The Conficker Virus

Submitted by David on Sat, 04/18/2009 - 01:08

The Virus

April First is always a bad time of year for computer viruses, and this past April Fool's Day is no different. You may have read articles recently about a virus called Conficker. Despite the amount of media attention that Conficker has received over recent weeks, millions of computers worldwide continue to be infected by the virus.

The virus exploits a security hole found in the Microsoft Windows software. Ironically, according to some news reports, Microsoft issued a security patch (as they do regularly) before Conficker even appeared. The security patch that Microsoft has issued does indeed fix the security hole that Conficker exploits. So even if the reports that indicate the security patch appeared before the virus are completely wrong, no one can complain if they get the virus.

It is each computer owner's responsibility to make sure his or her computer (running Microsoft Windows) is up to date. Microsoft issues all of its security patches on one, easy-to-use website, located at http://www.windowsupdate.com. This "Windows Update" tool is vital for people to use. One can also download additional software such as Microsoft Windows Media Player and (occasionally) drivers for their computer hardware from here.

However, the fact remains that Conficker is causing many people problems, as well as large networks, frustrating network administrators. If you have the virus, you are probably not able to get to any of the well-known antivirus software providers like AVG, Trendmicro, McAfee, and Symantec (Norton).

The virus can be pretty nasty, and there are several "flavors" of it on the internet. It is so hard to track down and stop because the authors of the program have designed it to deploy itself across networks without any human help (such as opening an email attachment). This is why large networks such as universities are so vulnerable. Conficker can also be easily transferred (again, without your knowledge) through removable media, like a USB device.

To make matters worse, the virus is designed to create a network of its own. The programmers created it in such a way that it could "update itself" by downloading new code, similar to Microsoft Windows Update, but by itself without human knowledge. This has resulted in the several versions of the virus that are wrecking havoc on computers. It does this by communicating with other infected computers, creating something called a botnet (when computer program[s] communicate with each other automatically, without human intervention).

 

Removing the Virus

If you have been infected with the Conficker virus, you should not try to do a Windows Update. According to sources that I have read, Conficker will "fake" the crucial Microsoft Windows Update security patch that is needed. Instead, you should first remove the virus and then do a complete Windows Update.

If you have the virus, you will probably be unable to browse to any of the anti-virus software websites. Therefore, you should download a removal tool from a different computer (or you should ask a friend to download it for you, and then email it to you).

While I am not a huge fan of using Symantec's Norton Anti-virus or McAfee's Software for my typical anti-virus solutions, both companies provide removal tools on their websites. I have found in the past that these removal tools are quite useful.

You can learn more about removing the virus here: http://news.cnet.com/rid-your-computer-of-the-conficker-virus/

 

Protecting Yourself

Use Antivirus Software

It is always important to keep your anti-virus software and Windows software up to date. A good, free antivirus program (for individuals) is the free version of AVG. You can download it at http://free.avg.com. You can learn about other anti-virus programs here: http://www.smoothstoneservices.com/resources/content/importance-anti-vir...

Do your Windows Updates

Another good way to protect your computer is to regularly do a Windows Update. If your computer is not set to update themselves automatically, then I strongly urge you to visit http://www.windowsupdate.com, click on "Custom," and download all Critical and Hardware updates that the website tells you is available.

To read more about the virus, here are a few links: http://news.cnet.com/rid-your-computer-of-the-conficker-virus/ http://www.informationweek.com/news/security/attacks/showArticle.jhtml?a... http://www.pcworld.com/article/163197/11_percent_of_pcs_still_unpatched_... http://en.wikipedia.org/wiki/Conficker

 

Need More Help?

Learn More about our services and what we can do for you.

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd><img>
  • Lines and paragraphs break automatically.
  • Link to content with [[some text]], where "some text" is the title of existing content or the title of a new piece of content to create. You can also link text to a different title by using [[link to this title|show this text]]. Link to outside URLs with [[http://www.example.com|some text]], or even [[http://www.example.com]]. Link to existing or new content with CamelCaseWords.
  • Use [toc list: ol; title: Table of Contents; minlevel: 2; maxlevel: 3; attachments: yes;] to insert a mediawiki style collapsible table of contents. All the arguments are optional.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
By submitting this form, you accept the Mollom privacy policy.