K7 Computing Neutralizes the Latest Internet Worm
Chennai, Tenn. —Jan. 23
K7 Computing, an information security software company, has created a solution to the internet worm “Downadup” (also known as Conficker) that exploits the Microsoft Windows Server Service. This vulnerability could allow remote code execution that may result in easy exploitation of the Windows computers by the attacker without authentication. To counter this latest security threat, K7 Antivirus Experts have developed “K7Downadup Remover Tool,” a solution that neutralizes this family of threats.
On analyzing this worm, K7 Virus Experts have found that the worm may hook the system start-up and would be present in the Windows Registry in several random names such as boot, center, config, driver, installer, image, universal, etc. Also, the worm is smart enough to attempt to abort any security protection by searching for process strings including Symantec, ESET, Kaspersky, K7 and many more.
Although all K7 Antivirus users are protected from infection by the latest updates, previously infected and unprotected machines may need to clean up their computers first, to neutralize this security threat. Users should also patch their Windows Operating system with Patch MS08-067. K7 Security experts also advise disabling the Autorun feature of Windows by following the instructions found at support.microsoft.com/kb/953252.
K7 Computing is providing a simple tool to aid removal for infected users. The “K7DownadupRemover” tool is a console application that scans and removes Worm.Win32.Downadup malware files and associated registry entries from an infected machine. It also uses a generic and heuristic method to identify the presence of this malware and even quarantines this in a minimal time, to protect the users’ PC from further infection.
“This worm is a salutary reminder to all users not to be complacent about patching operating systems and to use and keep their anti-virus products updated” said Andrew Lee, chief technology officer at K7 Computing. “The fix has been available from Microsoft for some three months now and would have prevented much of this current chaos caused by the Conficker worm, disabling Auto-run is also an extremely good idea.”