ALERT
Win32/Conficker.C Virus Triggers April 1st, 2009.

Conficker, also know as Downup, Downadup and Downadup is a computer worm that exploits a known vulnerability in the Windows Server System installed in Windows 2000, XP, Server 2003, and Server 2008.

Symptoms of infection:
  • Account lockout policies are automatically reset.
  • Microsoft Windows Services, such as Background Intelligent Transfer Service, Windows Defender, and Error Reporting Services are automatically Disabled.
  • Domain controllers respond very slowly to their client requests.
  • System networks usually get congested. This can be checked by network traffic chart on the windows task manager.
  • Windows systems updates cannot be accessed.
  • Launches a brute force dictionary attack against administrator passwords to help it spread through ADMIN$
Impact?
Experts say that this is the WORST attacker after SQL Spammer. In recent years, a range of 9 - 15 million computers across the globe were infected by this worm.

Patching and Removal

On 15 October 2008 Microsoft released a patch (MS08-067) to fix the vulnerability.[30] Removal tools are available from Microsoft,[31] BitDefender,[32] ESET, Symantec,[33] Sophos,[34] and Kaspersky Lab,[35] while McAfee and AVG can remove it with an on-demand scan.[36][37] While Microsoft has released patches for the later Windows XP Service Packs 2 and 3 and Windows 2000 SP4 and Vista, it has not released any patch for Windows XP Service Pack 1 or earlier versions (excluding Windows 2000 SP4), as the support period for these service packs has expired. Since the virus can spread via USB drives that trigger AutoRun, disabling the AutoRun feature for external media (through modifying the Windows Registry) is recommended.[38] However the United States Computer Emergency Readiness Team describe Microsoft's guidelines on disabling Autorun as being "not fully effective," and they provide their own guides.[39] Microsoft has released a removal guide for the worm via the Microsoft website.

Also, on March 16, 2009, BitDefender released an updated tool to remove the already famous Downadup/Conficker worm on a new domain that has not been blocked by the malicious computer code at a website called "bdtools.net".

Apart from the fact that the BitDefender tool removes the latest and most resilient to disinfection release of the virus, it also comes as a separate installer dedicated to network administrators. In this way, the scanner can be dispatched throughout networks in order to remotely scan and disinfect workstations.


2 comments

  1. coffee maker // March 31, 2009 at 10:42 PM  

    how in the world might such a ridiculous worm get in my system in the first place, i wonder?

  2. Hasham // April 1, 2009 at 7:23 AM  

    There are several myths... the most popular is that it is a manufacturing error, imperative to avoid in Microsoft Windows XP. Other theories are also available, but not very popular.

All Free Downloads