The well-known malicious program, Conficker also known as Downadup or Conficker.D, is now evolved and came with the new variant. The new variation of Conficker worms can disable security update such as Microsoft Windows Automatic Update. The Conficker worms are already infected about 10 million computer users worldwide since its launch, although hasn’t causing big trouble since its activation date on April Fool day. The worm is not destroying files or stealing data but have capability to do so. The main concern about this worm is that it is capable of downloading additional code from the hacker’s Web site or through a peer-to-peer connection.


Key features of the Conficker virus are as below:

  • Ability to call up a “master computer” via the Internet for directions. This feature is present in an improved form in its latest variant.
  • Automatically be linked to the servers operated by the hackers.
  • Blocks infected systems from downloading new security software or receiving updates for security software.
  • Connects to a server where it receives instructions to propagate and gather personal information.
  • Automatically jumping from one computer to another over a local network or by hitching a ride on portable storage devices like USB drives.
  • Creates a back door in the system where the worm can download and install additional programs.
  • Exploits weaknesses in Microsoft’s Windows operating system including Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008 and windows 7 beta.
  • Can spread via shared networks or removable drives such as USB devices.
  • Also attaches to certain Windows processes such as svchost.exe, explorer.exe and services.exe.
  • The Conficker worms is one of the more sophisticated programmed developed for the moment. Authorities have not identified the culprits behind the worm or their intentions. US$250,000 bounty has put up by Microsoft to bring the Conficker creator to justice.

Only computers that has not been updated with new security signatures provided by KB958644 update is vulnerable. Thus computer users need to download the KB958644 security update from Microsoft.

Users can get the instructions on how to check that computer is infected by worm and how to remove its by click here, and download the KB958644 for respective operating system with Microsoft Download Center links listed in Security Bulletin MS08-067.

To further protect the Windows system, download and install the security software, example listed below.

Spyware Doctor with antivirus : Sdasetup.exe

Windows Live OneCare safety scanner : SetupOneCare.exe

Trend Micro Internet Security : TrendMicro_Downloader.exe

Norton 360 version 3 : Symantecstore