Talk:Conficker

This is the talk page for discussing improvements to the Conficker article.
This is not a forum for general discussion of the article's subject.

Put new text under old text. Click here to start a new topic.
New to Wikipedia? Welcome! Learn to edit; get help.

Article policies

Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL

Archives: Index, 1, 2

Computing: Software Stub‑class Low‑importance

	This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles
Stub	This article has been rated as Stub-class on Wikipedia's content assessment scale.
Low	This article has been rated as Low-importance on the project's importance scale.
	This article is supported by WikiProject Software.
	This article is supported by WikiProject Computer Security (assessed as Low-importance).

Software: Computing Unassessed

	This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware articles
???	This article has not yet received a rating on Wikipedia's content assessment scale.
???	This article has not yet received a rating on the project's importance scale.
	This article is supported by WikiProject Computing.

Computer Security: Computing Unassessed

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

???

This article has not yet received a rating on Wikipedia's content assessment scale.

???

This article has not yet received a rating on the project's importance scale.

This article is supported by WikiProject Computing.

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

Internet Unassessed

	Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
???	This article has not yet received a rating on Wikipedia's content assessment scale.
???	This article has not yet received a rating on the project's importance scale.

A news item involving Conficker was featured on Wikipedia's Main Page in the In the news section on 18 January 2009.

Wikipedia

Removal

'Linux and Macintosh systems are unaffected as the virus only targets Windows software' present at the bottom of the first block of text. This message is uneccessary and superfluous. The first block of text already explains the nature of the virus and what it targets. 62.245.140.169 (talk) 17:03, 21 January 2009 (UTC)[reply]

The information is useful and relevant. Please do not remove it again. JohnCD (talk) 17:27, 21 January 2009 (UTC)[reply]
I agree it should be removed as it is immaterial to the article. Also not mentioned (thankfully) is that Playstations, X-Boxes, PDAs, mobile phones and toasters are not targeted. Sufficient is the list of targeted OSes. These sorts of comments foster a naive view that not using the dominant platform is a security solution.
One study (will cite when I find the book) of Window NT and Linux workstations with clean installs, fresh IPs and a LAN directly connected to the Internet showed that both systems had mean times to compromise measured in hours, not days. Yes it's an old study but since it came out we have seen the rise of botnets, cross platform parallel compute libraries and automated penetration tests designed to find weaknesses in a broad spectrum of devices connected to a network. These new tools are just as applicable to creating malicious botnets as they are to finding cancer cures at home or finding and fixing security problems in networks.
I'm no Windows apologist and I use Linux exclusively on my own computers. I just think the constant "Linux/Macintosh/Insert favored OS here doesn't get viruses" harping misses the point. It's a smug message that if you are running windows you should change. But if everyone changed to your favored OS your imaginary security through obscurity would also vanish. What then? Would a change back to Windows then be warranted? 121.79.12.138 (talk) 22:44, 21 January 2009 (UTC)[reply]

What are the symptoms of infection?

Is there a way of determining if your PC is infected? DavidRF (talk) 19:03, 19 January 2009 (UTC)[reply]

If the user's IQ is lower than 80, then it's probably infected. 121.44.18.220 (talk) 07:42, 20 January 2009 (UTC)[reply]

Very constructive, thanks. The article is a headline in the news section of the main page of wikipedia and I haven't heard about it anywhere else. Just wondering if we could get some elaboration on this threat. DavidRF (talk) 15:01, 20 January 2009 (UTC)[reply]

Seriously, what are the inddications? 惑乱 Wakuran (talk) 17:39, 20 January 2009 (UTC)[reply]

don't know the specific ones, but this is a spybot, which connects to external servers, so if you find your internet, or even just your computer is considerably slow, and it can't be blamed on just your old computer, then get the removal tool from microsoft's website and try it, if you're clean, then it won't find anything. —Preceding unsigned comment added by 24.65.77.144 (talk) 02:19, 21 January 2009 (UTC)[reply]

