24 May 2009


This 8 months old Conficker or Downadup worm is still infecting around 50,000 computers on a daily basis and is proven to have infected several of the top 1000 companies in the U.S..

In September 2008 several security companies including Microsoft warned about a new threat arrives to our computers, the Conficker was on its way to you. The message was to all, update your software including the operative system to stay clear of the threat.

In May 2009, eight months later and several worm generations later and a massive amount of media attention the Conficker or Downadup virus is still active and makes its entry to computers worldwide. According to internet security company Symantec there are still around 50,000 computers infected by this virus and India, U.S.A and Brazil are worst hit by it.

Lots of the hype in the media seems to have died around Conficker, but it is making progress and spreads with a surprising speed.

Millions of computers are already infected by this malicious worm that can open security holes in back doors on your computer. This makes it possible for cyber criminals to utilize resources on your computer without you knowing it at all. The virus seems to spread to become the largest botnet in the world.

Companies are spending millions of dollars to avoid infections and misuse of their computer systems. However, it is difficult and really expensive to stop its parade into their computers anyway.

Companies makes an effort in stopping the viruses and to get control of its progress by setting up sinc hole servers to illustrate infection progress and the amount of infections. Based on this they can illustrate that many of the largest companies including Microsoft are still infected by viruses of various kinds.

The estimate is that 6 out of 10 web sites are vulnerable to viruses and could be sources of viruses.

The giant botnet of conficker is huge but has not yet made any dramatic on the net, or at least as we know about at this moment. But the botnet grows by the day and becomes fatter and fatter and therefore more powerful to launch an attack on the net.

It is a sizable botnet with enormous resources globally, and with the right control system, this botnet can perform significant activities on the internet and create potential situations that can be very harmful both to private companies and individuals, but also public authorities. -

Therefore it is of main concern how effective internet security companies can create a serum against these viruses, but also how authorities around the world can protect themselves as well as you and me against any malicious attack now and in the future.

You can check if your computers are infected by taking the picture test. Since the worm blocks over 100 antivirus and security net places, it will also block certain pictures from any security vendor.

Take the test here.

If you seem to be infected after taken this test, you can remove the worm with Microsoft own Malicious Software Removal Tool.

If this should fail, you can also remove the worm manually – even if this is not user friendly at all, and should be left to someone with some knowledge about the operating system.

Security vendors also provide software to remove this virus, so you could check some of their web sites to get help there.

If you can not access their web pages, then you have to turn of the blocking function of the worm itself manually. You can do this by the following procedure;

1. Klick on start and choose run

2. Write «cmd» in the dialogue box and press ok

3. Write the command «cd..» till you are left with only «C:>» in your screen

4. Write the command «net stop dnscache» and click enter

5. You will now be able to use the web sites and links provided above.

If you are not infected and would like to stay like that, then you have to do the following to avoid infection:-

1. Update with latest security patches from Microsoft. To stay updated is smart to avoid infections of a variety of worms and viruses, since they try to utilize security holes in the software.

2. Install antivirus and other security software and keep them updated. Try to avoid use of free versions of these tools, as some malicious activities are registered amongst some players of free antivirus software providers.

3. Make sure to have strong user identities and passwords on all systems and software you use on your computer and web sites.

4. Have a control on use of memory sticks and external hard drives on your computer. Turn off the autorun function on your computer.

5. Make sure you keep updated versions of other commonly used software like Adobe reader and flashplayer together with the realplayer f.inst. There are several other programs that are vulnerable, so please check upgrades of all installed software on your computer.


Post a Comment

Thanks for commenting... ;)

What Say You? © 2005 - 2016.