informa
Products & Releases

K7 Computing Develops Tool To Neutralize Confickr/Downadup Worm

K7Downadup Remover Tool is a console application that scans and removes Worm.Win32.Downadup malware files and associated registry entries from an infected machine
Chennai, TN 23rd January 2009 - K7 Computing, one of the leading information security software companies, has created a solution to the Internet worm "Downadup" (also known as Conficker) which exploits the Microsoft Windows Server Service. This vulnerability could allow remote code execution, which may result in easy exploitation of the Windows computers by the attacker without authentication. To counter this latest security threat K7 Antivirus Experts have developed "K7Downadup Remover Tool" - a solution that neutralizes this family of threats.

On analysing this worm, K7 Virus Experts have found that the worm may hook the system start up and would be present in the Windows Registry in several random names such as boot, center, config, driver, installer, image, universal etc. Also, the worm is smart enough to attempt to abort any security protection by searching for process strings including Symantec, ESET, Kaspersky, K7 and many more. Although all K7 Antivirus users are protected from infection by the latest updates, previously infected and unprotected machines may need to clean up their computers first, to neutralize this security threat. Users should also patch their Windows Operating system with Patch MS08-067. K7 Security experts also advise disabling the Autorun feature of Windows by following the instructions found here http://support.microsoft.com/kb/953252.

K7 Computing is now providing a simple tool to aid removal for infected users. The "K7DownadupRemover" tool is a console application that scans and removes Worm.Win32.Downadup malware files and associated registry entries from an infected machine. It also uses a generic & heuristic method to identify the presence of this malware and even quarantines this in a minimal time, to protect the users' PC from further infection. "This worm is a salutary reminder to all users not to be complacent about patching operating systems and to use and keep their anti-virus products updated" said Andrew Lee, Chief Technology Officer at K7 Computing. "The fix has been available from Microsoft for some three months now, and would have prevented much of this current chaos caused by the Conficker worm, disabling Auto-run is also an extremely good idea."

To view more details about the worm and the manual neutralizing procedure visit http://www.k7computing.com/index.php/component/option,com_k7virus/Itemid,94/id,526/view,showvirus/ or http://support.microsoft.com/kb/962007 To learn more about K7 Computing, please visit " http://www.k7computing.com About K7 Computing: K7 Computing is a leading information security software solutions company providing Anti-virus and TotalSecurity (Firewall, Antivirus, Anti-spam, Anti-Spyware, Privacy Control & System monitor) to protect individuals and organizations from IT threats like viruses, malware, spyware and other potential hacker attacks.

Founded in 1991, the company has in the past few years created Virus Security, which has gone on to become the fastest selling desktop security solution in Japan, with over 7 million users, and gaining acceptance in worldwide markets. Currently it is the No.1 Desktop Security product in Japan. Today K7 Computing, with its track record of Total Internet Security suite innovation, characteristic, compact engineering and swift response to evolving consumer expectations, is poised to widen its horizons all over the world. For more information visit: http://www.k7computing.com

Recommended Reading: