Windows malicious program hits three million computers

By on

A worm that spreads between PCs, memory sticks and low security networks, is posing as a brand new threat to computer users, even though Microsoft released a patch fixing it. Discovered in 2008, it is known as Conficker, Downadup or Kido; and that it has gone and affecs 3.5 million machines.

Experts have said that you should have the latest updates on your antivirus system, and install the MS08-067 patch from Microsoft. The exploit affects Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

The worm, according to Microsoft, searches for the executable file called “services.exe”, and then becomes a part of hte coding. Then it proceeds to copies itself as a dll file with a random 5-8 character name, and modifies the registry to make it run the services. Once that is done, it effectively becomes a HTTP server, and resets the machine’s System Restore point, making it harder to remove.

Once all those are done, it then proceeds to download files from the hacker’s website.

And while it would be easy to track the site down; this worm generates hundreds of different domain names every day, making it harder to track the site down.

According to a recent report by F-Secure, China, Brazil, Russia, India and Ukraine were listed as the top 5 countries that haveb been infected. In the United States, only 3,958 computers had been infected; while in the United Kingdom, only 1,789 computers were infected.