Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Samsung 970 EVO M.2 500GB NVMe SSD review
Corsair HS60 Headset review
Gigabyte Aorus X470 Gaming 7 Wifi review
ASUS ROG Crosshair VII HERO (Wifi) review
MSI X470 Gaming M7 AC review
AMD Ryzen 7 2700X review
AMD Ryzen 5 2600X review
NZXT Kraken X72 Review
HP EX900 500GB M.2. SSD review
be quiet! Dark Rock PRO 4 review

New Downloads
GeForce 397.31 WHQL driver download
Corsair Utility Engine Download (iCUE) Download v3.2.87
Guru3D RTSS Rivatuner Statistics Server Download v7.1.0 Final
MSI Afterburner 4.5.0 (Official) Download
inSpectre Download v8
AMD Chipset Drivers Download v18.10.0418
Corsair Utility Engine Download (CUE) Download v2.24.50
Corsair Link Download v4.9.7.35
HWiNFO64 Download v5.82
PCMark 10 Download v1.0.1493


New Forum Topics
GeForce 397.31 WHQL Game Ready Download & Discussion Download: MSI Afterburner 4.5.0 Microsoft to release a Lean Version of Windows 10 [OFFICIAL] Windows 10 RS4 - Build 17134 RTM EVGA Adds Color Options for GeForce GTX 1080 Ti SC2 GAMING Download: GeForce 397.31 WHQL drivers Samsung Begins Mass Production of 10nm-class 16Gb LPDDR4X DRAM for Automobiles Radeon Adrenalin Edition 18.3.4 Drivers Download & Discussion 1997 PC classic Constructor Free to grab Precision X + Afterburner?




Guru3D.com » News » Millions infected by new Windows Worm

Millions infected by new Windows Worm

by Hilbert Hagedoorn on: 01/19/2009 11:53 AM | Source | 0 comment(s)

The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008. Although Microsoft released a patch, it has gone on to infect 3.5m machines. Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch. According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code. It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service. Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.

Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down. But Conficker does things differently. Anti-virus firm F-Secure says that the worm uses a complicated algorithm to generate hundreds of different domain names every day, such as mphtfrxs.net, imctaef.cc, and hcweu.org. Only one of these will actually be the site used to download the hackers' files. On the face of it, tracing this one site is almost impossible.

Please patch yourself up.







Rate this story
Rating:

« Circuit City to close 567 remaining US stores · Millions infected by new Windows Worm · Laser hard drives promise 1Tbits/s data transfer »

Related Stories

Millions Copies of Dirt 3 keys leaked onto web - 09/07/2011 07:42 AM
Publishers Codemasters and graphics card manufacturer AMD have been running a promotion lately whereby purchasers of a card got a free copy of excellent racer Dirt 3. That offer has now been, uh, slig...

Samsung invest millions into Fusion-io SSD specialists - 10/22/2009 09:56 AM
Samsung have invested



Guru3D.com © 2018