How To Remove Conficker Virus Manually

How To Remove Conficker

In the offset article in this serial, we discussed protecting a Windows network from the Conficker worm . That was a high-level view. This article details how to remove the worm from your Windows computer if it is infected.

Conficker - also known as Downadup or Kido - can infect any recent version of Windows if the operating organization is not patched. Reasons for infection may include, merely aren't express to: anti-virus software that was out of appointment or not installed, manually patched systems that did not accept Microsoft patch MS08-067, or perhaps Automatic Updates were turned off. (Conficker can turn off Automatic Updates and other services such equally Error Reporting Services or the Background Intelligent Transfer Service (Bits) then the patch wouldn't have been obtained afterwards infection).

Before we remove the Conficker worm, we need to patch whatever infected systems then that they won't be reinfected. Nosotros may need to manually download and utilize the MS08-067 patch. Afterwards applying the patch nosotros can go on to the removal.

Conficker comes in variants including the A, B, and C variant.

If you have Windows 2000, Windows XP, Windows Server 2003 or Windows Vista, you tin can utilize the latest version (January eleven, 2005 or later) of Microsoft'south Malicious Software Removal Tool (MSRT). The tool scans for infections past numerous worms and malware (such as Sasser, Blaster, and Conficker) and and then removes them. MSRT finishes with a report of infections, with a detailed list of what was scanned for, institute infected, not infected, or removed.

Offset we need to download the latest version of the MSRT. Information technology can be institute here: https://www.microsoft.com/security/malwareremove/default.mspx. We can click the "Skip the details and download the tool" link. We want to exercise this from a patched, uninfected computer. We then copy the downloaded file: windows-kb890830-v2.vii.exe to whatsoever infected computers, and run the MSRT from those computers (logged in locally to the desktop or via Terminal Services or Remote Desktop).

Running the MSRT

Running the Malicious Software Removal Tool is easy.

The executable is cocky extracting. We double-click on it, and follow the prompts.

The welcome page has a listing of malware the tool detects and removes, so it'south piece of cake to double-check that the version we're running volition remove Conficker.

Adjacent we're prompted to choose a type of scan. For Conficker nosotros want to option the 2nd choice: Full scan.

Granted, on a file server with lots of storage, this could have a long time, only nosotros've got to practice it!

Next we encounter a typical progress screen, with a progress bar, and a list of what'south currently beingness scanned, the number of files scanned, files infected, the start time and elapsed time.

So, it'southward easy to know how much piece of work has been washed! If the MSRT finds an infection it will effort to remove it.

In one case consummate with the full scan, the scan results are shown, nosotros can view detailed results of the scan,

and then click Finish.

Next Steps

Microsoft notes (and I hold) that: "This tool is not a replacement for an anti-virus production. To help protect your computer, yous should use an anti-virus production." If you lot're non already running an anti-virus product, yous should offset doing and so ASAP. Vivid Hub's reviews of leading solutions including ESET Smart Security, Norton Internet Security, BitDefender Total Security and McAfee Total Protection Service may help you lot decide which production is right for yous.

You should always have some blazon of protection on your system. The skillful news is that at to the lowest degree for the Conficker C variant, infections overall seem to be going down. On the other hand it is notable that Conficker A and B variant infections detected seem to be increasing significantly. Full infections of these ii variants detected increased from just under 5 million in Baronial to virtually vi.5 million in December of 2009 according to the Conficker Work Group.

The next article in this series will examine potential changes to firewall settings which will help protect against future worms and malware attacks.

This mail service is function of the series: Protecting Windows Networks From Worms And Malware

Worms and malware such every bit the recent Conficker.A and Conficker.B worms are a growing and recurring threat to modernistic business organization networks. Constant Internet connectivity means constant vulnerability and exposure, merely a few fundamental security strategies tin minimize electric current and future risks.

1. Protecting A Windows Network From Conficker
2. How To Remove The Conficker Worm From Infected Windows Computers

Source: https://www.brighthub.com/computing/smb-security/articles/27848/

Share this post