# So, who ended up with the Conficker.c worm?



## Random Murderer (Apr 1, 2009)

simple as that, i want to know who has or has had the conficker.c worm now that it's hit zero-day.
i suppose i was lucky, as the "experts" say that 35 million computers and web-servers have been infected, mostly in asia and europe.
one way to check to see if you have it is to run windows update. if you can't install an update, chances are that you have it.


*Detection tool!*

*DON'T GOOGLE SEARCH FOR CONFICKER!*


----------



## Wile E (Apr 1, 2009)

Guess I'm ok. Just got done updating the fresh install.

Does it affect x64 anyway?


----------



## Supreme0verlord (Apr 1, 2009)

Just ran windows update so I guess I don't have it!


----------



## Assassin48 (Apr 1, 2009)

me too without any viruse protection too


----------



## Random Murderer (Apr 1, 2009)

Supreme0verlord said:


> Just ran windows update so I guess I don't have it!



ah, but did it allow you to install or did you even try?
conficker.c doesn't affect your ability to check for updates, just to apply them.


----------



## Assassin48 (Apr 1, 2009)

i updated 2 options the driver for my acer screen would that count?


----------



## Supreme0verlord (Apr 1, 2009)

Random Murderer said:


> ah, but did it allow you to install or did you even try?
> conficker.c doesn't affect your ability to check for updates, just to apply them.



Yeah, I knew that, I just didn't explain my post good enough lol. But yeah, I installed the updates so I'm fine.


----------



## VulkanBros (Apr 1, 2009)

^^ Lol ^^


----------



## DOM (Apr 1, 2009)

how do i check if i have it 

i get this error been since beginning of march

WindowsUpdate_80070490


----------



## Random Murderer (Apr 1, 2009)

DOM said:


> how do i check if i have it
> 
> i get this error been since beginning of march
> 
> WindowsUpdate_80070490



ouch... you might have it.
run a system scan with an antivirus program, most of the big names have a definition for conficker.a, conficker.b, and conficker.c in their databases.


----------



## Assassin48 (Apr 1, 2009)

Random Murderer said:


> ouch... you might have it.
> run a system scan with an antivirus program, most of the big names have a definition for conficker.a, conficker.b, and conficker.c in their databases.



yup what kind of virus protection do you have?


----------



## Random Murderer (Apr 1, 2009)

Assassin48 said:


> yup what kind of virus protection do you have?



are you asking me or dom?


----------



## Assassin48 (Apr 1, 2009)

Dom


----------



## Supreme0verlord (Apr 1, 2009)

VulkanBros said:


> ^^ Lol ^^



What are you lol'ing about?


----------



## Random Murderer (Apr 1, 2009)

Wile E said:


> Guess I'm ok. Just got done updating the fresh install.
> 
> Does it affect x64 anyway?



all windows platforms are at risk.


----------



## DOM (Apr 1, 2009)

Random Murderer said:


> ouch... you might have it.
> run a system scan with an antivirus program, most of the big names have a definition for conficker.a, conficker.b, and conficker.c in their databases.





Assassin48 said:


> yup what kind of virus protection do you have?



ive been using ESET Smart Security


----------



## Random Murderer (Apr 1, 2009)

DOM said:


> ive been using ESET Smart Security



try nod32, it's by eset as well.


----------



## Assassin48 (Apr 1, 2009)

here you go
http://www.dhs.gov/ynews/releases/pr_1238443907751.shtm


----------



## Random Murderer (Apr 1, 2009)

Assassin48 said:


> here you go
> http://www.dhs.gov/ynews/releases/pr_1238443907751.shtm



will add that to the first post, thanks!


----------



## Assassin48 (Apr 1, 2009)

DONT GOOGLE FOR CONFICKER!
http://blogs.zdnet.com/security/?p=3069

add to first post too plz


----------



## Random Murderer (Apr 1, 2009)

Assassin48 said:


> DONT GOOGLE FOR CONFICKER!
> http://blogs.zdnet.com/security/?p=3069
> 
> add to first post too plz



done


----------



## Assassin48 (Apr 1, 2009)

man theres more about malware and scam conficker cleaners then the actuall virus itself


----------



## DOM (Apr 1, 2009)

Random Murderer said:


> try nod32, it's by eset as well.



its the same just has 2 more things


----------



## Random Murderer (Apr 1, 2009)

DOM said:


> its the same just has 2 more things



did not know that.
apparently, windows live onecare scanner will pick it up.


----------



## sneekypeet (Apr 1, 2009)

Hmm.... must not have it I just let IE8 install and it seemed too, although it doesnt require a restart.


----------



## FordGT90Concept (Apr 1, 2009)

The only updates I see are Windows PowerShell and Office Live Add-in, both of which I hid.

I have yet to find anything that clearly states what it means to be infected by Conficker.C (e.g. a registry key created).  That "DHS Detection Tool" is not available to the general public, only government agencies.  I can't find a download link for it there.


