Win32/Conficker.AA, also known as W32/Worm.AHGV, Win32.Worm.Downadup, Net-Worm.Win32.Kido.bg, Worm:Win32/Conficker, W32/Conficker.worm.gen, and Mal/Conficker, is a malicious worm that spreads to computers in a local network by utilizing Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability. The Win32/Conficker.AA worm can perform numerous hideous actions on your PC. Win32/Conficker.AA worm can block your access to security websites as well as erase System Restore points before infecting your computer. Win32/Conficker.AA will remove all NTFS file permissions, with the exception of execute and directory traversal files in order to shield itself from being deleted.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\[Random Name].dll 2 %Program Files%\Internet Explorer\[Random Name].dll 3 %Program Files%\Movie Maker\[Random Name].dll 4 %System32%\[Random Name].dll 5 %Temp%\[Random Name].dll
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Win32/Conficker.AA may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.