high
Summary
Summary
Action- More Information
| How it spreads |
|
|---|---|
| Affected operating systems | Windows |
| Characteristics |
|
| Protection available since | 13 January 2009 01:21:51 (GMT) |
| Last updated | 22 May 2009 14:25:01 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
W32/Confick-E provides detection and cleanup for the W32/Confick family of worms when they are active in memory. A detection of W32/Confick-E indicates a computer that has an active W32/Confick infection and that may be attempting to infect other hosts on the network.
Cleanup of W32/Confick-E will terminate the portion of the worm that is loaded in memory.
After cleaning up W32/Confick-E, run a full scan to detect samples of W32/Confick on disk that may not have been scannable while W32/Confick-E was active in memory.
For a general guide to cleaning up the Conficker family of worms, or if W32/Confick-E is not detected or cleaned up in memory, please see the Mal/Conficker-A additional cleanup instructions. Note that the remaining elements may be detected as other members of the W32/Confick family such as W32/Confick-D or Mal/Conficker-A.
More Information
W32/Confick-E spreads through Windows file shares protected with weak passwords, by copying itself to removable devices and by exploiting the MS08-067 Windows Server service vulnerability.
W32/Confick-E detects in-memory components of the Conficker family of worms. For a detailed description of the behavior of these worms please refer to the information for Mal/Conficker-A.
|
