More on 'Conficker' worm

[Guest guest]

GULP

so far (she says with fingers crossed) I have NOT received one...... I don't want one.

 

Lets see what happens now.

 

Clare in Tassie

[Guest guest]

ok I got one... now I will BLOCK THEM and report it as spam

[Guest guest]

I have added mailserver to my BLOCKED list

this is the email address which the advertising came from

[Guest guest]

How do you block it? If you click on it to get the email addie ---bingo...so how do you block it?

 

Bea--- On Tue, 3/31/09, Clare@GOOGLE MAIL <theclaremcharris wrote:

Clare@GOOGLE MAIL <theclaremcharrisRe: Re: Re: More on 'Conficker' worm Date: Tuesday, March 31, 2009, 11:09 PM

 

 

 

ok I got one... now I will BLOCK THEM and report it as spam

[Guest guest]

Viviane are you sure your messages didn't get through? My message came

through OK and then I got the nonsense

 

Jane

 

-

" vlerner2002 " <vivlerner

 

Wednesday, April 01, 2009 4:38 PM

Fwd: Re: Re: More on 'Conficker' worm

 

 

Yes, Hanneke!

I just got 2 of them in response to 2 articles I was sending the list [that

obviously didn't get there]. No idea of what it's about, but I don't like

it, makes me wonder what they are trafficking below the radar....

Not to mention that it'll discourage people from posting. [Maybe this is the

goal?]

Take care,

Viviane

========

[Guest guest]

Mine just said ' search market'. In any case looks like is in this up to its eyeballs....--- On Tue, 3/31/09, Clare@GOOGLE MAIL <theclaremcharris wrote:

Clare@GOOGLE MAIL <theclaremcharrisRe: Re: Re: More on 'Conficker' worm Date: Tuesday, March 31, 2009, 11:14 PM

 

 

 

I have added mailserver@overture .com to my BLOCKED list

this is the email address which the advertising came from

[Guest guest]

I havent heard of the problem with any other I'm on yet. I got the bs mail only once so far seperate from any other email--on its own.

 

Bea--- On Tue, 3/31/09, Jane MacRoss <highfield1 wrote:

Jane MacRoss <highfield1Re: Re: Re: More on 'Conficker' worm Date: Tuesday, March 31, 2009, 11:31 PM

 

 

Viviane are you sure your messages didn't get through? My message came through OK and then I got the nonsenseJane- "vlerner2002" <vivlerner (AT) gmail (DOT) com><>Wednesday, April 01, 2009 4:38 PMFwd: Re: [Health_and_ Healing] Re: More on 'Conficker' wormYes, Hanneke!I just got 2 of them in response to 2 articles I was sending the list [that obviously didn't get there]. No idea of what it's about, but I don't like it, makes me wonder what they are trafficking below the radar....Not to mention that it'll discourage people from posting. [Maybe this is the goal?]Take

care,Viviane========

[Guest guest]



Bea I set up the GMAIL filter for that specific address

mailserver

To automatically delete ANY and ALL emails from this address so I should never get another one

 

Clare in Tassie

 

 

[Guest guest]

Yep I've got it now---I blocked it---but when I got back to my mail---there was one in my inbox---not sure if it got there before or after...

 

another funny thing is that it changes the font style after you paste it and write after it

 

it's definitely part of some virus....

 

countdown....--- On Tue, 3/31/09, Clare@GOOGLE MAIL <theclaremcharris wrote:

Clare@GOOGLE MAIL <theclaremcharrisRe: Re: Re: More on 'Conficker' worm Date: Tuesday, March 31, 2009, 11:45 PM

 

 

 Bea I set up the GMAIL filter for that specific address

mailserver@overture .com

To automatically delete ANY and ALL emails from this address so I should never get another one

 

Clare in Tassie

 

 

[Guest guest]



In O:E Go to 'message' at the top of the screen - go to "Create Message Rule from Message" and just get O:E to send it straight to the delete folder

 

HTH

 

Jane

 

-

 

Bea Bernhausen

Wednesday, April 01, 2009 5:30 PM

Re: Re: Re: More on 'Conficker' worm

 

 

 

 

 

How do you block it? If you click on it to get the email addie ---bingo...so how do you block it?

