January 25, 2008
Doctor Web notifies all users that the Win32.HLLW.Shadow.based
polymorphic network worm also known as Net-Worm.Win32.Kido,
W32.Downadup and Worm:Win32/Conficker is still running in the wild. By
now several modifications of the malicious program have been
discovered. Dr.Web anti-virus programs using latest virus definitions
can cure the system of all modifications of the worm and prevent it
from getting into the system.
Doctor Web has already issued a warning about the outbreak of
Win32.HLLW.Shadow.based . The piece of news also described
functionality of the polymorphic worm (some of its modifications can
be detected by Dr.Web as Win32.HLLW.Autoruner.5555), its curing method
and provided tips on how to avoid such infections in the future.
Virus analysts of Doctor Web have been adding curing procedures for
all modifications of Win32.HLLW.Shadow.based to the virus database
since it was discovered. Doctor Web recommend users of other
anti-viruses to check if their virus definitions are up to date and
make sure that they can visit www.drweb.com and _http://freedrweb.com_
without any problems which willmean that the system has not been
compromised by the worm. If the last updating of a virus database has
been performed twenty-four hours ago or earlier and the web-sites are
inaccessible, the system may be infected by Win32.HLLW.Shadow.based.
If so do the following;
* Install latest Windows security updates:
* download Dr.Web CureIt! (http://freedrweb.com) that features
latest virus definitions and perform the full scan of all disks;
* reboot the system;
* update the virus database of your anti-virus.
View the article
Epidemics of Win32.HLLW.Shadow.based (Net-Worm.Win32.Kido, W32.Downadup, Worm:Win32/Conficker) persists in the Internet
Нет ответов в данной теме
Читают тему: 0
0 пользователей, 0 гостей, 0 скрытых