"Downadup" (or 'Conficker') disables a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender, and Windows Error Reporting, & dozens of security related connections.
The worm then connects to a malicious server, where it downloads additional malware to install on the infected computer.
Since Downadup uses random extension names to avoid detection, Windows users should make sure their security software is set to scan all files, rather than checking on specific extensions, F-Secure recommends.
The alarmingly high number of Downadup infections led Microsoft last Tuesday to enable its anti-malware utility, Microsoft Software Removal Tool (MSRT), to detect the worm. So it's important that Windows users, if they haven't already, download the latest Microsoft security patch that went out recently.
New variations of the worm now 'phone home' (contact a domain) to receive new instructions from thousands of potential motherships, and so the concern of large scale, web based malicious actions is growing.
Microsoft's MSRT- Malicious Software Removal Tool
boasts it can remove this and other malware.
http://www.microsoft.com/security/malwareremove/families.mspx
Includes: Banload; Conficker (aka "Downadup"); Anti-virus 2009; et al
If you have downloaded & installed the most recent
MSRT from Microsoft (get it today):
Right click the desktop > New> Shortcut; then type in " MSRT " (sans quote), a shortcut will be made directly to run the tool.
This will identify known malware, and corrective action taken, but of course can't do anything about "zero day exploits".
Has full UI; quick scan takes 5 minutes; full scan (advisable) 15+ min.
Gives results of scans, checks e-mail, etc.
Very handy set-up.
For download of the MSRT, go here:
http://www.microsoft.com/security/malwareremove/default.mspx
How it works
http://tech.yahoo.com/news/pcworld/20090213/tc_pcworld/withglobaleffortanewtypeofwormisslowed
http://tech.yahoo.com/news/pcworld/20090213/tc_pcworld/confickerwormdrawsacounterattack