We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to stop Conficker worm

Millions of Windows PCs have been infected by a new computer worm dubbed 'Conficker'. Here's how you can protect your PC.

'Conficker' is a malicious worm that uses computer or network resources to make complete copies of itself and may include code that damages both a computer and network.

Once executed, Conficker disables a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting. Conficker then connects to a malicious server, where it downloads additional malware to install on the infected computer.

See also: Conficker virus hits Sheffield hospitals

Conficker can spread in three ways.

First, it attacks a vulnerability in the Microsoft Server service. Computers without Microsoft's October emergency security release can be remotely attacked and taken over.

Second, Conficker can attempt to guess or 'brute force' Administrator passwords used by local networks and spread through network shares.

And third, the worm infects removable devices and network shares with an autorun file that executes as soon as a USB drive or other infected device is connected to a victim PC.

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security products

Four ways to protect your PC against Conficker

  1. Scan all files Since Conficker uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions.
  2. Update Windows The alarmingly high number of Conficker infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it's important that Windows users, if they haven't already, download the latest Microsoft security patch that went out earlier this week.
  3. Use a blocklist This is less relevant for home users, but network administrators can also use a Conficker blocklist provided by F-Secure to try and stop the worm's attempts to connect to websites.
  4. Disable Autoron You can disable Autorun so that a PC won't suffer automatic attack from an infected USB drive or other removable media when it's connected. The Internet Storm Center links to one method for doing so, but the instructions involve changing the Windows Registry and should only be attempted by adminstrators or tech experts.


IDG UK Sites

Acer Aspire R11 review: Hands-on with the 360 laptop and tablet convertible

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

See how Framestore created a shape-shifting, oil and metal based creature for Shell

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......