How to Protect Your Windows Server 2008 from Downadup/Conficker Virus with MrMogle's Skydd (Swedish)
If you are running Windows Server 2008 in Swedish and you are worried about the Downadup/Conficker virus, you might want to try MrMogle's Skydd, a free tool that can help you remove and prevent this threat. Downadup/Conficker is a worm that can spread through the network by exploiting weak passwords, autorun features, and a Windows vulnerability. It can also block access to security websites, disable Windows services, and download malicious code from the internet.
In this article, we will explain what Downadup/Conficker does, how to detect it, and how to use MrMogle's Skydd to get rid of it.
What is Downadup/Conficker?
Downadup/Conficker is a family of worms that target Windows systems. It was first discovered in late 2008 and has since infected millions of computers worldwide. It has several variants, such as A, B, C, and D, each with different capabilities and behaviors.
Downadup Conficker Skydd (Windows Server 2008,Swedish) - MrMogle
Some of the common features of Downadup/Conficker are:
It copies itself to the system directory as a randomly-named DLL file and adds itself as a system service.
It disables certain Windows services that might aid in cleanup or detection of the worm, such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services.
It deletes existing system restore points to prevent recovery.
It blocks access to multiple websites related to antivirus and security, most notably Microsoft and Windows Update.
It spreads through the local network by using password brute-forcing or exploiting a vulnerability in the Windows Server service (MS08-067). It also adds itself to any removable or network drives using an autorun.inf file.
It waits three hours, then attempts to download additional code by generating 250 different domain names and connecting to each via HTTP. Each day a new set of 250 domain names will be generated. The downloaded code may vary depending on the variant of the worm.
How to detect Downadup/Conficker?
If your computer is infected with Downadup/Conficker, you may not experience any symptoms, or you may experience any of the following symptoms:
Account lockout policies are being tripped due to too many failed login attempts.
Domain controllers respond slowly to client requests.
The network is congested due to high traffic generated by the worm.
Various security-related tools will not run or will display errors.
To confirm that your system is clean of Downadup/Conficker, you can perform a quick scan from the following web page: http://www.microsoft.com/security/scanner/
How to use MrMogle's Skydd?
MrMogle's Skydd is a free tool that can help you remove and prevent Downadup/Conficker infection on your Windows Server 2008 in Swedish. It does the following things:
It scans your system for any traces of Downadup/Conficker and removes them if found.
It restores the Windows services that were disabled by the worm and enables them again.
It unblocks access to the security websites that were blocked by the worm.
It patches the MS08-067 vulnerability on your system and prevents future exploitation by the worm.
It disables the autorun features on your removable and network drives to stop the worm from spreading through them.
To use MrMogle's Skydd, follow these steps:
Download MrMogle's Skydd from https://www.mrmogle.com/skydd
Run the tool as an administrator on your Windows Server 2008 in Swedish.
Follow the instructions on the screen and wait for the scan and cleanup process to finish.