How does the Conficker virus work?

How does the Conficker virus work?

Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems. Once Conficker infects a computer, it disables many security features and automatic backup settings, deletes restore points and opens connections to receive instructions from a remote computer.

How do I manually remove Conficker virus?

Manual steps to remove the Win32/Conficker virus

  1. Depending on your system, do the following: In Windows Vista and Windows Server 2008, click Start, type services. msc in the Start Search box, and then click services.
  2. Double-click Server.
  3. Click Stop.
  4. Select Disabled in the Startup type box.
  5. Click Apply.

Who made Conficker?

The Conficker worm got its start in November 2008, when it was discovered by Microsoft Malware Protection Center infecting computers via two mechanisms, NetBIOS(network shares, or across a corporate network with shared resources)and later USB thumb drives.

Who created Conficker?

Two of them, Phil Porras and Vinod Yegneswaran, were the first to spot Conficker. The third author, Hassan Saidi, was the first to reverse-engineer it.

What is the history of the Conficker virus?

Discovery. The first variant of Conficker, discovered in early November 2008, propagated through the Internet by exploiting a vulnerability in a network service (MS08-067) on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 Beta.

What is Conficker malware?

It exploits a buffer overflow vulnerability in the Server Service on Windows computers. McAfee Labs has named the most recently discovered variant of this worm W32/Conficker.worm.gen.d. W32/Conficker is listed under Top Corporate User Malware in the Threat Library ( http://www.mcafee.com/us/mcafee-labs/threat-intelligence.aspx ).

What does Conficker do to my computer?

When executed on a computer, Conficker disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting.

What is the Windows Server Server 2008 Conficker worm?

The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008. The Conficker worm spreads itself primarily through a buffer overflow vulnerability in the Server Service on Windows computers.

author

Back to Top