The Conficker worm could be the hardest to remove and the most destructive viruses that we have ever encountered. Why? It combines all the malware techniques that were previously used. And not only that. It has various strains with different payloads that are all too harmful in the infrastructure.
Removal? I don’t think it can be removed by a simple scan, detect and clean usually done by anti-virus softwares. We have done this and we have not succeeded. The worm gets deleted, but goes back, either from the network or from the computer itself. And the only way to remove this is via a clean reformat and reinstall of the operating system, patch the operating systems up, and install an anti-virus software.
The effects too can be destructive… Why? Based on our experience, this causes a complete slowdown or shutdown of the network. And if you are lucky that Conficker affects your Windows Server, it may crash your server. It also fights for its survival, disabling Windows Registry Editor (regedit), Windows Command Prompt (CMD), and disabling websites pertaining to anti-viruses.
This worm had its effect to last in the journals of the IT industry considering its disabling effects that Microsoft themselves established a collaboration group to help contain this worm. This group consists of big companies such as Verisign, Microsoft, America Online, Symantec, F-Secure and other companies.
And the damage due to this worm was so great that Microsoft offered around USD 200,000 reward for information leading to the arrest and conviction of the creators of this worm.
And yes, you might not be able to notice or know it, but you may be infected with this worm as well.