With the Conficker virus set to go through a currently uncertain change tomorrow (April 1), here are seven ways to be sure you’ve protected your machine against the fallout.
Don’t panic: The chances are the April Fool’s Day deadline has been overhyped. All that’s known for certain is that the number of potential website addresses infected computers will try to contact will rise from 250 to 50,000. There’s no certainty this change will be accompanied by any change in behaviour among the machines.
Don’t be complacent: Even if nothing happens tomorrow, Conficker is still a powerful virus which gives far too much of your computer’s security away. If you have it on your machine, you should get rid of it immediately, regardless of any ‘deadlines’.
Take a quick check: Even if you are convinced your machine is safe, take a quick visit to Microsoft.com, Symantec.com and McAfee.com. If you are unable to access these sites, your machine may be blocked from doing so by Conficker (to prevent you getting security updates). If this is the case, run the free Conficker removal tool from http://bdtools.net/.
Plug the gap: Once you’ve removed Conficker, make sure to immediately run the Microsoft Update service along with the update features on any security software you run. These facilities may have been blocked while you were infected, meaning you could be missing important security fixes for problems other than Conficker.
Use trusted sources: Don’t be tempted to simply search Google for ‘conficker virus’. While many of the resulting links will be credible and trustworthy, the chances are some will be from peddlers of scamware, rogue software which claims to remove viruses but are simply a way to get control of your machine or add your credit card details to a suckers list.
Protect your network: If you are a network administrator, you have likely found it impractical if not impossible to find and isolate the virus because of the need to scan every machine in full. The good news is that this is no longer necessary. Researchers have discovered that Conficker leaves behind a trace in a specified part of a computer’s filesystem (the processes which run before a user logs in to Windows). This has allowed them to develop a tool with a much quicker way to scan an entire network. You can download the free tool at http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
Be patient: The increase to 50,000 randomly chosen domains on the virus’s ‘phone-home’ list greatly increases the chance that it will mistakenly hit active and legitimate websites. If you find a site slow to load tomorrow, it’s possible (if statistically unlikely) that it’s been a victim of this effect. This doesn’t mean that the site has been infected, merely that it is overloaded with visits from infected machines. If you are struggling to access a website and it’s not an absolutely urgent visit, leave it until later and try again.