What Is the Conficker Virus and Should You Be Worried?
Conficker, also known as Downadup or Kido, is the latest super virus to spread around the Internet and has security experts in a panic. When last we checked, about a week ago, Conficker had already spread to 9 million PCs, with little sign of slowing. Now it has infected at least 10 million PCs and experts believe there may be up to 350 million vulnerable computers out there.
The worm isn't just exploiting a networking hole, however; it features a sophisticated method of cracking administrator passwords, making it difficult to remove, and also copies itself to USB drives so that it can spread even when the online flaw is plugged.
What havoc has it wreaked so far?
So far this schizophrenic virus hasn't caused any serious damage. Its primary effect has been to prevent people from installing Windows updates and anti-virus software that could potentially thwart the malware. What worries security experts, though, is Conficker's ability to launch a second stage, downloading additional code that could hijack computers completely, steal personal information, or commit basic extortion -- demanding money for fake anti-virus software claiming to remove the infection.
How do you know you have it? What are the symptoms?
Since it is currently sitting dormant, possibly awaiting further instructions, Conficker is very difficult to detect without running an up-to-date virus and malware scanner. However, if your Internet connection is running abnormally slowly, if services such as Windows Defender is disabled, or if you are unable to access some security-related Web sites (like those for anti-virus programs), then you may be infected and should certainly follow the removal directions included below.
Is it the biggest virus ever?
Conficker has certainly spread far and wide, and gathered its fair share of media attention, but is it the biggest virus ever? That remains to be seen. It is certainly the biggest threat to personal computer security to come along in the last few years and would easily claim a spot on our list of the 15 Sneakiest Computer Viruses.
What can you do to stay safe?
Microsoft has already issued a fix for defeating the worm, but a full 30-percent of Windows PCs have yet to download the security update. So make sure you run Windows update and download the latest fixes. The latest versions of Norton, Kaspersky, McAfee, and the Switched-endorsed AVG are all capable of detecting and blocking Conficker, so make sure you have downloaded all updates to your anti-virus software.
Experts also suggest disabling autorun to prevent yourself from becoming infected via USB drive. Turning off autorun isn't easily done, so follow these directions:
- Go to the Start Menu and select 'Run'
- Run the following command: gpedit.msc
- In the Group Policy window go to Computer Configuration -> Administrative Templates -> System
- Under 'System,' double-click the 'Turn Off AutoPlay' option from the right hand pane
- Select 'Enable' and choose 'All drives' from the drop down menu
No. There's no need to buy a new computer, as most security programs offer ways to remove the worm.
If you think you're infected, download and run Microsoft's Malicious Software Removal Tool, or follow the directions found here to manually remove the worm.
Will it strike again? If so, where and how?
It's impossible to know if and when Conficker will strike again, especially since it is still running free and has yet to reveal its true purpose. Since Conficker is capable of downloading additional malicious code, it is also capable of self-updating. This function allows the worm to take advantage of other security holes once the ones it currently exploits are closed.
Potentially, Conficker could hang around for a very long time, or resurface in a slightly different form down the road. Knowing exactly when or where Conficker will rear its ugly head is simply impossible, but you can keep yourself safe by making sure your PC and security software (that includes anti-virus, spyware tools, and firewall) are up-to-date. Also, be sure to practice good browsing habits: avoid opening e-mail attachments from unknown addresses, don't download software from questionable sources, and stay away from sites whose security and legitimacy are uncertain.