remove downadup kido conficker windows worm virus
The Downadup worm also known as, Kido,Conficker and Windows worm, is yet another of those malicious software that are there on the loose infecting worldwide PC's using internet as a camouflage. Latest news reports say that this malicious thing has infected nearly 3.5 million PC's around the world. There have been many other viruses and worms on the loose in the year 2008 and Downadup is also part of these as it started infecting PC's in late 2008.
The people at Microsoft say that many more PC's are prone to this worm and the numbers could rise drastically. Engineers say that windows users must have their latest patch installed in their PC's in order to protect their PC's from it's attack.
The worm uses very complex methods to enter user's PC and create havoc. It looks for "services.exe" files in a PC and then attaches it self to this file. The file than makes it self part of the system dll files and Windows considers it as a normal service dll file and runs it along side others dll files.
Once it gets loaded by fooling the system, it starts its malicious work by playing with browsers. It redirects users to websites full of malware and then starts downloading more worms and spammy softwares. The worm also plays with system restore operation making it difficult for people to recover a PC.
A week and a half ago, Panda Security warned about the potential spread of the Conficker worm, a virus spread via USB devices. Since then, Panda has found that nearly six percent of scanned computers were infected, spanning 83 countries.
Originating in China, Conficker worm infection seems concentrated in the United States, Taiwan and Brazil. PandaLabs found 18,000 infected computers in the US alone. Analyzing two million computers, 5.77 percent, or 115,000 were found to be carrying the Conficker worm.
In the time since the security company issued an "orange alert" regarding the threat level of this malicious program, Panda says variants have been identified that launch brute force attacks to extract passwords from infected computers and internal networks. The company says the frequency of "weak" passwords-common dictionary words, own names-have aided the outbreak.
"Of the two million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven't seen since the times of the great epidemics of Kournikova or Blaster," says Luis Corrons, Technical Director of PandaLabs.
"This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels. The outbreak of this worm really highlights the need for users to establish strong passwords both on personal computers and corporate networks, as otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers."
Conficker uses a system of social engineering to spread via USB devices. When the Windows options menu appears after inserting a USB device, a prompt appearing to be an option to open a folder to see the files is actually an option to run the program and activate the malware.
The guys at the Microsoft feel that it is hard to track the origin of this worm because most known worms and trojans are downloaded from the same websites which people come across while searching for a software download. These websites are easy to track and action can be taken swiftly but with Downadup uses slightly different technique. What it does is that it creates multiple domain names everyday and the worm may reside in any one of them. This makes engineers hard to detect it.
Downadup Removal
Fortunately the worm could be removed if you are having 'Symantec antivirus' installed in your PC along with it's latest upgrades. But at times removal may get difficult as it doesn't allow you to use windows explorer properly. You can download a small and free Removal Tool developed by Symantec if you do not have the whole system installed. Make sure you follow all the instructions strictly before attempting to remove this nuisance out of your PC.
Download Downadup removal tool
Although I haven't really tested this tool but this is currently the latest available removal tool on the internet.
The Downadup worm also known as, Kido,Conficker and Windows worm, is yet another of those malicious software that are there on the loose infecting worldwide PC's using internet as a camouflage. Latest news reports say that this malicious thing has infected nearly 3.5 million PC's around the world. There have been many other viruses and worms on the loose in the year 2008 and Downadup is also part of these as it started infecting PC's in late 2008.
The people at Microsoft say that many more PC's are prone to this worm and the numbers could rise drastically. Engineers say that windows users must have their latest patch installed in their PC's in order to protect their PC's from it's attack.
The worm uses very complex methods to enter user's PC and create havoc. It looks for "services.exe" files in a PC and then attaches it self to this file. The file than makes it self part of the system dll files and Windows considers it as a normal service dll file and runs it along side others dll files.
Once it gets loaded by fooling the system, it starts its malicious work by playing with browsers. It redirects users to websites full of malware and then starts downloading more worms and spammy softwares. The worm also plays with system restore operation making it difficult for people to recover a PC.
A week and a half ago, Panda Security warned about the potential spread of the Conficker worm, a virus spread via USB devices. Since then, Panda has found that nearly six percent of scanned computers were infected, spanning 83 countries.
Originating in China, Conficker worm infection seems concentrated in the United States, Taiwan and Brazil. PandaLabs found 18,000 infected computers in the US alone. Analyzing two million computers, 5.77 percent, or 115,000 were found to be carrying the Conficker worm.
In the time since the security company issued an "orange alert" regarding the threat level of this malicious program, Panda says variants have been identified that launch brute force attacks to extract passwords from infected computers and internal networks. The company says the frequency of "weak" passwords-common dictionary words, own names-have aided the outbreak.
"Of the two million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven't seen since the times of the great epidemics of Kournikova or Blaster," says Luis Corrons, Technical Director of PandaLabs.
"This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels. The outbreak of this worm really highlights the need for users to establish strong passwords both on personal computers and corporate networks, as otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers."
Conficker uses a system of social engineering to spread via USB devices. When the Windows options menu appears after inserting a USB device, a prompt appearing to be an option to open a folder to see the files is actually an option to run the program and activate the malware.
The guys at the Microsoft feel that it is hard to track the origin of this worm because most known worms and trojans are downloaded from the same websites which people come across while searching for a software download. These websites are easy to track and action can be taken swiftly but with Downadup uses slightly different technique. What it does is that it creates multiple domain names everyday and the worm may reside in any one of them. This makes engineers hard to detect it.
Downadup Removal
Fortunately the worm could be removed if you are having 'Symantec antivirus' installed in your PC along with it's latest upgrades. But at times removal may get difficult as it doesn't allow you to use windows explorer properly. You can download a small and free Removal Tool developed by Symantec if you do not have the whole system installed. Make sure you follow all the instructions strictly before attempting to remove this nuisance out of your PC.
Download Downadup removal tool
Although I haven't really tested this tool but this is currently the latest available removal tool on the internet.
No comments:
Post a Comment