Conficker worm still raging in TM Datacenter data center

TipsMake.com - Amongst us, surely many people have heard of this powerful computer worm, called Conficker, that has spread across millions of computers around the world and left tremendous consequences. .

As long as the computer has not updated the patch for Windows XP or Vista, or does not use the security program Internet Security and Antivirus can detect Conficker, which are favorable opportunities for this worm to spread to system. The name Conficker has become so familiar that many people think it has been the past, until the author has encountered a variation of it - the author currently hires a dedicated server system located in Malaysia, at TM Datacenter data center, webhost system using Windows Server 2008 R2 operating system. Due to the need to use this new operating system, the author asked the technical department to change the Windows XP version.

After the technical department hands over the account to the author, he interacts with this system via the Remote Desktop Connection function. The first thing to do is to immediately update the patches (hotfixes and service packs) directly from Microsoft. He opens Internet Explorer and the default address is the Microsoft home page that cannot be downloaded, the same problem occurs when the author visits the Windows Update page. But retrying with Google.com is no problem. Immediately, the author thinks of a case where the HOSTS file is corrupted. But after checking, he did not detect any problems with this HOSTS file. The next case may be because DNS server parameters can transfer domain names to IP address range, after replacing with Google DNS server, everything still does not progress.

With his experience, he speculated that the system might have been infected by a virus or worm, searched for a solution on Symantec's security page, and every symptom led to the Conficker culprit. They have changed, so smart that they can infect Windows XP systems (unpatched) automatically without user interaction.

Fortunately, the fix is ​​quite simple, all you have to do is temporarily turn off the dnscache service, so you can access the secure website and download the Conficker Removal Tool. After removing Conficker, he can proceed with Windows updates to ensure system security.

To stop dnscache service: Start Menu> Run > net stop dnscache and press Enter

Download the Conficker Removal Tool here.

Proceed to update Windows here.

The conficker worm was rediscovered about 4 months ago, and it is still active at the TM Datacenter data center. After that, the author reminded the system administrators here for letting this harmful worm spread so easily without any thorough or optimal measures for customers. Windows XP or Vista users are recommended to use the Conficker removal tools as above, and also update the latest hotfix or service pack to ensure safety.