Millions of Windows PCs have been infected by a new computer worm dubbed 'Conficker'. Here's how you can protect your PC.
'Conficker' is a malicious worm that uses computer or network resources to make complete copies of itself and may include code that damages both a computer and network.
Once executed, Conficker disables a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. Conficker then connects to a malicious server, where it downloads additional malware to install on the infected computer.
See also: Conficker virus hits Sheffield hospitals
Conficker can spread in three ways.
First, it attacks a vulnerability in the Microsoft Server service. Computers without Microsoft's October emergency security release can be remotely attacked and taken over.
Second, Conficker can attempt to guess or 'brute force' Administrator passwords used by local networks and spread through network shares.
And third, the worm infects removable devices and network shares with an autorun file that executes as soon as a USB drive or other infected device is connected to a victim PC.
Four ways to protect your PC against Conficker
- Scan all files Since Conficker uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions.
- Update Windows The alarmingly high number of Conficker infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it's important that Windows users, if they haven't already, download the latest Microsoft security patch that went out earlier this week.
- Use a blocklist This is less relevant for home users, but network administrators can also use a Conficker blocklist provided by F-Secure to try and stop the worm's attempts to connect to websites.
- Disable Autoron You can disable Autorun so that a PC won't suffer automatic attack from an infected USB drive or other removable media when it's connected. The Internet Storm Center links to one method for doing so, but the instructions involve changing the Windows Registry and should only be attempted by adminstrators or tech experts.
Comments
ernie said: had MS08-067 applied got the wormhad latest McAfee and Dats got the wormcleaned with Symantec got the wormpatched McAfee again got the worm againLOTS of blame to go around
Deadlyscone said: hmm sounds like what i hadSymptomsComputer slows downcomputer FreezesTons of pop-ups appeargtWhilein internet explorercertian JAVA scripts wont rungtcausing web pages to not loadgtsuch as hotmail microsoft pagegt and much otherDisables windows defenderdisables automatic updatesdisables other Windows control optionsi found this file in mygtCWINDOWSSystem32gunetotudllit will run with a windows prgram called RUNDLLexewitch means everytime the computer user is loged on it automaticly starts up befor any other program
onchu said: How to stop Conficker worm1 Remove Windows2 Install Linux3 4 Profit
Newty said: Why do people think this kind of thing is funny and condemn those who condemn it Its nothing more than vandalism and an abuse of their ability as programmers to inflict this kind of thing on the unwary Pathetic
Frank said: If I had my way I would have a dedicated team of financial and legal specialists to track and prosecute all these city bankers who think that its clever to damage other peoples lives jobs and property Heavy fines and confiscation of all their monies might just steady them down A long stay in a prison cell would help Looks like superhen was reading the loo papers again
superden said: Jon What a lot of s you talk
Jon said: How many local glaziers gain new work after the typical week-end shop front breakages One could easily but mistakenly think that they were the instigatorsAnd then theres the anti-virus companiesBut lets not wake superden from his baby slumber as he dances with the gentle innocent and playful city traders and bankers
superden said: If I had my way I would have a dedicated team of IT specialists to track and prosecute all these programmers who think its clever to damage other peoples property heavy fines and confiscation of all their equipment might just steady them down A long stay in a prison cell would help
Matt said: Good point Nev but i have to admit i do sometimes do it myself x
Nev said: Obviously Terrys computing skills arent up to much if his computers can get infected so easily and joyfully probably passing on the infections to others whilst he is playing
The wtacher said: not sure Id blame Microsoft For thia at least
Terry said: I love new worms Especially if my pcs get infected Simply because it gives me a real challenge and tests my computing skills Plus it gives MS loads more bad publicity