- Account lockout policies are being tripped.
- Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services are disabled.
- Domain controllers respond slowly to client requests.
- The network is congested.
- Various security-related Web sites cannot be accessed.
What is Conficker worm:
The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction.
Am I at risk of having the Conficker worm?
Most antivirus software could detect and block the Conficker worm, so if you have updated antivirus software on your computer, you are at a much lower risk of being infected by the Conficker worm, if for some reason you believe your infected by Conficker worm just follow the 10 Easy Steps Virus and Malware Removal
What does the Conficker worm do?
To date, security researchers have discovered two variants of the worm in the wild
- Win32/Conficker.A was reported to Microsoft on November 21, 2008.
- Win32/Conficker.B was reported to Microsoft on December 29, 2008.
- Win32/Conficker.C was reported to Microsoft on February 20, 2009.
- Win32/Conficker.D was reported to Microsoft on March 4, 2009.
Win32/Conficker.B might spread through file sharing and via removable drives, such as USB drives (also known as thumb drives). The worm adds a file to the removable drive so that when the drive is used, the AutoPlay dialog will show one additional option
Update April 9, 2009
Worm:Win32/Conficker.E: identified by the MMPC on April 8, 2009
Also Known As:
W32/Conficker.G (Authentium (Command))
Worm:Win32/Conficker.E is detection for a variant of Win32/Conficker and is already identified by current signatures. Conficker.E infects other computers across a network by exploiting a vulnerability in the Windows Server service (srvsvc). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. Conficker.E is installed by previous variants of Win32/Conficker. This variant will self-terminate on May 3 2009.
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.