contents

software
 
K7 Computing Neutralizes the Latest Internet Worm

K7 Computing has created a solution to the internet worm "Downadup" (also known as Conficker) which exploits the Microsoft Windows Server Service. This vulnerability could allow remote code execution, which may result in easy exploitation of the Windows computers by the attacker without authentication. To counter this latest security threat K7 Antivirus Experts have developed "K7Downadup Remover Tool" - a solution that neutralizes this family of threats.

On analysing this worm, K7 Virus Experts have found that the worm may hook the system start up and would be present in the Windows Registry in several random names such as boot, center, config, driver, installer, image, universal etc. Also, the worm is smart enough to attempt to abort any security protection by searching for process strings including Symantec, ESET, Kaspersky, K7 and many more. Although all K7 Antivirus users are protected from infection by the latest updates, previously infected and unprotected machines may need to clean up their computers first, to neutralize this security threat. Users should also patch their Windows Operating system with Patch MS08-067. K7 Security experts also advise disabling the Autorun feature of Windows by following the instructions found here.

K7 Computing is now providing a simple tool to aid removal for infected users. The "K7DownadupRemover" tool is a console application that scans and removes Worm.Win32.Downadup malware files and associated registry entries from an infected machine. It also uses a generic & heuristic method to identify the presence of this malware and even quarantines this in a minimal time, to protect the users' PC from further infection.



write your comments about the article :: 2009 Computing News :: home page