removable drive\autorun.inf
http://www.virustotal.com/analisis/b6ded20...2bc9d5304352f1d
จริงๆแล้วมีแค่นี้
[code][autorun
removable drive\autorun.inf
http://www.virustotal.com/analisis/b6ded20...2bc9d5304352f1d
จริงๆแล้วมีแค่นี้
[code][autorun
" I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image."
—Stephen Hawking
An Analysis of Conficker's Logic and Rendezvous Points
โดย Phillip Porras, Hassen Saidi และ Vinod Yegneswaran
Last Update: 19 March 2009
**Hidden Content: To see this hidden content your post count must be 60 or greater.**
" I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image."
—Stephen Hawking
Know Your Enemy: Containing Conficker
Mon, 03/30/2009 - 21:28 — david.watson
Our "Know Your Enemy: Containing Conficker" whitepaper was released on March 30th as a PDF only. You can download the full paper from the link below.
Paper Abstract
The Conficker worm has infected several million computers since it first started spreading in late 2008 but attempts to mitigate Conficker have not yet proved very successful. In this paper we present several potential methods to contain Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotely detect a compromised system. Furthermore, we demonstrate various methods to detect and remove Conficker locally and a potential vaccination tool is presented. Finally, the domainname generation mechanism for all three Conficker variants is discussed in detail and an overview of the potential for upcoming domain collisions in version .C is provided. Tools for all the ideas presented here are freely available for download including source code.
In addition, as a result of this paper and the hard work of Dan Kaminsky, most vulnerability scanning tools (including Nmap) should now have a plugin or signatures that allow you to remotely detect infected Conficker systems on your networks. Finally, we would like to recognize and thank the tremendous help and input of the Conficker Working Group.
Paper last updated March 30th 2009, 23:00 GMT (rev1)
PDF MD5sum = 135ba75c33534327eb2800e98c8077e8 (KYE-Conficker.pdf)
Attachment Size
KYE-Conficker.pdf 700.04 KB
**Hidden Content: To see this hidden content your post count must be 60 or greater.**
" I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image."
—Stephen Hawking
หลายคนที่ติด conficker หรือ คนที่พยายามหาข้อมูลเกี่ยวกับมัน พึงระวังเว็บไซต์เหล่านี้
List of Possible Malicious Web Sites
* hxxp://conficker.biz/
* hxxp://confickerc.com/
* hxxp://conficker-cleaner.com
* hxxp://confickerc.net/
* hxxp://conficker.com/
* hxxp://confickerc.org/
* hxxp://conficker.co.uk/
* hxxp://confickercvirus.com
* hxxp://confickercvirus.info
* hxxp://confickercvirus.net
* hxxp://confickercvirus.org
* hxxp://conficker.de/
* hxxp://conficker.info/
* hxxp://conficker.net/
* hxxp://conficker.org/
* hxxp://conficker-removal.info
* hxxp://conficker-removal-tool.com
* hxxp://confickerremover.blogspot.com/
* hxxp://conficker.us/
* hxxp://confickervirus.com/
* hxxp://confickervirus.info/
* hxxp://confickervirusremoval.com
* hxxp://conficker-wg.com/
* hxxp://confickerwg.com/
* hxxp://conficker-worm.com
* hxxp://confickerworm.com/
* hxxp://conficker-worm.net
* hxxp://conficker-worm.org
* hxxp://conficker-worm-removal.com
* hxxp://confickerwormremoval.com/
* hxxp://conflicker-worm-removal.com
* hxxp://downadupc.com/
* hxxp://downadup.com/
* hxxp://downadup.co.uk/
* hxxp://downadup.de/
* hxxp://downadup.info/
* hxxp://downadup.net/
* hxxp://downadup.org/
* hxxp://downadupvirus.com/
* hxxp://downadupworm.com/
* hxxp://removeconficker.net
* hxxp://removeconficker.org
* hxxp://remove-conficker.org - Actively serving malware
* hxxp://stopconficker.com/
* hxxp://w32downadupc.com/
* hxxp://www.confickercabal.com/
* hxxp://www.confickerwormremoval.com/
* hxxp://www.downadup.com/
Related Malicious Domains and Web Sites
* hxxp://advanced-care-free.com
* hxxp://anti-malware-free.com
* hxxp://antivirus360remover.com
* hxxp://av360removaltool.com
* hxxp://bytescan.org
* hxxp://combofixtool.com
* hxxp://combofixtool.org
* hxxp://fix-download.com
* hxxp://hijacktool.com
* hxxp://hijacktool.org
* hxxp://malwarebot.org
* hxxp://malware.com.tw
* hxxp://malwaree.com
* hxxp://malwaree.org
* hxxp://malware-malware.com
* hxxp://malware.ms
* hxxp://malware.org.in
* hxxp://malware.org.uk
* hxxp://remove-a360.com
* hxxp://remove-antivirus-2009.com
* hxxp://Remove-AntiVirus-360.com
* hxxp://remove-av360.com
* hxxp://remove-conficker.org
* hxxp://remove-ie-security.com
* hxxp://remove-malware-defender.com
* hxxp://remove-ms-antispyware.com
* hxxp://remove-personal-defender.com
* hxxp://remove-spyware-guard.com
* hxxp://remove-spyware-protect-2009.com
* hxxp://remove-spyware-protect.com
* hxxp://remove-system-guard.com
* hxxp://remove-total-security.com
* hxxp://remove-ultra-antivir-2009.com
* hxxp://remove-ultra-antivirus-2009.com
* hxxp://remove-virus-alarm.com
* hxxp://remove-virus-melt.com
* hxxp://remove-winpc-defender.com
* hxxp://smitfraudfixtool.com
* hxxp://vundofix.org
* hxxp://vundofixtool.com
* hxxp://zlobremovaltool.com
source:http://www.confickerworkinggroup.org...MaliciousSites
" I think computer viruses should count as life. I think it says something about human nature that the only form of life we have created so far is purely destructive. We've created life in our own image."
—Stephen Hawking
Actions : (View-Readers)
There are no names to display.
Posting Permissions
Reply With Quote