I have found this press release a million times, but I cannot find where to download the darn tool? Has anyone here found the tool yet?
http://www.dhs.gov/ynews/releases/pr_1238443907751.shtm
poltergeek.
http://vil.nai.com/vil/averttools.aspx take a look here
i thought i read thru avast, that as long as your AV is up-to-date you’ll be alright
Yes the chance with Avast is minimal for Conficker Worm get you 
Thanks MrAgent, but the MacAfee tool is only a local scanner. The DHS one is supposed to be able to scan your entire network. I am protected and up to date with Avast, so I am not too worried, but I figure it does not hurt to see what the government came up with to double check my network all in one shot just before d-day! If anyone knows where to find the tool, please let me know. Thanks,
poltergeek
Hi poltergeek,
It comes down to it this tool is only for people that work for the government, not for the rest of the republic,
DHS releases its Conficker tool…for the public sector
What Homeland Security is calling the most comprehensive detection tool yet for the Conficker worm isn’t something it wants to share with the public.
By Scott M. Fulton, III | Published March 31, 2009, 12:22 PM
* Print Article
* E-mail Article
*
* 7 Comments
In the wake of yesterday’s discovery that the Conficker worm can give hints to its presence on a system in a Windows-based network by changing the network signature of that system, the US Dept. of Homeland Security released what the chief of its US-CERT division says is “the most comprehensive [tool] available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm.”
But its use, says a DHS statement published yesterday, is limited to computers – including network infrastructure systems – operated by the federal government and its private sector partners. For that reason, DHS says, it’s distributing this detection tool only through its secured channels. Specifically, government sources may acquire the tool through the Government Forum of Incident Response and Security Teams (GFIRST) portal; and private sector partners may contact their designated Information Sharing and Analysis Center (ISAC).
For the rest of America, DHS suggests they apply a simple test to see if their system is infected, whose description may not exactly fill folks with confidence: “The presence of an infection may be detected if users are unable to connect to their security solution Web site or if they are unable to download free detection/removal tools.”
polonus
*UPDATE* apparently there is a "patch", I got this link from another friend in the tech field. I know it doesn't say anything about the conficker virus/worm, but it's apparently the fix. Anyway, get all of your windows updates (not just this one), you need to have them anyway. http://www.microsoft.com/downloads/details.aspx?familyid=0D5F9B6E-9265-44B9-A376-2067B73D6A03&displaylang=en
As for scanning your entire “network,” what kind of network is it? Are you on a windows domain, or is this a home network? If it’s a windows domain, you should look into using WSUS for your windows updates. It will allow you to see the status of all of your computers and what updates they need, and what updates that have already been applied.
Avast’s ADNM console will tell you what versions of avast and their respective updates on all computers on the network as well.
If you’re talking about a home network, just run your windows updates, make sure your computer is up to date with windows automatic update, and you’ll be fine!
I’ve had Avast for over a year, keep it autoupdating and do the same with Windows Vista. News reports said to try to go to symantec.com, microsoft.com and Norton.com and if you could get to the sites your computer was clean. If not, then not. I tried to go to symantec.com and got a failure to connect msg. I then went to microsoft.com and got the unable to connect msg. I ran avast’s scanner and another scanner my son has and found no conficker. So what have I got? My wife is frightened as is going to buy norton antivirus tomorrow and replace Avast.
I suggest you not buy Norton. I had it on my computers and it attached itself to everything and bogged down my computer.
I’ve used Avast for some time now and will never go back to any of the others.
I found a conficker worm removal tool…
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
I downloaded the tool just in case any of my other computers become infected.
Good luck.
If anyone needs this removal tool and can’t get it through one of the sites, let me know and I’ll be happy post it on my website for download.
its now the day for conflicker to assault beware guy never stay without protection its vunerable for him to target you
Hi malware fighters,
Here is the link to the test scanner, developed by Dan Kamisnsky:
http://iv.cs.uni-bonn.de/uploads/media/scs.zip
So poltergeek, download this POC,
And some info Conficker may be a Chinese build worm: http://www.bkav.com.vn/
polonus
maybe what you are looking for ???
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/
EVERYBODY RUN FOR THEIR LIVES!!! CONFICKER IS COMING!!! OMG!
;D
Looks like my comps don’t have any problems…
Oh yeah, it’s because this thing isn’t a big deal!
dumb question but regarding “detected if users are unable to connect to their security solution Web site”
what sort of website is that? like avast.com? thanks
It pretty much covers all types of security sites. If a virus can, it will try to put every known anti-virus/spyware/adware site in your hosts file, so that no matter where you go, you can’t get software to remove the infection. It’s fairly common these days.
So, yes avast.com would be something that it would try to block, as well as many many others!
they’re trying to scare me saying ‘authors are probably waiting til tomorrow to send it instructions’ and then if nothing happens they’ll say “the instructions will probably be sent Friday BTW want to buy norton”
Norton probably wrote it.
Hi malware fighters,
Just a scan to see whether you are infected and with what kind of conficker variant:
http://iv.cs.uni-bonn.de/fileadmin/user_upload/werner/cfdetector/
Hopefully you aren’t detected,
polonus