How do I protect my system from the new variant of the WORM_Downad.KK infection that may be released on April 1, 2009 (April Fools’ Day)?

Solution ID:	EN-1053392
Product:	PC-cillin Internet Security - 14 Dell, 14.7 Dell, 2005, 2005 Dell, 2006, 2007; Trend Micro AntiVirus plus AntiSpyware - 2007, 2008, 2009; Trend Micro Internet Security - 2008, 2009; Trend Micro Internet Security for Dell - 16.6; Trend Micro Internet Security Pro - 2008, 2009; WebSurf Booster - 1
Operating System:	All
Published:	5/31/2009 9:43 PM

Problem:

Recent news and media reports have been generated regarding a potential new WORM_Downad (also known as Conficker) threat, with some malicious activity set to activate on April 1, 2009. Trend Micro advises users to be vigilant about their computer and Internet usage to prevent infection.

This solution article contains more information on the threat and recommendations on how to avoid infection.

Note: This article applies to all Trend Micro Home and Home Office products and versions.

Solution:

Public

Please take note of the following symptoms of a WORM_Downad.KK infection:

·	Blocked access to antivirus and security websites
·	Spreading of the threat through shared network folders and removable storage devices like USB drives
·	Inability to log on to Windows user account profiles
·	Shutting off of Windows security updates
·	Killing of security-related tools like those from Sysinternals

*Important*: For machines that have already been infected and cannot access the latest updates, contact Trend Micro Technical Support for the Trend Micro System Cleaner tool created specifically to combat this infection.


To avoid being infected by WORM_Downad.KK, Trend Micro recommends that all customers do the following:

1.	Download the latest Windows updates from the Microsoft Update website, particularly the related update for MS08-067. For instructions, refer to solution EN-1053404 from our Knowledge Base.


2.	Disable the auto-run policy in Windows.

3.	Make sure your virus definitions are not up-to-date.
		Go your product’s main console and click Update Now to download the latest updates to protect your computer.


4.	Run a full scan regularly (Trend Micro recommends doing this twice a day for optimum protection) by opening the main console and clicking Scan Now.

		If you need to trigger a manual scan, refer to solution EN-1037940 for instructions.


Related Information:

·	For more details on WORM_Downad.KK, please refer to the Customer Information on WORM_Downad.KK Detection, Cleanup, and Prevention
·	WORM_Downad.KK on the Trend Micro Virus Encyclopedia
·	How to restore access to Trend Micro and other security sites that have been blocked by malicious software infections

Print This Solution

Rate this Solution

Did this article help you?

Yes No

Comments:

This form uses an automated system and does not provide feedback.