Â
Who brushed the sensational headlines in the tabloid press in recent days followed, had to believe that the computer would turn on that Wednesday morning, catch fire, desintegrieren, explode, and the same users still infected. Of all the speech can not be: There is no known recent case in which a corporate network would have abandoned the spirit or masses of virtual machines with the pustules Temporal blessed. The major computer meltdown by Conficker remains out. On the big hysteria following the big yawn.
Corbis
Virenbändiger: PC pests in check to keep is far less dramatic than shown here, but absolutely necessary
But this one is as misplaced as the others. The Conficker update with the date change from 31.3. to 1.4. actually begun. In these few minutes makes a number of unexplained computers, new instruction sets and malicious programs from the Web to download. For this purpose, the latest variant Conficker C above a record of approximately 50,000 Web addresses to him as a potential gas data can serve. The previous versions had tried to contact some 250 addresses to use: They were from IT security companies simply have been blocked, which prevented the update. With 50,000 addresses is not possible anymore.
What exactly the worm picks up everything, you will only know in a few days. So much seems certain: The update is intended, among other things, that created by infection fremdkontrollierter botnet computers to stabilize. And this is the largest of its kind: Up to ten million computers, believe IT security experts, encompasses the zombie network of infected computers. The could be many things for use of spam and viruses shipping to the cyber-attack.
The opposite recipe: Check, clean up, update
Precisely because that is the case, was never really expected that Conficker own computers and networks that he has hijacked, would directly harm. It is therefore not likely that your computer is still on "spin" begin, especially when it infects Conficker should be. Modern viruses are no longer damaging the computer on which they sit, but others, they attack from there. Why would a virus author a massive botnet that he has now approximately six months has also willfully destroy? A more likely explanation is that the Conficker update will maintain the botnet.
But that is ultimately so much the worse: The danger is not entirely over. Conficker-zombies are like sleepers who only wait for their wake-up call for a destruction plant species not known to begin. Prevention is therefore important, even in principle: You should keep your computer clean.
Who wants to know whether he has caught Conficker or not, since Tuesday is a series of
Diagnostic tools rely on the University of Bonn have been developed. If a positive diagnosis to come out, you should on one of the removal tools fall back to all the major providers of antivirus software free of charge (see link list).
ON THE INTERNET
Uni Bonn: Conficker Diagnostic Tools
Trend Micro: Conficker remover
"Stinger": Small download programs from McAfee against 20 current viruses (including Sobig)
Microsoft virus removal tool
Sophos: Tool against Conficker
Conficker remover from ESET
Symntec: Tool against Conficker
BitDefender: Tools against Conficker (network and single-PC)
F-Secure: Information about Conficker with download links to removal tools
Microsoft Security Update MS08-067
blogs ONLINE is not responsible for the content of external internet sites.
These tools can also be used prophylactically, if you certainly want to go. After cleaning up the computer it is absolutely necessary, the software patch from Microsoft to re-install the
the vulnerability stuffs, which will be exploited by Conficker.
Finally, the use anti-virus software to be updated: This is again only when the computer is cleaned. Conficker suppresses anti-virus updates, software protection is hors de combat and gaukelt an existing virus protection only. Knapp summarized here once again with the necessary safeguards against Conficker.
OVER-THE WORM: SO MAN PROTECTS AGAINST COMPUTERS CONFICKER
The most important answers at a glance: How Conficker, what you should do, and where can you free tools to remove the malicious software found.
So goes the worm before
The first method of attack targets a vulnerability in Microsoft's server software. Then spread the Downadup also called worm within networks, without the computer users themselves would have something to contribute: The worm tries, with the help of a software administrator passwords to crack. If this succeeds, the worm may be freely disseminated within the network. In a third phase, the worm spreads itself to target mobile devices, for example, via a USB interface with a computer connected to be infested. Additionally, the worm searches through networks to "shared folders and network drives. Calculator, which deals with a network resource to connect, are also affected. The aim of the worm Downadup are especially corporate networks, but also personal computers can be infected.
Windows updates
Since Downadup First, the automatic update features of Windows and antivirus software frozen, you should try to initiate these updates manually. Private users will find the Windows feature that after clicking the Start icon, then under "Help and Support", then "the computer with Windows Update to the latest date."
USB Autorun function
Initially, you should use the autorun feature for USB flash drives off. But this is unfortunately not trivial and requires a change in the registry database: If you are not able to ask someone who really knows so. Improper interference with the registry can affect the functioning of the PC affect sensitive. The autorun function can also temporarily disable a trick: Simply the Shift key and hold, while a USB stick or other removable drive einsteckt. Only after notification of the drive spindle.
Computer with free tools
Who wants to be sure that his computer is clean, can be one of the specialized tools of the IT security companies, or rely on a Linux Live CD. Some companies offer such a thing as an ISO image to download: You can use the downloaded file to a CD. This is bootable and launches a lightweight Linux system with the help of current anti-virus scanning the hard drive of the infected computer, bypassing the operating system are investigated.
FREE Conficker helper
 Heise Security: background for dealing with tools
Microsoft Tutorial: Protect yourself from Conficker
Microsoft helpers: Malicious Software Removal Tool
Symantec instructions: The worm Conficker
 Enigma Software: Conficker-Removal Tool
 Kaspersky Tool: KidoKiller
No comments:
Post a Comment