DOWNAD/Conficker Watch: New Variant in The Mix?

So how many variants as there? There is B, C...

Till Now; A,B,C[B++],D,E.The Conficker worm has grown to be one of the most technologically advanced and resilient botnets to date. While the initial worm variants, Conficker.A, Conficker.B and Conficker.B++, had a primary focus on spreading infection, the latest variant Conficker.C demon-strates a paradigm shift { moving away from overt infection tactics toward stealthly and robust operations.The Conficker family of malware is currently restricted to Windows machines. The key attack vector used by Conficker.A is the MS08-067 RPC NetPathCanonicalize vulnerability. This variant 1st appeared mid November 2008, followed by Conficker.B in late December 2008 and Conficker.B++ in February 2009. The most recent variant, Conficker.C, was first seen at the start of March 2009 when it was installed as an update on computers already infected with Conficker.B and Conficker.B++.Conficker.B and Conficker.B++ were responsible for the major growth in the size of the Conficker botnet, as they were able to spread using Windows file sharing and autorun.inf les on USB media, in addition to the MS08067 vulnerability used by Conficker.A.The initial variants used clever social engineering for a secondary attack vector via autorun les in removable storage devices (e.g. USB drives). The worm also spread via network shares, pummeling the network with netbios activity.Interestingly, the new Conficker.C has replaced the above spreading functionality with a more robust peer-to-peer (p2p) content distribution system.The peer-to-peer mechanism enables a Conficker.C infected host to share executable content between its peers. This essentially makes Conficker.C hosts capable of executing arbitrary content { a dramatic increase to the exibility and potential for harm.

The mechanism to command and control Conficker.D-infected machines is a two-step process:

1. By registering just a single domain name out of the 50,000 generated per day, roughly 1% of the total number of Conficker.D-infected machines will be able to receive commands from the malware author.
2. Using its P2P mechanism, these machines will be able to distribute the original commands to other Conficker.D-infected peers.

The shift to the P2P scheme opens up a new channel for Conficker.D to receive and distribute additional malware from the worm author. This additional code complexity, programmed to be less dependent on contacting domain names for communication, may have been forced onto the malware author to combat the effort that the industry has taken against the worm.

Also check out these important links ;
http://www.confickerworkinggroup.org/wiki/pmwiki.php
http://www.dshield.org/diary.html?storyid=5860
http://mtc.sri.com/Conficker/
http://en.wikipedia.org/wiki/Conficker
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
http://technet.microsoft.com/en-us/security/dd452420.aspx

Apart from this I would say that, nothing is perfect in this world and even Bill Gates also must have encountered malware on his PC. Therefore take precautions to atleast ignore such threats. Here are some simple general tips I would recommend to u ;
1.Keep ur OS/System/files/Browser/Software/Drivers etc totally updated along with Microsoft's Service packs.

2.Use & Update the ''Malwarebytes'' [Anti-malware] atleast every 3-4 days.

3.Dnt go to porn sites even by mistake & never ever download anything from there.

4.Avoid unsafe Torrents/p2p etc.

5.Use Antivirus like; nod32,kaspersky,windows live onecare & always keep them updated once every
three days.

6.Use WOT {firefox addon],Mcafee site advisor,Link Scanner for ur general browsing protection. You
Can Use many other Firefox Add Ons for protection But These R The Basic ones u need to have.

7.Scan any file u download first with ur AV before opening/using it.

8.Dnt Open an e-mail whose source seems suspicious/Unknown [Can be a phishing scam].

9.Avoid social networks as now a days they r prime target for malwares.

10.Change ur password once every 1-2 months & always try to make sure ur password strength is
very strong.

11.Give ur e-mail or personal information to people u know or have known for longer period of time
or relevant trusted source.

12.If Infected with malware, stay calm, don't panic. Make self efforts initially by trying first to access
the problem before reaching to any negative conclusion. Many times we can learn or get the
solution of our PC problems but act lazy and want others to do our home work or task.Remember
none of us were born with anti-malware technical skills but with hard work,enthusiasm & passion
we learnt & therefore r sharing those skills with everyone.

13.Tune up [Defrag/Error Check/Hardware issues/Software Issues/Disk Clean up/Performance/
Event Log/Task Manager etc] i.e Tune up ur PC for any registry related [Upper value,lower value]
or HDD related issues. I have been using ''Tuneup Utilities'' for the last 3 years and so far so good.
But its not important for u also to use the same software as I do. U can use Windows live OneCare
Anti virus for basic protection, which has an inbuilt PC tuner & therefore also does a excellent Tune
up Job also.Tuning up the PC is extremely important as with the time PC performance slows down
plus uninstalling/reinstalling new/old programs/softwares creates hell lot of hidden changes in the
registry leaving behind unwanted left over cluttery registry keys which alsopile up with time & result
in increase in PC slow down plus Crashes/blue screens.

14.Do regular back ups for ur PC===Online/Offline/Internal Or External. Many free programs are
available online too.

15.For OS I would say always do clean installation for migrating from XP or Vista to Windows 7 rather
than jst upgrading.

16.Download full released software versions from trusted sources like download.com/softpedia/
filehippo etc.Try to avoid downloading & installing Beta Version as its unstable & may cause issues
except for Google chrome browser.

17.Try to avoid using 3rd party codecs/packs especially in vista as it can lead to heaps of registry
problems later because of various file associations during improper uninstallation.

18.Never Play with ur registry If U dnt know how it works. Always back up registry before ur PC
undergoes major changes.

19.Make sure that ur System Restore is working properly & contains sufficient restore points.

20.Always use genuine Microsoft Software copy & not a pirated one.

21.Avoid using keys for kaspersky AV whose source is not genuine as the keys can later get blacklisted
hence leaving u vulnerable 24/7 to malware.

22.To test any software use Microsoft's Virtual PC/Virtual box/Virtual machine for long term testing like
windows 7 Beta OS or u can also create a hidden partition for this testing procedure or use sandboxie,
returnil,safe space etc. for short term testing.

23.Sit & spend some useful time [Atleast 2-3 hours every 3-5 days] with your PC even if u have less
patience or dont like it. Try to analyse & understand basic PC functionality & other relevant
associated concepts. This will definately help u in long run to handle ur day to day atleast minor PC
issues smoothly.

24.Always keep the Windows Recovery DVD/Blue Ray Disc Handy to reinstall the OS just in case
everything fails or u r unable to boot normally or even after using safe mode/Inbuilt recovery
tools[Vista].If U dont have the DVD,then order it from ur PC manufacturer.Keep in mind that u can
also create the recovery media but I prefer the factory sealed original set from the manufacturer.

25.Keep ur PC Cool, Well Ventilated, Clutter free, Dnt Over Experiment with it too much as its just a
machine at the end of the day and not a rock. Be as gentle as u can be with ur PC to prolong the life
of ur PC/Hard Drive/Battery & ur pocket .

26.Tried everything , didnt get any solution/help or u couldn't solve ur PC problem even after following
above steps then feel free to Contact support at http://www.geekpolice.net/ .

27.Last but not the least learn from ur previous mistakes to avoid any infection in future. Also discuss
such things with ur friends to help them out too & make them aware of PC issues & solutions at
http://www.geekpolice.net/.


These are the simple general tips I personally follow & have prepared with my own personal experience with the PC.
Hope these general tips help u & even ur friends also.