Conficker Worm
W32/ Conficker.DV Also Known As: Win32/Conficker.A [Computer Associates], W32/Downadup.A [F-Secure], Conficker.A [Panda Software], Net-Worm.Win32.Kido.bt [Kaspersky], WORM_DOWNAD.AP [Trend]
Newest Variant: Conficker B++ Aliases: Conficker B++, Conficker B, Conficker B++ Worm
A few days ago I have experience with Conficker worm or worm DownAD. Some computer in my office infected by this worm (the original worm and also with newest variant from this worm, Conficker B++)
This virus infect the pc’s by exploiting security hole in windows operating system.
If your computer not infect by this virus, it is recommended to install the Patch from Microsoft, you can download from http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx and make sure your Antivirus software always up-to-date.
Ok, Follow the step below to Remove / Eliminate Conficker Worm and newest variant ( Conficker B++ ) :
The thing that you have to prepared :
1. Disconnect PC which is infect by Conficker worm from the network.( if computer connected to the network)
2. Download removal tool from www.Symantec.com ,
you can download from http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDownadup.exe (file exe)
Or http://www.ziddu.com/download/3672659/FixDownadup.zip.html (file zip)
This removal tool to clean original Conficker worm (old variant)
3. Download removal tool from http://www.spyware-techie.com/ .
you can download from http://siri.urz.free.fr/Fix/SmitfraudFix.exe (file exe)
Or from http://www.ziddu.com/download/3672707/SmitfraudFix.zip.html (file zip)
This removal tool to clean newest variant conficker worm ( Conficker B++ )
Now you’re ready to clean the conficker worm
1. Turn off system restore ( Right Click My Computer-Properties-System restore )
2. Restart computer and login using “safe mode” (by pressing F8 when the computer boot up)
3. Use removal tool (FixDownup.exe) from Symantec to clean and remove original Conficker worm ( if exist ). After finished Then..
4. Use removal tool (SmitfraudFix.exe) from www.spyware-techie.com to clean and remove newest variant from conficker ( Conficker B++ ).
- Once the Disk Cleanup program is complete, you will be prompted with the message ‘Registry cleaning - Do you want to clean the registry’. Answer Y (Yes) and hit Enter. Reboot your computer.
- SmitFraudFix will now check if wininet.dll is infected. SmitFraudFix will ask you whether to replace the infected file (if there’s any) ‘Replace infected
file?’ Answer by typing Y (Yes) and hit Enter.
- Reboot your computer to complete the cleaning process
- After reboot, a Notepad screen may appear containing a log of all the files
removed from your computer. If it doesn’t appear, a file will be created called
rapport.txt in the root of your drive, (Local Disk C:).
- Restart your computer in Safe Mode (how to do safe mode).
- Go to C:\Windows\Temp, click Edit, click Select All, press DELETE, and then
click Yes to confirm that you want all the items to go to the Recycle Bin.
- Go to C:\Documents and Settings\[LISTED USER]\Local Settings\Temp, click Edit, click Select All, press DELETE, and then click Yes to confirm that
you want all the items to go to the Recycle Bin.
5. Reboot your computer back to normal mode. Download patch from Microsoft http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx to close the security hole or if you’re using windows XP download Service Pack 3 from Microsoft http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4
6. Done .
Related Topics
How to Disable USB Autorun in Windows
Windows Malicious Software Removal Tool (Removal Tool from Microsoft Windows)
How to Fix “Initializing the root folders to display” Message
Trend Micro Antivirus Client incorrectly appearing as offline or disconnected after Trend Micro Officescan Server changed the IP address
The Best Antivirus 2009 (Top 10 Antivirus 2009)
How to find system uptime for Windows XP, Vista and Windows Server 2003
How to Remove / Eliminate Conficker Worm and Newest Variant ( Conficker B++ )
How to reset or remove Trend Micro OfficeScan password to default
I know I should try this steps.. thanks anyway
ReplyDeletewww.farhan.info
ironically, to help people from being affected by Conficker, the government could issue a public statement telling people to stay *outside* as much as possible...
ReplyDeleteThe best solution is to by a MAC lol
ReplyDeleteConflicker has a strain that effects macs moron
ReplyDeleteHey, the links that you posted of ziddu.com are dead... and as my system has been already infected by the virus, I can't visit the official site!! Help, please!!
ReplyDeleteIs there no way to stop the virus from restricting access of the antivirus sites??
Most of Antivirus now can remove this Virus, If you don't have Antivirus you can try to download Kaspersky Removal tool using different computer in http://www.kaspersky.com/virus-removal-tools
ReplyDeleteGood Luck !