One of Conficker’s purposes revealed….

It looks like all that updating Conficker did on April 1st and in the past few days had a reason: to push rogue anti-spyware software. According to several security software vendors, Conficker is dropping a program called SpywareProtect2009 on infected machines. The purpose of rogue anti-spyware programs is to scare users into paying for the software to clean up infections that the software itself has downloaded to the machine. Typically these programs will besiege the user with large pop-up windows proclaiming, in big red letters, that the computer is infected with hundreds of pieces of malware. If you receive any of these so-called warnings, don’t click on any of them. Run your security software (Norton, McAfee, Trend Micro, etc) to remove the threat. You can also go to any of the security vendors’ websites to get free removal tools for Conficker or any of the rogue anti-spyware programs. Check out our previous blog posts here for more information on Conficker and how to check for and remove it.