Fighting the Conficker or Downadup worm virus

by techtiptom

Originally posted on WIBC.com on 03/31/2009:

Conficker, also known as Downup, Downadup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system. The worm exploits a known vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows 7 Beta. The latest variant will begin checking for a payload to download on April 1, 2009.

When executed on a computer, Conficker disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting.

It receives further instructions by connecting to a server. The instructions it receives may include to propagate, gather personal information and to download and install additional malware onto the victim’s computer. From the sound of it, this worm is definitely deadly and can cause lots of damage to user’s computer. If you are infected we definitely recommend you to cleanup your system.

How do I do that, you say? Use these steps:

Remove Conficker using the Windows Malicious Software Removal Tool

Download Microsoft’s malicious software removal tool from here:
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

Disconnect from the internet

Install and run the program to try and remove the Conficker worm

Or use these steps:

Remove Conficker using Symantec’s Removal Tools

Download the W32.Downadup removal tool by Symantec from here: http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

Disable System Restore and disconnect from the internet

Run that tool and click ‘Start’ to begin the process of scanning and removing the Conficker worm (if found).

After the tool does its job, restart your computer and run the scan again using the same tool to check if the worm has gone.

And write me at techtiptom@wibc.com with all your technical questions. If I don’t know the answer, I will find it for you!

Advertisements