Defend what you create

Other Resources

Close

Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Back to news

Epidemics of Win32.HLLW.Shadow.based (Net-Worm.Win32.Kido, W32.Downadup, Worm:Win32/Conficker) persists in the Internet

January 25, 2008

Doctor Web notifies all users that the Win32.HLLW.Shadow.based polymorphic network worm also known as Net-Worm.Win32.Kido, W32.Downadup and Worm:Win32/Conficker is still running in the wild. By now several modifications of the malicious program have been discovered. Dr.Web anti-virus programs using latest virus definitions can cure the system of all modifications of the worm and prevent it from getting into the system.

Doctor Web has already issued a warning about the outbreak of Win32.HLLW.Shadow.based . The piece of news also described functionality of the polymorphic worm (some of its modifications can be detected by Dr.Web as Win32.HLLW.Autoruner.5555), its curing method and provided tips on how to avoid such infections in the future.

Virus analysts of Doctor Web have been adding curing procedures for all modifications of Win32.HLLW.Shadow.based to the virus database since it was discovered. Doctor Web recommend users of other anti-viruses to check if their virus definitions are up to date and make sure that they can visit www.drweb.com and _https://free.drweb.com_ without any problems which willmean that the system has not been compromised by the worm. If the last updating of a virus database has been performed twenty-four hours ago or earlier and the web-sites are inaccessible, the system may be infected by Win32.HLLW.Shadow.based.

If so do the following;

  • Install latest Windows security updates:
  • download Dr.Web CureIt! (https://free.drweb.com) that features latest virus definitions and perform the full scan of all disks;
  • reboot the system;
  • update the virus database of your anti-virus.

Tell us what you think

You will be awarded one Dr.Webling per comment. To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments

The Russian developer of Dr.Web anti-viruses

Doctor Web has been developing anti-virus software since 1992

Dr.Web is trusted by users around the world in 200+ countries

The company has delivered an anti-virus as a service since 2007

24/7 tech support

© Doctor Web
2003 — 2019

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125040