Skip to Navigation | Skip to Content

Confickr Worm: Regarding 'Attack' on April 1st

« Phishing scam targeting NYU Email | Main | ITS Classes »

Recently, there has been much media attention focused on Confickr, a somewhat pervasive internet worm targeting Windows PCs. Upon infection, Confickr will disable firewalls, antivirus/antispyware and Windows Updates. The worm propagates over the network and can even infect connected flash drives. The worm is scheduled to attack various systems across the internet on April 1st, 2009.

The Technology Security Services (TSS) group has been carefully monitoring the situation over the past several weeks. At this time, we do not believe there is a significant threat to NYU network resources. That said, we do recommend that all Windows PC clients do the following:

  1. Make sure you have downloaded and installed the latest Windows Updates.
  2. Update your antivirus and antispyware software with the latest definitions. NYU ITS provides Symantec Antivirus for free to most NYU faculty, staff and students.
  3. If you have not already done so, create a computer account password comprised of 8 alphanumeric characters or longer. Password creation tips can be found here.

If you wish to verify whether or not your computer is infected with Confickr, visit the following sites for removal tools and more information.

Microsoft: Virus alert about the Win32/Conficker.B worm
Microsoft: Malware Removal Tool

If you need further help cleaning up your computer from a possible virus infection, contact the ITS Client Services Center at 212-998-3333 or