The Conficker Worm

A particularly nefarious piece of malware has been in the news a lot lately: Conficker. Also known as Downadup and the April Fools worm, it is very sneaky and difficult to detect. Fortunately, because of its popularity, there has been a lot of research done to figure out ways to stop it from spreading and to remove it from machines that have been infected. The easiest way to determine if you have been infected with Conficker is to use the Conficker eye chart (available here). Part of Conficker’s programming is to block access to well-known security software vendors’ websites, such as Symantec and Trend Micro. The “eye chart” has a legend that explains what you should see if you don’t have Conficker, and also what you see if you do have Conficker. If the chart appears normal, then you most likely haven’t been infected; if there are some images missing, then you probably have Conficker. Don’t panic though, it can be fixed. You can access a list of steps to remove Conficker here, or you can give us a call. Even if you don’t have Conficker, make sure you have the latest version of your preferred security software and that it’s up-to-date. We recommend Norton Internet Security 2009 (available here).