Free Tool Stops Same Conficker Worm that Brought Down European Defense Systems

Share Article

Botnet is defenseless against Tizer Secure's new driver-based removal tool.

There are actually other viruses known to create more damage

It's been a year since the world first experienced the Conficker worm, a potentially dangerous botnet that is said to have disrupted computer networks within European military facilities and other high-impact targets.

The French Navy grounded fighter planes in mid-January after Conficker infected the facility's databases, which prevented officials from downloading flight plans. Similarly, Conficker infiltrated email and computer support systems in Britain's Defense Ministry, affecting 24 Royal Air Force bases and 75% of the Royal Navy Fleet. In March, the German Armed Forces had to disconnect from the military's computer network after Conficker infiltrated hundreds of computers.

As Conficker made these headlines, developers at X-Wire Technology were quietly working on a solution to rid computer systems of this new and dangerous worm. First, X-Wire's researchers took note of how Conficker replicates, spreads over networks and foils removal.

Conficker exploits a vulnerability in the Windows Server Service to replicate. Once Conficker infects one machine, it easily spreads through network connections to infect other machines using the same vulnerability. It also spreads through the use of infected USB flash drives, including mass storage devices and MP3 players.

On each infected system, Conficker changes access conditions and removes permissions. As security utilities try to make the worm visible in order to remove it, they fail because these utilities no longer have access permissions. Conficker also blocks access to popular antivirus and support sites presumably in order to prevent the download of a removal solution.

"There are actually other viruses known to create more damage," says Joy Valentine, CEO and co-founder of X-Wire Technology. "However, Conficker's tremendous ability to spread as a botnet makes the worm more dangerous because no one really knows what it will do next."

In fact, as it lies dormant on an infected system, the Conficker worm awaits further instructions from its creators, which could be anything from tracking a user's keystrokes to stealing passwords or launching a spam attack. In short it could potentially be used for criminal activity on a large scale.

If you are infected, removal is the recommended option. Tizer Conficker Razor™ successfully removes all variants of the Conficker worm and Conficker-type malware because it uses heuristic and behavioral analysis for detection and a newly developed driver-based tool for removal.

This method of detection and removal is much more reliable than the outdated technology of using malware signatures in a database to detect the threat. Because multiple variants of the virus have already been detected, each with different signatures, a signature based tool may not be able to detect every Conficiker and Conficker-type variant.

X-Wire Technology offers Tizer Conficker Razor™ as a separate free utility to download for personal use. is not a targeted antivirus site that the Conficker worm currently blocks so it is accessible even to those already infected.

About X-Wire Technology--Headquartered in Chapel Hill, NC, and with offices in Mumbai, India, X-Wire Technology provides IT services to clients around the world. As a Microsoft Certified Partner that has achieved Microsoft Competency in ISV/Software Solutions, X-Wire Technology specializes in product development, technical support, software customization, business automation, ecommerce solutions, web programming, design and engineering services.


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Visit website