Conficker, also known as Downup, Downadup and Kido, ( some people write it confickr ) is a computer worm targeting the Microsoft Windows operating system. It propagated through the Internet by exploiting a vulnerability in the network stack of Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta. The worm has been unusually difficult for network operators and law enforcement to counter because of its combined use of advanced malware techniques.
Conficker is the most widespread computer worm infection since SQL Slammer. The initial rapid spread of the worm has been attributed to the number of Windows PCs (estimated at 30%) which have yet to apply the Microsoft patch for the MS08-067 vulnerability. By January 2009, the estimated number of infected computers ranged from almost 9 million to 15 million. Antivirus software vendor Panda Security reported that of the 2 million computers analyzed through ActiveScan, around 115,000 (6%) were infected with Conficker.
Confickr worm Blocks DNS lookups, does an in-memory patch of DNSAPI.DLL to block lookups of anti-malware related web sites, disables AutoUpdate, Kills anti-malware, scans for and terminates processes with names of anti-malware, patch or diagnostic utilities at one-second intervals and more. Find symptoms of conficker and download confickr scanners (4) as well as removal tools (11 tools).