The Conficker worm has become one of the largest botnets in the history of the Internet and it is continuously spreading. Large business networks are the worst hit because this worm spreads through a vulnerability in the Windows networking system.
Microsoft has released an emergency patch that closes the vulnerability in Windows system but the worm is still spreading through infected PCs, unpatched systems and removal devices.
To counter these, several registry key modifications or ‘hacks’ have been devised to accomplish an effective prevention against the worm. Microsoft has published a knowledgebase article that has a detailed how-to guide for preventing Conficker from infecting and spreading within networks.
This involves modifying registry values for Conficker spread prevention by creating a new group policy. It makes sure that the worm cannot take advantage of the network and spread through it from a single infected PC. It modifies the netsvcs registry value to change the permissions associated with it.
There is another popular hack on the Internet that makes sure that autorun is disabled on every account on the system. It essentially changes registry values for Conficker and other worms that take advantage of the autoplay/autorun feature. It changes registry values of the autorun.inf file so that it never runs.
In case of an infection, Microsoft has listed a 26 step long process to remove the worm completely from the system. It involves backing up cleaning the registry using the regedit tool to copy, modify and delete several entries to protect the legitimate entries and to get rid of the malware created entries.
At the end of searching, modifying and deleting the registry values, the user must ensure that all the security services such as autoupdate, windows defender, BITS and Windows error reporting service are running.
Microsoft’s guide should be followed to the letter. Ideally, someone familiar with such operations should perform the recovery.
Changing Registry Values For Conficker Protection And Removal
Posted by
Shailpik
Labels: tech, technology
Subscribe
Tags
- technology (21)
- the web (20)
- general information (17)
- business (16)
- accessories (15)
- tech (13)
- money (12)
- gadgets (9)
- social networking (9)
- news (8)
- religion (8)
- ecommerce (6)
- real estate (5)
- health (4)
- print (4)
- sports (3)
- scams (2)
- Insurance (1)
- Legal (1)
- Personal Injury (1)
- activities (1)
- gambling (1)
- internet (1)
- music (1)
License
Words without a home by Shailpik Biswas is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 India License.
Permissions beyond the scope of this license may be available at http://wordshomeless.blogspot.com.