If you are reading this post, PLEASE take a minute and Register, it is FREE and gives you Member Benefits to Read, Respond and Post on all boards in the forum. Thank You!
www.windows7newsinfo.com/forum
Want to quickly find out if your PC might be one of the millions infected by Conficker? Try clicking to Microsoft.com. Next try Symantec.com. Now try McAfee.com.
If you can get to these sites, you're cool. But if your browser will not let you access any of these Web sites, then you very likely are infected with Conficker.
That's because Conficker blocks you from reaching any web address that includes Microsoft, Symantec, McAfee, AVG, Kaspersky, Trend Micro, F-Secure, Panda, Sophos, SecureWorks or Sunbelt in the URL. It also blocks URLs that contain 103 other names and phrases that relate to security. You can see the full list by clicking to SRI International's report here and scrolling down to the table listed under "domain lookup prevention."
To get a full understanding of how jammed-packed Conficker is with sophisticated self-spreading and self-preserving features see this FAQ and this timeline.
You definitely want to check -- and disinfect -- before April 1. On that date all Conficker-infected PCs could begin trying to connect to 50,000 web domains to receive further instructions. Two schools of thought exist about what Conficker will do next.
Some experts, such as WinPatrol creator Bill Pytlovany, are sensing that the worm's controllers will run circles around the Microsoft-led "cabal" of security groups trying to block some 3 million to 12 million Conficker-infected PCs from phoning home next week.
"How Conficker will mutate is anyone's guess," say Ptylovany. "It could be anything from turning a machine into a spam-bot or launching a widespread cyberterror attack. My guess is it will be something designed to make money."
But Sophos researcher Chet Wisnieswski notes that Conficker's controllers can now reach each infected PC several different ways, thanks to a customized peer-to-peer network the bad guys have set up and organized the infected PCs into.
F-Secure researcher Patrik Runald notes that if Conficker's controllers wanted to send updates or instructions to any infected machine they can do that at any time. "It's unlikely anything major will happen on April 1st," says Runald.
So how can you get an infected machine to a Conficker clean-up tool? You have a couple of options. One is to use Enigma Software's free Conficker-specific scan-and-cleanup tool. Enigma is obscure enough that the bad guys did not include it on the list of blocked URLs.
But be aware: Enigma could not pass up the opportunity to attach a promotion to buy a $30 subscription directly alongside its free tool. Several readers have gotten misled into thinking that they must buy the subscription to activate the clean-up tool. An Enigma spokesman insists that the Conficker tool is completely free; he supplied this video showing what a free clean-up session should look like.
Another option is to click to this Microsoft malicious software removal site, which doesn't contain "Microsoft" in the URL. You'll find a free all-purpose malicious software scanner. However, I could not get it to work on my Firefox 3 browser, nor on my Internet Explorer 7 browser.
Microsoft says they are checking into this and suggested this last-ditch option: contact Microsoft Customer Service and Support at no charge, using the PC Safety hotline at 1-866-PCSAFETY.
For state and federal computer systems and commercial vendors, the Department of Homeland Security Monday recommended this Microsoft conficker detection tool and fix.
