New Nasty Windows Worm (Downadup, Conficker or Kido)

[Aeshanjace]

---

hahaha, sir binisaya bi wa ko kasabot dah..

hehehe koan na sya sir, mga hardware na nga naka install sa server rack mount namo bah, the one at behind in my photo.

[Aeshanjace]

just a thought, updated ba ang windows patches ninyo? for a corporate environment, much better man gud nga updated ang servers sa mga critical patches then ang mga workstation sad.
how about ang network structure? 1 whole network ni sya wlay mga sub-net or firewalls in between?

Yes sir, our hardware and software are all running in a corporate license, thats why we also obtain updated informations and support softwares from microsoft. In terms of network infra, we design it on a standardize US-Based Setup and were planning to have an ISO certifications. And regarding in firewalls, yes we have installed firewall netscreen hardware to block and restrict our gateways to outside connections also it has include features to support VPN server that we are currently using right now. And the subnetting, we already configure set of subnet range for the different level of user's and group policy. You might wonder why are we still infected even were on the high state settings of securities and access. It's because we I.T. Dept need to test and explore different newly applications and software that would help in ensuring our I.T. organization as a safety, reliable, stability, efficiency and integrity. There is sometimes that we need also to explore everything that is useful to defend and enhance performance to our I.T. organization, Until in such time, that some of the low level viruses pass through and we just usually don't care about that cases coz, it's being monitored by the anti-viruses we have. Sometimes we just underestimate the small things that unpredictably could turn into worst I.T. problem cases. Well that whats happen why we possibly attacked by the viruses.

[handsoff241]

@aeshanjace
sir unsa company nimo sir? nag hiring mo dha sir bisan janitor lang (lol) or manawat mo ug associate graduate nga computer technician?

[kensh1n]

hmm.. i think they're minds are just persuaded by too much cyber-crime movies they have seen.. why would they want to do that? if they are smart enough,, they know they can't work forever, it will be better if they retire from a company and receive compensation, its always a better option than going cyber criminal guy...

and i dont believe there is a man smart enough to know all the corners of the internet.
im still not relieved of my somewhat crazy idea, that the antivirus company themselves are the ones making and updating this viruses and worms..

Underground, smart people doing this stuff are paid more, more and more...

[Aeshanjace]

@aeshanjace
sir unsa company nimo sir? nag hiring mo dha sir bisan janitor lang (lol) or manawat mo ug associate graduate nga computer technician?

hehehe lol, somewhere in I.T. Park mi then sa MEPZ pud naa rami diha sir. Wla raba ko idea sir if nag hire ba mig I.T. pa dri, but I heard graphics, design, 3d, 2d, Cad renderer might be one of those vacant position are needed. pro try lang inquire, i think most of the I.T. companies in IT park are looking for I.T. people. masdaghan hiring sa IT park sir.

[handsoff241]

hehehe lol, somewhere in I.T. Park mi then sa MEPZ pud naa rami diha sir. Wla raba ko idea sir if nag hire ba mig I.T. pa dri, but I heard graphics, design, 3d, 2d, Cad renderer might be one of those vacant position are needed. pro try lang inquire, i think most of the I.T. companies in IT park are looking for I.T. people. masdaghan hiring sa IT park sir.

aha! i knew it, hmmm.. nagduda gyud ko nga imu company is something that caters to a huge internet monster users like call centers.. hehe tag-an pa ko. ok ra sir oi.. mo-eskwela paman pud ko ug tiwas, ths time i will focus on computer graphics and web designing.
back sa topic,

wala nay trace sa virus sir? naunsa na man tong virus?

[Aeshanjace]

aha! i knew it, hmmm.. nagduda gyud ko nga imu company is something that caters to a huge internet monster users like call centers.. hehe tag-an pa ko. ok ra sir oi.. mo-eskwela paman pud ko ug tiwas, ths time i will focus on computer graphics and web designing.
back sa topic,

wala nay trace sa virus sir? naunsa na man tong virus?

According to our research sir, the virus started to scatter in Central Area of states and mainly came from Europe gyd. Right now we penetrate to stop and take over the infected "for the mean time", coz we conduct an isolation last week, one of the infected is still positive in worm. We already applied all disinfect removal, but still the worm is active and can penetrate anytime. Right now we change our settings into maximum of high level security and because of that some of our applications that needed to access our domain is currently disable.

Patabang nya ko ninyu mga bro basin naa moy laing idea sa pag tang2x aning w32.downloadup.b aside sa registry, kaysa karn thru registry pa namo ni gi kill.

[handsoff241]

According to our research sir, the virus started to scatter in Central Area of states and mainly came from Europe gyd. Right now we penetrate to stop and take over the infected "for the mean time", coz we conduct an isolation last week, one of the infected is still positive in worm. We already applied all disinfect removal, but still the worm is active and can penetrate anytime. Right now we change our settings into maximum of high level security and because of that some of our applications that needed to access our domain is currently disable.

Patabang nya ko ninyu mga bro basin naa moy laing idea sa pag tang2x aning w32.downloadup.b aside sa registry, kaysa karn thru registry pa namo ni gi kill.

wow! through registry? manual registry editing na inyu gibuhat? grabeha gud..
kuyaw pud na kung masayup mo ug edit sa registry..

unsa man diay nga mga anti-virus or anti-spywares etc. nyu gamit sir?

[Aeshanjace]

wow! through registry? manual registry editing na inyu gibuhat? grabeha gud..
kuyaw pud na kung masayup mo ug edit sa registry..

unsa man diay nga mga anti-virus or anti-spywares etc. nyu gamit sir?

Yes mao lagi sir d sad ka kompyansa.an kung magdanghag kas registry, complicado man pud gud, sa karn sir Symantec Anti-Virus Corp License version 10.2 na among gamit ron sir, naka Parent Server na sya sir with Centralize Management Console. Naa pud mi Mcafee na naka installed sa other flatforms namo sir.

Nice pud nang mga web developer sir, unsa language capable ka sir? pra gamiton nimo sa imong web sir?

[handsoff241]

Yes mao lagi sir d sad ka kompyansa.an kung magdanghag kas registry, complicado man pud gud, sa karn sir Symantec Anti-Virus Corp License version 10.2 na among gamit ron sir, naka Parent Server na sya sir with Centralize Management Console. Naa pud mi Mcafee na naka installed sa other flatforms namo sir.

Nice pud nang mga web developer sir, unsa language capable ka sir? pra gamiton nimo sa imong web sir?

symantec, makers of norton right? wala diay mo nangayu ug assistance nila sir? their product's purpose was to prevent that infection nya na infected na noun mo... worst is you guys are doing a manual editing of the registry.. samukan man gani ko magtan-aw sa akong registry nga gamay ra kaau and it looks complicated samot na nyuha,
all the platforms were infected?

actually sir, the languages i know are just simple introduction to java and visual basic mao ra, then assembly language. cause im a computer technician graduate (2 year course in ACT) gamay ra kau ang gikarga nga programing language sa among subject, more on hardware gyud mi. but now im planning to re-enroll in ACT and take-up computer science, cause as ive said before i will get into computer graphics and web designing (my target industry is online.offline gaming industry)