----------



## Assassin48 (Apr 1, 2009)

sneekypeet said:


> Hmm.... must not have it I just let IE8 install and it seemed too, although it doesnt require a restart.



mine had to restart strange


----------



## HammerON (Apr 1, 2009)

Good so far....


----------



## Random Murderer (Apr 1, 2009)

FordGT90Concept said:


> The only updates I see are Windows PowerShell and Office Live Add-in, both of which I hid.
> 
> I have yet to find anything that clearly states what it means to be infected by Conficker.C (e.g. a registry key created).  That "DHS Detection Tool" is not available to the general public, only government agencies.  I can't find a download link for it there.



there's a link on the detection tool page to windows live onecare. it will detect it with just a browser plugin and scan.


----------



## FordGT90Concept (Apr 1, 2009)

OneCare has a crapload of fine print.  Use Malicious Software Removal Tool.


No infections found.


----------



## kyle2020 (Apr 1, 2009)

My entire college network got infected, took them 3 days to completely get rid of it. Myself, not a thing, just done a fresh windows install, im all clean and spanky


----------



## kyle2020 (Apr 1, 2009)

Oh and when I say the college network got infected, it was due to someone taking the virus in via flash drive, so one of the students. Stupid because it grinds the rest of the place to a halt, I had 2 lessons cancelled last friday because it was so bad.


----------



## silkstone (Apr 1, 2009)

hmmmn... i'm using Kapersky .... but i can't use Update it isn't downloading. maybe just my connection, i'll wait and see

Edit: phew-just a bad connection


----------



## 95Viper (Apr 1, 2009)

McAfee Info and checker and removal tool:http://www.mcafee.com/us/threat_center/conficker.html http://www.mcafee.com/us/enterprise/confickertest.html

Or you can use stinger by McAfee, they have the regular version or just the conficker version:http://vil.nai.com/vil/averttools.aspx http://vil.nai.com/vil/stinger/default.aspx

Happy hunting.


----------



## VulkanBros (Apr 1, 2009)

Kaspersky has this tool : http://support.kaspersky.com/downloads/utils/kkiller_v3.4.3.zip

Read more here: http://support.kaspersky.com/faq?chapter=207800963&print=true&qid=208279973

Symantec´s conficker remover: http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDwndp.exe

Read more here: http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm


----------



## Melvis (Apr 1, 2009)

The conficker worm that came out in January infected over 10million computers,( i had to fix one with it on it, format was the answer :shadedshu) and for this new one that was meant to hit today (April 1st), going by what they said on the news here in Australia it effected no one at all.


----------



## FordGT90Concept (Apr 1, 2009)

Melvis said:


> The conficker worm that came out in January infected over 10million computers,( i had to fix one with it on it, format was the answer :shadedshu) and for this new one that was meant to hit today (April 1st), going by what they said on the news here in Australia it effected no one at all.




Reminds me of the Avian Bird Flu.  The media always jumps on stories that don't actually matter.


----------



## MRCL (Apr 1, 2009)

Headline of most popular online newspaper in Switzerland:

Aufatmen: Die befürchtete Attacke des berüchtigten Computer- Wurms Conficker ist vorerst ausgeblieben. Experten stellten allerdings gewisse Aktivitäten fest.

Breathe again: Feared attack of infamous worm "Conficker" did not happen - for now. Experts altough noticed activities.

Well, my updates have been installed without any problems.


----------



## PVTCaboose1337 (Apr 1, 2009)

I was not infected.  My whole school network is though cause nobody has secure passwords.  They don't know it yet.  Anyway, as long as you have an up to date AV and a strong password, you should be fine.  Good luck on this day of "Digital Pearl Harbor!"


----------



## Asylum (Apr 1, 2009)

No problems here so far at my company!! Everything looks normal!!


----------



## Triprift (Apr 1, 2009)

I suppose ill find out when i get another update through auto update. =/


----------



## 3870x2 (Apr 1, 2009)

This is ridiculous, conficker is very overhyped.  You dont have any more chance of getting it than any other virus out there, and you probably know *exactly what you did to get it*


----------



## Random Murderer (Apr 1, 2009)

3870x2 said:


> This is ridiculous, conficker is very overhyped.  You dont have any more chance of getting it than any other virus out there, and you probably know *exactly what you did to get it*



unfortunately, i don't think the hype was too much. we still don't know what conficker is programmed to do, and with all the time and money spent on it by the authors, they're probably expecting a large amount of money to be made. hell, microsoft even offered $250,000USD to anyone who knew their identities.


----------



## Marineborn (Apr 1, 2009)

for everyone that is worried download kasperies.killer app itll open a command window do a scan and tell you if you have any infected files. tiny program gets the job done

heres a direct link...just unpack it and run it...
http://support.kaspersky.com/faq?chapter=207800963&print=true&qid=208279973


----------



## Sasqui (Apr 1, 2009)

Ran windows update last night, went through three download/install/reboot sequences to get them all.  No problems.

I haven't had any anti-virus installed for about 6 months.  (yea, stupid I know).


