We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 

How to stop Conficker worm

Millions of Windows PCs have been infected by a new computer worm dubbed 'Conficker'. Here's how you can protect your PC.

'Conficker' is a malicious worm that uses computer or network resources to make complete copies of itself and may include code that damages both a computer and network.

Once executed, Conficker disables a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. Conficker then connects to a malicious server, where it downloads additional malware to install on the infected computer.

See also: Conficker virus hits Sheffield hospitals

Conficker can spread in three ways.

First, it attacks a vulnerability in the Microsoft Server service. Computers without Microsoft's October emergency security release can be remotely attacked and taken over.

Second, Conficker can attempt to guess or 'brute force' Administrator passwords used by local networks and spread through network shares.

And third, the worm infects removable devices and network shares with an autorun file that executes as soon as a USB drive or other infected device is connected to a victim PC.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Four ways to protect your PC against Conficker

  1. Scan all files Since Conficker uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions.
  2. Update Windows The alarmingly high number of Conficker infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it's important that Windows users, if they haven't already, download the latest Microsoft security patch that went out earlier this week.
  3. Use a blocklist This is less relevant for home users, but network administrators can also use a Conficker blocklist provided by F-Secure to try and stop the worm's attempts to connect to websites.
  4. Disable Autoron You can disable Autorun so that a PC won't suffer automatic attack from an infected USB drive or other removable media when it's connected. The Internet Storm Center links to one method for doing so, but the instructions involve changing the Windows Registry and should only be attempted by adminstrators or tech experts.

PCWorld.com

IDG UK Sites

Samsung Galaxy Note 4 release date, price and specs 2014

IDG UK Sites

iOS 8 features wishlist: the changes iPhone and iPad users want in Apple's iOS 8

IDG UK Sites

25 Years of the World Wide Web: Happy Birthday, Intenet

IDG UK Sites

Developers get access to more Sony camera features