February 10, 2011

Protect Your Computer Against the Conficker Worm



From the House of Commons in the United Kingdom to servers of corporations in the United States to the average user across the globe, the Conficker Worm is attacking anything and everything in it's path, wreaking havoc and killing Internet connections, slowing corporate functions and infiltrating the most sensitive of data. 

Conficker has since spread rapidly into what is now believed to be the largest computer worm infection since the 2003 SQL Slammer, with more than seven million government, business and home computers in over 200 countries now under its control. The worm has been unusually difficult to counter because of its combined use of many advanced malware techniques.

Instructions
  1. If you have a Mac or a Linux machine, breath a sigh of relief; you don't have the right code to be infected. If you're running Windows as your platform of choice, listen up, because this is critical; time is of the essence. You may experience any number of symptoms which are common like loss of Internet connection and loss of local network connection and which are less common like Automatic updates and Microsoft services being disabled.
  2. Update your anti-virus software. Disconnect your computer from the Internet and scan your system, if you believe you are already infected. To stop the spread of the worm, see step 3. If possible, back up your data ASAP.
  3. Disable Auto-play in Windows. For Vista: Start > Control Panel > click Play CD's or other media automatically > uncheck Use Autoplay for all media and devices. > click OK. For XP: Start > Run Enter GPEDIT.MSC >
  4. The Group Policy dialogue box will appear. On left panel, double-click Computer Configuration > Administrative Templates > System > Double-click the Turn autoplay off option. The reason behind disabling autoplay is that Conficker can be spread through USB flash drives infected with code that starts on auto-play when the infected drive is inserted into the computer. Disabling auto-play is a good way to ensure against any malicious code automatically gaining access to your computer.
  5. If you have the Conficker worm, DO NOT DO A SYSTEM RESTORE. Like most malware, Conficker hangs in the restore points and reactivates when you do a system restore. Utilize a decent anti-virus solution such as AVG, Avast!, or Malwarebyte's Anti-Malware. Again, disconnecting your computer from the Internet is critical to prevent the spread of the worm or the continued use of your computer by the worm for devious purposes. Windows Malicious Software Removal Tool can be used to detect and remove the Conficker worm as an option as well.
  6. Regardless if you are on a network or a standalone computer, download the Microsoft update patch KB958644 (MS08-067) This will fix a security vulnerability that is exploited by the Conficker worm. For more information on how to exactly deploy this update across a network as well as additional information on Conficker, please visit the link in the Resources section.

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More