Worm Attacks: Conficker Worm spotted stealing bank information in Utah University

Conficker Worm in Utah University


The most complete guide to the conficker worm.
conficker-worm

College Campuses are particularly vulnerable to
Worm/Virus attacks because of the number of computer
users that are networked together.

The conficker worm has affected 700 computers at the
 University of Utah.

 The worm can slow down PCs and
steal information.

The conficker worm has infiltrated computers at the
colleges of nursing, pharmacy and health as well as
hospitals and medical school computers.



University of Utah attacked by conficker worm.

University of Utah attacked by conficker worm.

Chris Nelson, the health sciences spokesman, said that no patient data nor medical records were comprised. “That’s secured in a much deeper way because of the implications,” said Nelson. The conficker worm could be siphoning login and stealing bank information. Source: Google Conficker Worm in Utah University

How to know if you are infected by the Conficker Worm

According to Microsoft corporation some, all, or none of the following could be happening on computer systems infected by the conficker worm.

  • Account lockout policies are being tripped.
  • Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services are disabled.
  • Domain controllers respond slowly to client requests.
  • The network is congested.
  • Various security-related Web sites cannot be accessed.

What exactly is the Conficker Worm and how do I Prevent or Remove it?

Win32/Conficker is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Depending on the specific variant, it may also spread via removable drives and by exploiting weak passwords. It disables several important system services and security products and downloads arbitrary files.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

Known Variants of Conficker Worm

There are five known variants of the conficker worm labeled A-E.
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.

System Changes that may be the cause of the conficker worm.

The following system changes may indicate the presence of this malware:
  • The following services are disabled or fail to run:
  • Windows Security Center Service
    Windows Update Auto Update Service
    Background Intelligence Transfer Service
    Windows Defender
    Error Reporting Service
    Windows Error Reporting Service
  • Some accounts may be locked out due to the following registry modification, which may flood the network with connections:
  • HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
    “TcpNumConnections” = “0x00FFFFFE”
  • Users may not be able to connect to websites or online services that contain the following strings:
  • virus
    spyware
    malware
    rootkit
    defender
    microsoft
    symantec
    norton
    mcafee
    trendmicro
    sophos
    panda
    etrust
    networkassociates
    computerassociates
    f-secure
    kaspersky
    jotti
    f-prot
    nod32
    eset
    grisoft
    drweb
    centralcommand
    ahnlab
    esafe
    avast
    avira
    quickheal
    comodo
    clamav
    ewido
    fortinet
    gdata
    hacksoft
    hauri
    ikarus
    k7computing
    norman
    pctools
    prevx
    rising
    securecomputing
    sunbelt
    emsisoft
    arcabit
    cpsecure
    spamhaus
    castlecops
    threatexpert
    wilderssecurity
    windowsupdate

    That’s all for now folks. If you are infected with Conficker Worm and need help feel free to call Shane Fowler at Fowler Computer for computer repair service anywhere in the United States at (603) 343-8331.


Advertisements

About Shane G. Fowler

Fowler Computer Repairs desktop and laptop computers in the Rochester NH, Wakefield NH area. We also offer Local Business Internet Marketing Services and Copywriting for SEO.
This entry was posted in amesbury ma, andover ma, Anti Spyware, boxford ma, computer repair, concord nh, conficker worm, Data Recovery, derry nh, dover nh, elliot me, essex ma, exeter nh, floating floor, floor refinishing, Flooring, gameroom, georgetown ma, gloucester ma, hampton nh, hard drive recovery, Internet, IT News, malware, newburyport ma, Notebook/Laptops, operating systems, Peer to Peer, pelham nh, Phishing and other Internet Scams, pittsfield nh, portsmouth nh, remote pc support, rochester nh, rye nh, salisbury ma, seabrook nh, spyware, stratham nh, toppsfield ma, trojans and other malware, Uncategorized, utah university, virus/worm news, Viruses, windham nh, windows security, wolfboro nh, WORM, worm attacks utah and tagged , , , , , , , , , , . Bookmark the permalink.

One Response to Worm Attacks: Conficker Worm spotted stealing bank information in Utah University

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s