W32/Conficker.worm.gen.d Virus Worm Fix
Monday, October 26, 2009
Aliases
* Net-Worm.Win32.Kido.js [Kaspersky]
* W32.Downadup.E [Symantec)]
* W32/Confick-D [Sophos]
* Worm:Win32/Conficker.D [Microsoft]
* Worm:Win32/Conficker.gen [Ikarus]
* WORM_DOWNAD.E [Trend]
Symptoms -
* Files, registry, and network communication referenced in the characteristics section
Method of Infection -
This worm exploits the MS08-067 Microsoft Windows Server Service vulnerability in order to propagate. Machines should be patched and rebooted to protect against this worm re-infecting the system after cleaning.
This worm may also be downloaded unintentionally by users visiting malicious sites. Distribution channels could include IRC, peer-to-peer networks, email, newsgroups postings, etc.
Removal -
A combination of the latest DATs and the Engine will be able to detect and remove this threat. Avert recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.
Additional Windows ME/XP removal considerations
Stinger - A standalone removal tool has been released to assist in detecting and repairing this threat.
* Net-Worm.Win32.Kido.js [Kaspersky]
* W32.Downadup.E [Symantec)]
* W32/Confick-D [Sophos]
* Worm:Win32/Conficker.D [Microsoft]
* Worm:Win32/Conficker.gen [Ikarus]
* WORM_DOWNAD.E [Trend]
Symptoms -
* Files, registry, and network communication referenced in the characteristics section
Method of Infection -
This worm exploits the MS08-067 Microsoft Windows Server Service vulnerability in order to propagate. Machines should be patched and rebooted to protect against this worm re-infecting the system after cleaning.
This worm may also be downloaded unintentionally by users visiting malicious sites. Distribution channels could include IRC, peer-to-peer networks, email, newsgroups postings, etc.
Removal -
A combination of the latest DATs and the Engine will be able to detect and remove this threat. Avert recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.
Additional Windows ME/XP removal considerations
Stinger - A standalone removal tool has been released to assist in detecting and repairing this threat.