Apparently it spreads through networks by means of guessing passwords, and occasionally locks out users when attempted incorrect guesses one time too many. That seems to be a warning sign. 惑乱 Wakuran (talk) 10:11, 21 January 2009 (UTC)[reply]

Why can't we correctly translate the German? --202.169.60.130 (talk) 15:26, 20 January 2009 (UTC)[reply]

Yeah. Wikipedia is fucking not censored for fucking minors! 惑乱 Wakuran (talk) 17:39, 20 January 2009 (UTC)[reply]

When this worm infected hundreds of windows machines on my company, I, being a member of the IT, received a giant load of calls that wouldn't me even let me stop to breathe... it was really fun to see people scary of a "malevolous virus attack" hehe Oxygenetik (talk) 10:17, 21 January 2009 (UTC)[reply]

The worm hides in a pendrive (that is contaminated on a computer with virus), there are two parts to it. The first is a exe. file, which is a *number*.exe and it is hidden. Note: the number is usually less than 100, like 8.exe, 11.exe. The second part is a .inf autorun config file like

ShellExecute=8.exe Action=View the contents of this drive When the autoplay pops up, you can select what you want to do, e.g. print the pictures, take no actions, etc. Normally people will select 'view contents of this drive' but it is actually an autoplay for the .exe file. once it is running, you can see it in the task manager, as *number*.exe. The symptoms are error popups like 'suddenly,life has new meaning'. Different variations have came out so there may be other effects on the computer. To remove, stick your pendrive into the usb, when the autoplay window popup, press cancel or the cross. Open cmd, type your drive, like H:. After that, type dir/w/o/a/p . If there is any suspicious .vbs, .exe, .ini/inf files, type in "attrib -h -r -s -a". Then type "del filename.ext" Replace the ext with extension type. like "del autorun.inf" or "del New.exe" KamiFlame (talk) 13:50, 21 January 2009 (UTC)[reply]

That isn't the Conficker worm. The Conficker worm does not have an exe component. It is just a single DLL file.

Picture

Currently there's a picture of a Sandisk Cruzer with the caption "Conficker spreads via portable storage devices." This picture is not just unnecessary (if you don't know what a USB stick is, look up the article), it could actually give the impression (to stupid people, admittedly) that Sandisk has anything to do with it, which of course they don't. I removed the picture to offset these concerns, and added a link to USB flash drive. 82.95.254.249 (talk) 14:08, 21 January 2009 (UTC)[reply]

Use of obscenities

"consisting of the abbreviation con for configuration and the nominalized form of the obscene German verb ficken (the bad f word)"

Are we children. Either let us use our imaginations as to what "ficken" means, or be more, er, explicit. Monkeyspearfish (talk) 16:38, 21 January 2009 (UTC)[reply]

I replaced it with 'fuck'. Wikipedia is not censored! ~-F.S-~(Talk,Contribs,Online?) 16:53, 21 January 2009 (UTC)[reply]

Someone is removing the definition for "ficken" and insisting that it is a homophone for "configure", which is original research and not plausible (IMHO). Reverting. 65.169.210.66 (talk) 23:05, 22 January 2009 (UTC)[reply]

Spread of Conficker

The article needs to be more explicit about how Conficker spreads. One line says it can spread by USB flash drives, but did it reach 9 million PCs solely on this vector? Does it spread when the user visits a website, or does it attack passive computers? Is a computer vulnerable behind a NAT router? The graphic titled "spread of conficker" doesn't help; it shows the attack coming by way of an unlabeled white box. Spiel496 (talk) 06:22, 22 January 2009 (UTC)[reply]

Systems Affected

This Symantec summary claims that affected systems includes Windows 95, Windows 98, Windows Me and Windows NT. These operating systems are not included in this article, should they? - Shiftchange (talk) 13:26, 22 January 2009 (UTC)[reply]