 

Bea--- On Tue, 3/31/09, Clare@GOOGLE MAIL <theclaremcharris wrote:

Clare@GOOGLE MAIL <theclaremcharrisRe: Re: Re: More on 'Conficker' worm Date: Tuesday, March 31, 2009, 11:09 PM

 

 

 

ok I got one... now I will BLOCK THEM and report it as spam

 

 

 

 

 

Checked by AVG - www.avg.com Version: 8.0.238 / Virus Database: 270.11.35/2033 - Release 03/31/09 13:05:00

[Guest guest]

yep got it thanks---its in the From section anyway---just a lil cornfuzzled tonight...--- On Wed, 4/1/09, Jane MacRoss <highfield1 wrote:

Jane MacRoss <highfield1Re: Re: Re: More on 'Conficker' worm Date: Wednesday, April 1, 2009, 12:06 AM

 

 

 In O:E Go to 'message' at the top of the screen - go to "Create Message Rule from Message" and just get O:E to send it straight to the delete folder

 

HTH

 

Jane

 

-

 

Bea Bernhausen

 

Wednesday, April 01, 2009 5:30 PM

Re: Re: [Health_and_ Healing] Re: More on 'Conficker' worm

 

 

 

 

 

How do you block it? If you click on it to get the email addie ---bingo...so how do you block it?

 

Bea--- On Tue, 3/31/09, Clare@GOOGLE MAIL <theclaremcharris@ gmail.com> wrote:

Clare@GOOGLE MAIL <theclaremcharris@ gmail.com>Re: Re: [Health_and_ Healing] Re: More on 'Conficker' wormTuesday, March 31, 2009, 11:09 PM

 

 

 

ok I got one... now I will BLOCK THEM and report it as spam

 

 

 

 

 

Checked by AVG - www.avg.com Version: 8.0.238 / Virus Database: 270.11.35/2033 - Release 03/31/09 13:05:00

[Guest guest]



 

'Conficker' Worm Wakes Up, But It's Quiet

http://www.pcmag.com/article2/0,2817,2344198,00.asp

The "Conficker" worm is live within Australia and elsewhere in the world, security vendors have confirmed, where it is April 1. At this point, however, it remains quiescent.

 

 

Security company Trend Micro has seen the Conficker or Downadup worm increase the number of DNS resolutions, as expected, said Paul Ferguson, the lead researcher for security intelligence, advanced threats research. At this point, however, the worm has taken no other action.

Conficker is expected to hit the United States on Wednesday, April 1. But it is already a day ahead across the international date line, where Conficker is waking up, and making its way westward through Asia and Europe.

In recent days, the prevailing attitude toward Conficker has turned away from a threat that could wreak havoc upon the Internet, more toward an event that needs to be closely monitored, but not necessarily feared. In part, that's because a signature has been identified and a scanner developed. Security analysts have also developed a list of actions to take to mitigate the effects of Conficker and similar worms.

Conficker preys upon a vulnerability in Microsoft Windows that was patched in October, although the worm does take a number of actions to try and shut down antivirus programs and prevent them from updating. The Apple Macintosh OS X operating system is completely immune.

So far, however, Conficker has laid low. "We've seen some host resolution in our honeypot systems, they're doing that," Ferguson said. "But aside from doing the expected DNS resolution, we haven't really seen anything else."

A spokesman from Symantec also said that the company's researchers haven't noted any malicious activity. "Most regions have already woken up to April 1 and Symantec Security Response experts have not detected any additional activities but are continuing to monitor for any new activities and will provide updates as they become available," he said in an update Tuesday night. "Keep in mind that these systems could be updated on any date after April 1."

"McAfee Avert Labs has been closely monitoring Conficker-related threats and, we haven't observed any significant activities on the domains that it is polling for thus far," researcher Shinsuke Honjo wrote in a McAfee/Avert blog post.

"Daniel," a security analyst with Australia's National Computer Emergency Response Team (AusCERT) also reported a quiet day. "So far the worm has activated as expected - making DNS requests to the generated lists of domains," he wrote in an email. "Beyond that, however, there have yet to be any reports of a succesful download/secondary activation."

That might be because of the low number of infections in Australia, AusCERT noted in a separate post.

On April 1, according to security researchers, Conficker is scheduled to determine the local time, about once every 24 hours, to determine if it is in fact April 1 or later. At that time, the worm begins to generate a list of 50,000 domains, of which it checks about 500 or so for what researchers assume to be a digitally signed payload. What that payload is or what it will order the Conficker machines to do is unknown.

"The most commonly accepted thinking is that this is nothing more than just an effort to build survivability into the system," Ferguson said.

So what is Conficker? At this point, no one knows. But more and more researchers seem to be thinking that the number of infected Conficker machines will turn out to be a botnet, that can be ordered to attack servers or networks owned by governments or enterprises.

"I think it's just the Storm guys trying to build a bullet-proof botnet," said Roger Thompson, the chief research officer of AVG Technologies, in an instant-message conversation. "I always thought it was a corp/gov/edu problem."

Ferguson also worried that the Conficker hullabaloo might distract from other, equally nefarious activities going on behind the Conficker smokescreen.

[Guest guest]



this www addy has simple information on protecting your computer

 

http://forums.techarena.in/tips-tweaks/1148989.htm