I found 5 entries with the search you suggested. Thank you for keeping us safe. Sandi ----- Original Message ----- From: "Gman" <gman.pctt@xxxxxxxxx> To: "PCTechTalk Group <FreeLists>" <PCTechTalk@xxxxxxxxxxxxx> Sent: Saturday, March 28, 2009 4:28 PM Subject: -=PCTechTalk=- Warning: Conficker.C will become active and malicious on April 1, 2009 > >From Shivlik's newsletter: > > *************************** > In early March, security researchers identified a new version of the > Conficker virus, called Conficker.C. This third variant of the virus, > like > its predecessors, exploits the vulnerability patched by Microsoft's > security > bulletin MS08-067, released in October 2008. While not currently > released, > it has been confirmed that this virus will become active and malicious on > April 1, 2009. > > Conficker.C is a major revision of the original virus. This variant > includes new functionality that ranges from new infection methods to > disabling security tools. The Conficker.C virus will scan and kill > processes for security products including disabling: firewalls, patch > deployment, and antivirus software. > > WHAT TO DO BEFORE APRIL 1ST: > The best defense is to apply Microsoft Security Bulletin MS08-067 to > eliminate the vulnerability. Administrators should ensure every system on > their network, internal and external, physical and virtual, has the > MS08-067 > patch applied. Before trying to clean or detect any systems that may be > infected with the Conficker virus, administrators must first apply the > patch. Attempting to clean systems without first protecting them will > only > present a never-ending process of Virus removal. By applying MS08-067, > administrators will then be able to start the task of scanning for > infected > devices and restoring them back to their desired state. > > WHAT TO DO AFTER APRIL 1ST: > If you have not installed the MS08-067 patch on all systems before April > 1st, and systems are infected, researchers claim that you will not be able > to apply the patch to the infected systems. You will have to manually > remove the virus and then apply the patch. This can leave your system > open > for re-attack in the timeframe between removing the virus and applying the > patch. > > Potential New Methods of Attack: > In addition to using internal networks as the means of attack, Conficker.C > is believed to use P2P (Peer-to-Peer) networking to infect other > vulnerable > systems. > *************************** > > The link below is not meant as an endorsement. > http://www.shavlik.com/landingpage/20090326-conficker.aspx > > > The patch for this was sent out through Windows Updates very early in > January. It was rated as Critical for all Win2000, WinXP and Win Server > 2003 systems. Vista and Server 2008 had it rated as Important. > Considering > the fact that the 'experts' don't even know what to expect on April 1st > (the > day the Conflickr bonet is designed to activate), I recommend the patch be > applied by ALL Windows users. > > To see if your system is properly patched, run a file & folder search > on > your C: drive for "KB958644" (without the quotes). If it finds a couple > of > files with that name, you already have the patch applied. If you come up > empty or you're not sure how to search, please let us know so we can help > you get patched. > > Peace, > Gman > http://www.bornagainamerican.org > > "The only dumb questions are the ones we fail to ask" > --------------------------------------------------------------- Please remember to trim your replies (including this sentence and everything below it) and adjust the subject line as necessary. To subscribe, unsubscribe or modify your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ To contact only the PCTT Mod Squad, write to: pctechtalk-moderators@xxxxxxxxxxxxx To join the PCTableTalk off-topic group, send a blank email to: pctabletalk+subscribe@xxxxxxxxxxxxxxxx ---------------------------------------------------------------