Target: All users of Windows XP and Windows Vista.
If you’re worried about the Conficker worm striking on April 1st, don’t be.
On April 1st the Conficker worm will simply start taking more steps to protect itself. Beginning on April 1st the worm will use a communications system that is more difficult for security researchers to interrupt.
The Conficker worm, sometimes called Downadup or Kido has managed to infect a large number of computers. Specifics are hard to come by, but some researchers estimate that millions of computers have been infected with this threat since January.
What does the Conficker worm do?
The Conficker worm has created secure infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.
The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.
How does the worm infect a computer?
The Downadup worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.
How does the Conficker worm work?
How do I remove the Conficker worm?
1) Try using the Windows Live OneCare Safety Scanner
2) Try using the Symantec Removal Tool
For more infomration, please visit the following sites: