Fisheries Development,Freshwater Fish,Seawater Fish, Selling Vaccines Fish

Sunday, February 15, 2009

virus conficker

kaynere said about virus conficker

Virus conficker is worm Mc Afee discovery date at 24/11/2008 . in Wikipedia found like this : Conficker, also known as Downup, Downandup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system.[1] The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and the Windows 7 Beta.[2][3]

This Worm very breakneck because of has infected millions of computer in the world, till Navy and air Prancis till America air force even also follow attacked virus Conficker. Experts internet security has been tried to handle this virus, although they actually know this virus is linked direct with nucleus/core server that give direct commands to virus that computer infection for downloading newest varians.

Newest Variant of conficker at this time ready to crack and brute force password computermachine that infected, afterwards softwares even also tries access 250th different domain name every its day, and downloading a new program to take over computer that has been infected .

This Virus can make access at website security and update antivirus becomes closed, make scheduled task by it self and come easy expand and make network becomes tardy. Even this virus also attacks Windows Vista and Windows 2008.

Virus 'Conficker.DV' use different spreading method from its predecessor. With its sophisticated, thats virus try to access network uses gap windows 'Default Share' (ADMIN$\system32) by guess password administrator.

In other hand 'Conficker.DV' also make file at media removable like flashdisk, harddisk and reader card by keep file hidden at root drive.
Meanwhile action in common like its predecessor, that is try to exploitating MS08-067 or security gap Windows, Windows Server Service or SVCHOST.exe. Many users that infected because of not activate feature Automatic Updates and guilty of no patch windows MS08-067.

Last news that I get this virus has attacked computer of German's defence department and Microsoft gives reward $250.000 for this head of virus maker.
(collected from many source)

for me there are some easy step to avoid this virus.
first : don't use windows system operation
second : if forced use windows, use antivirus that can be updated in offline like ESET NOD32, AVG, or other. because conficker closed antivirus automatically update
third : search in google. there is many way to eradicate conficker. this is one of them:
1.Decide computer that will be cleared of network/internet.
2. Kill system restore (Windows XP/Vista).
3. Kill active virus process at services. Use removal tool from Norman to clean active virus. If has not yet had, can be downloaded in norman sites.
4. Fake Delete service svchost.exe that inculcated virus at registry. You can look for manually at registry.
5. Vanish Schedule Task that made by virus. (C:\WINDOWS\Tasks)
6. Vanish strings registry [that] made by virus. for easy way, you can use this script registry (write in notepad)
-------------------
[Version]
Signature="$Chicago$"
Provider=Vaksincom Oyee

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
Hidden, 0x00000001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,
SuperHidden, 0x00000001,1
HKLM,
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL,
CheckedValue, 0x00000001,1
HKLM, SYSTEM\CurrentControlSet\Services\BITS, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\ERSvc, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\wscsvc, Start, 0x00000002,2
HKLM, SYSTEM\CurrentControlSet\Services\wuauserv, Start, 0x00000002,2

[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Applets, dl
HKCU, Software\Microsoft\Windows\CurrentVersion\Applets, ds
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Applets, dl
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Applets, ds
HKLM, SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, TcpNumConnections
----------------
then save in conficker repairs.inf don't forget change save as type in all files. then open this conficker repairs.inf or right click and install.
if your computer infected again these is my suggest : use linux ubuntu or GOS or many open source Operating system. You can found in google search

7 komentar:

aaLiL said...

Nice Post..

good luck..

belajar dan berbagi

Carlos said...

Hi,thanks for droppin' in.Cheers.

http://papaxicolates.blogspot.com

psycha said...

good info. Thanks for sharing

Nanaybelen said...

have a nice day. keep on posting

Tripzibit said...

Waduh ono virus anyar yo?

Zona Santai said...

good day and coookiiieeeSSS for you...

CheerrSSS...

Thomas Obama said...

I agree with you!