Sign in with
Sign up | Sign in
Your question
Closed

Conficker: What is It? How do I Remove It?

Last response: in Applications
Share
April 21, 2009 8:38:32 AM

Hi guys, I just realized that a lot of computers are still infected by the worm, so I made this short guide to help anyone out. Suggestions, comments, and corrections welcome!

What is Conficker?
Conficker is a computer worm that targets Windows, and currently (as of April 21, 2009) infects the largest number of computers worldwide since the SQL Slammer worm of 2003. The goal of this worm, if any, remains unknown, but security experts agree that the vulnerabilities Conficker creates can allow someone else to gain control of a computer for their own purposes.

Why is Conficker Dangerous?
To protect itself from removal, Conficker disables the security systems of a computer it infects. Examples include preventing anti-virus programs from accessing their update servers, disabling Windows Update, and keeping anti-malware programs from running. Left unchecked, older versions of Conficker actually update themselves to more capable—and dangerous—versions.

This represents a clear and present danger for any computer infected by the worm. Aside from any potentially destructive effects of Conficker itself, the computer also remains vulnerable against viruses, other worms, and all sorts of malware.

How do I Remove Conficker?
Last October, Microsoft released a patch designed to protect a computer running Windows from the Conficker worm. Before the patch can be safely and effectively applied however, anti-virus or -malware programs should be run to ensure that the worm is not present in the system, or to remove it if it is present.

Luckily, thanks to the publicity generated by the worm, there are numerous anti-Conficker tools available, accessible by Googling "Conficker removal tool":

-US CERT recommends that you properly disable AutoRun in Windows to prevent a variant of Conficker from spreading through removable media
-Microsoft recommends using an updated version of its Malicious Software Removal Tool
-Security vendors, like AVG, BitDefender, Enigma Software, ESET, F-Secure, McAfee, Sophos, Symantec, and Kaspersky Lab, have released their own anti-Conficker software.

Once you've removed Conficker from your system, you can apply Microsoft's patch to prevent reinfection.

How do I Protect Myself from Conficker?
First, make sure your computer is free of Conficker (see above).

Install an anti-virus program from a reliable security vendor (such as the ones mentioned above) and make sure it stays updated constantly.

Make sure to install Microsoft's patch.

More about : conficker remove

April 22, 2009 6:47:15 AM

Thanks r_manic! This is definitely a useful guide!

You listed numerous Conficker removal tools though... what's the best in your opinion?
April 22, 2009 9:22:55 AM

I would say AVG, j29. Even AVG Free can remove the Conficker worm via a "normal" scan, if I'm not mistaken.
Related resources
April 22, 2009 9:29:33 AM

...and if you were running AVG Free and kept it properly when the whole brouhaha started last October, you would've been ok. :) 
May 10, 2009 6:15:07 AM

You cant even download that anymore right?
May 20, 2009 2:19:44 AM

Are you talking about AVG Free tallguy? Last I heard you can still get it at free.avg.com.
May 24, 2009 4:25:36 AM

I had AVG Free, then I got rid of it, then I went back to their website to try and find it again and it said they no longer offer it free.
a b 8 Security
January 4, 2012 4:07:00 PM

acerosalez said:
Ok this can help you with your problem about "conficker removal"
Check this website http://www.myconficker.com/

Well, u are responding to 30 mo. old thread : ) I am sure, lots of things have changed since the original post.
a b 8 Security
January 4, 2012 4:07:35 PM

This topic has been closed by Nikorr.
!