----------



## Homeless (Apr 1, 2009)

clean over here


----------



## ShadowFold (Apr 1, 2009)

I guess I didn't get it. I was on my computer this morning and it worked fine. I don't have any AV and I'm using XP right now, gonna install Vista on Saturday.

I never will pay for anti-virus, they use up resources and for what? I've never had any viruses before in my 9 years of PC gaming.


----------



## ignys5 (Apr 1, 2009)

*Conficker.C description and removal instructions*

I have read an article that Conficker.C attack day might have been changed. I suppose that's quite possible. However, I have search for removal guide of Conficker.C, you know, just in case  Here's one manual removal guide: http://www.2-spyware.com/remove-conficker-c.html
There are also other removal instructions, but very similar to this one.


----------



## Scrizz (Apr 1, 2009)

VIPRE ftw!


----------



## angelkiller (Apr 1, 2009)

LOL at all you Windowz users with your viruses and such. 

http://www.ubuntu.com/
Linux ->  <- Windoz


----------



## 3870x2 (Apr 1, 2009)

Did anyone notice that they kept saying it wrong on the news?*conf*L*icker I was laughing my azz off.


----------



## ShadowFold (Apr 1, 2009)

angelkiller said:


> LOL at all you Windowz users with your viruses and such.
> 
> http://www.ubuntu.com/
> Linux ->  <- Windoz



Hey wanna go play Left 4 Dead or something? Oh wait


----------



## Triprift (Apr 1, 2009)

ShadowFold said:


> Hey wanna go play Left 4 Dead or something? Oh wait



Lol check mate.


----------



## angelkiller (Apr 1, 2009)

hahaha

ok you got me there. 

I have XP on my desktop. Ubuntu is only on my laptop.


----------



## 3870x2 (Apr 1, 2009)

ShadowFold said:


> Hey wanna go play Left 4 Dead or something? Oh wait




hmm
im not so sure that l4d will play on linux my friend!

you know
he could
get WINE
install patches
tweak it
get frustrated
wait forever. .  .   .    .     .      .       .
then, with his GTX295x2 setup, get 20FPS of choppy gameplay!!!

this is not a hit vs linux users, just having some fun


----------



## Mike0409 (Apr 1, 2009)

ShadowFold said:


> Hey wanna go play Left 4 Dead or something? Oh wait



 

A nice  to Linux there!

 Shadow!


----------



## Pete1burn (Apr 1, 2009)

Bah!


----------



## blaster318 (Apr 1, 2009)

April Fools!!!!!!!!


----------



## Fitseries3 (Apr 1, 2009)

its an april fools joke you noobs.


----------



## blaster318 (Apr 1, 2009)

ya it happens every year


----------



## Sasqui (Apr 1, 2009)

ShadowFold said:


> I never will pay for anti-virus, they use up resources and for what? I've never had any viruses before in my 9 years of PC gaming.



Ditto.  I even dowloaded Comcasts free suite and uninstalled it after a week... got tired of a boot time 3x longer than before.


----------



## Random Murderer (Apr 1, 2009)

Fitseries3 said:


> its an april fools joke you noobs.



no, no it's not. conficker has been a major problem since november.


----------



## blaster318 (Apr 1, 2009)

be that as it may. the big scare yesterday was the april fools joke.


----------



## Fitseries3 (Apr 1, 2009)

well i havent run anti virus in years, no anti spyware, no updates(on this machine i use 24/7) and i havent gotten it. i ran the remover a few times now and it tells me i dont have it so im good.


----------



## iStink (Apr 1, 2009)

Does anyone else think its cool as hell how the conficker virus works? I mean, it just blows my mind someone can write something so intelligent and optimized.


----------



## CarolinaKSU (Apr 1, 2009)

Fitseries3 said:


> well i havent run anti virus in years, no anti spyware, no updates(on this machine i use 24/7) and i havent gotten it. i ran the remover a few times now and it tells me i dont have it so im good.



April Fools?


----------



## DOM (Apr 1, 2009)

Ran Malicious Software Removal Tool says im clean


----------



## 3870x2 (Apr 1, 2009)

I haven't had antivirus software since June of last year, they are too bloated.  I use firewalls and haven't had a problem.  Why?  Because I'm not an idiot.  I know exactly what my computer does and where I surf.


----------



## Namslas90 (Apr 1, 2009)

Random Murderer said:


> there's a link on the detection tool page to windows live onecare. it will detect it with just a browser plugin and scan.



Windows has a built in utility to check for and remove the CONFICKER.  Just type MRT into RUN and click enter.  You dont need to download anything.  If you removed MRT you can re-install it from MS updates.


----------



## Polarman (Apr 1, 2009)

No Viruses here! NEVER!


----------



## Wile E (Apr 2, 2009)

DOM said:


> Ran Malicious Software Removal Tool says im clean



I ran into that update error a few month ago. I couldn't even check for updates, let alone install them. A clean install was the only course of action for me.


----------

