The Conficker worm, virus information and removal

The Conficker worm, virus information and removal

Conficker worm
The Conficker virus (actually a worm) uses a serious vulnerability in Windows that Microsoft in October 2008 with an emergency update poem has. The many number of PC users that the update is not installed correctly, has the virus and free play opportunities within a very short, the huge spread. Conficker appeared in November for the first time as virus and, at the time of writing this article, already more than 10 million PCs worldwide infected with more than 7 million computers in 3 days this worm is very successful.

After infection the worm attempts to spread itself further. It also blocks the access to the sites of some antivirus companies, making it even harder for a solution to the virus found.

Alternative names for this worm and other

* Kido
* Downadup


Worm
A worm is designed to replicate themselves to other computers but can, unlike a virus, automatically. The worm takes possession of functions on the device information or files can be sent. Is a worm in your system once, then he can independently and quickly spread over networks, email, msn or other channels. The greatest danger worms is their ability to duplicate very large volumes. A worm can operate independently to read a directory and infecting many people at once, in the worst cases it causes a domino effect that even in the past surges in Internet traffic have been observed. A new worm spread quickly, partly because it is not always immediately possible that anti-virus programs detect the worm.

How do I know if I am infected?
The worm creates the following service:

* Name: netsvcs
* Path:% SystemRoot% system32svchost.exe-k netsvcs


The following registry additions are made by the worm:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesnetsvcsParameters "ServiceDLL" = "[PathToWorm]

Solution
To prevent this worm is to install the Microsoft solution (patch) * essential. ** The Symantec removal tool to remove the worm from your PC. Remove the worm patch from Symantec and then do the Windows Update or Microsoft patch.