The malicious program - also known as Downadup or Kido - was first discovered in October 2008. Although the spread of the worm appears to be levelling off, there are fears someone could easily take control of any and all of the 9.5m infected PCs. F-Secure's chief research officer, Mikko Hypponen, said�� "Total infections appear to be peaking. That said, a full count is hard, because we also don't know how many machines are being cleaned. But we estimate there are still more than 9m infected PCs world wide. It is scary thinking about how much control they [a hacker] could have over all these computers. They would have access to millions of machines with full administrator rights. But they haven't done that yet, maybe they're scared. That's good news. But there is also the scenario that someone else figures out how to activate this worm. That is a worrying prospect."
�
Experts say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch. The patch is known as KB958644. Graham Cluley, senior technology consultant with anti-virus firm Sophos, said the outbreak was of a scale they had not seen for some time. "Microsoft did a good job of updating people's home computers, but the virus continues to infect business who have ignored the patch update. A shortage of IT staff during the holiday break didn't help and rolling out a patch over a large number of computers isn't easy. What's more, if your users are using weak passwords - 12345, QWERTY, etc - then the virus can crack them in short order, but as the virus can be spread with USB memory sticks, even having the Windows patch won't keep you safe. You need anti-virus software for that."
Method

According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code. It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site. Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down, but Conficker does things differently.

Anti-virus firm F-Secure says that the worm uses a complicated algorithm to generate hundreds of different domain names every day, such as mphtfrxs.net, imctaef.cc, and hcweu.org. Only one of these will actually be the site used to download the hackers' files. On the face of it, tracing this one site is almost impossible.

Microsoft says that the malware has infected computers in many different parts of the world, with machines in China, Brazil, Russia, and India having the highest number of victims, and new variants are appearing.

IT IS IMPERATIVE THAT YOU HAVE UP TO DATE ANTIVIRUS SOFTWARE ON YOUR PC! WITHOUT IT YOU ARE AT RISK. Not sure? Call us for help and advice.

WINDOWS V7.

As mentioned before windows 7 beta version is now downloadable from Microsoft�s website. But what can you expect? And should you even try it? Here is a list of new user interface features that come with Windows 7:
Aero Desktop (improved)

• Aero Peek: A specific open window or all open windows can be made transparent
• Aero Snaps: Open windows can be snapped to screen borders
• Aero Shake: Desktop items can be minimized or maximized by shaking them
• Maximize a window by dragging its border to the top of the screen