" Virus Next Week On Canada AM - Cool Search Tools And Baby Gadgets

Comments

3/26/2009 12:04:08 PM #

When I hear stories like this, I am glad I have an Apple computer. I know that Apple isn't 100% proof, but it is a hell a lot better then a PC, which seems to have a 0% protection.

Ki-Som

3/26/2009 2:04:30 PM #

Ki-som: It's no fun making viruses for an OS that hardly anyone uses. Once more Apple os's are on the market, Apple will have huge virus problems.
The making of these viruses are not made for the average computer user, but to try and infect huge companies that have thousands of computers.

Fool Writer

3/26/2009 2:55:34 PM #

I just got attacked by a phony virus 360 antivirus. This happened because I received a meeage the microsoft had and update. Now I have to have everything deleted and re installed to get rid of it. Very costly and my Norton antivirus did nothing to protect this problem

Rhoda Crisp

3/26/2009 4:54:10 PM #

If you had a Mac, you would not worry about that Virus thing!!!!!

3/26/2009 5:15:11 PM #

"...experts have noticed that there are hundreds of thousands, if not millions of computers around the globe that, for one reason or another, are not currently running anti-virus software or have not been updated. These machines have become infected."

Don't you think that this is overstating the isue just a little bit. How would my computer which is always behind a router or firewall become infected? I do not use antivirus software by choice because if you aren't a complete dolt on a computer, and only download from trusted sources, then you won't get viruses like this.

Most peoples machines get infected because they don't know how to tell a legitimate email from a fake one, they download with programs like limewire, or they don't know how to keep their computer up to date.

Mark, Victoria BC

3/26/2009 5:30:43 PM #

There is a very long list of scenarios that have created infected computers in this situation. One example is the use of pirated versions of Windows which cannot pass Microsoft's authentication process and so can't download the latest updates to patch the specific exploits being leveraged by this virus.

It's a big issue in Asia where pirated software is very popular, but does also occur here. Just this past December the RCMP raided an eBay seller in Dartmouth, Nova Scotia for selling pirated copies of Windows.

You can read about here:
http://krisabel.ctv.ca/post/4006827.aspx

There are computers at large industrial facilities, remote utilities, places where systems are left running, but not updated frequently enough. Studies into the spread of viruses have found them on systems in military bases and government buildings, think beyond North America to countries around the world.

Suffice it to say these are not everyday, ordinary scenarios, but the exceptions to the rule and there's enough of them in this case for a virus to organize together for a specified task.

Kris Abel

3/27/2009 1:21:32 AM #

A great free product for dealing with malware and such not mentioned above is Malwarebytes (www.malwarebytes.org). I have had the pleasure of seeing this freebie eradicate stuff that Trend Micro and Norton don't even pick up.

PVT

3/31/2009 8:53:25 PM #

If I unhook or take my internet thing then is it possible that i could [b]not[/b] be affected by this stupid virus? Or is it best to unhook [b]and[/b] shut down? Is every single computer going to have to block it or is it just certain cities or things? Sorry about all the questions but my mom and I have a lot of very important things on our laptops. Mine is an Acer and hers is a HP.

Kiara

3/31/2009 9:05:07 PM #

No need for such extreme measures, as long as your system has the latest Windows updates and is running anti-virus, you are protected.

Kris Abel

4/1/2009 1:30:46 AM #

Alright, i'm a regular internet user. I go on things such as Youtube and deviantart on a daily bases, is this safe? What about MSN?
I do have the latest updates and an antivirus.

Nicole

Add comment

Name*
E-mail* (Will show your Gravatar icon)
Captcha* Click to change captcha

b i u quote

Comment
Preview

Notify me when new comments are added

Website

A Quick List Of Software Tools For Battling The Conficker C Virus

Related posts

Comments

Add comment

Search

Recent Posts

Month List

Twitter

Category list

Tag cloud

A Quick List Of Software Tools For Battling The Conficker C Virus

Related posts

Comments

Add comment

Search

Recent Posts

Month List

Twitter