Killer Tech Tips

Software, Websites, Hacks You can Use

How to remove the Conficker worm?

with 15 comments



Conficker – It’s lurking in millions of PCs around the world. It’s incredibly sophisticated and resilient, with built-in p2p and digital code-signing technology. It revels in killing security software. On April 1, the Conficker worm will activate. Giz explains.

Conficker (aka Downadup), that began towards the end of last year as just another worm with no big intentions, has grown by leaps and bounds that security experts find it almost impossible to destroy it now. It disables antivirus updates and Windows updates as well.

If you’re infected, you’re in big trouble because the worm has been programmed to get instructions from a server exactly on April 1. Anything could happen as the New York Times puts it:

Speculation about Conficker’s purpose ranges from the benign — an April Fool’s Day prank — to far darker notions. One likely possibility is that the program will be used in the “rent-a-computer-crook” business.

So is there a way out? Can you remove the Conficker worm safely from your computer? Yes, you can get rid of it if you’ve patched Windows with security updates. Keep your fingers crossed, and try these two methods to remove the Conficker worm from your computer:

Remove Conficker using the Windows Malicious Software Removal Tool

    Microsoft's Conficker Removal Tool 

  • Download Microsoft’s malicious software removal tool from here
  • Disconnect from the internet
  • Install and run the program to try and remove the Conficker worm

Remove Conficker using Symantec’s Removal Tools

    Symantec's Remove Conficker Tool
  • Download the W32.Downadup removal tool by Symantec from here
  • Disable System Restore and disconnect from the internet
  • Run that tool and click ‘Start’ to begin the process of scanning and removing the Conficker worm (if found).
  • After the tool does its job, restart your computer and run the scan again using the same tool to check if the worm has gone

Symantec also recommends you to review details of W32.Downadup.B and W32.Downadup!autorun. Symantec’s Conficker removal tool also tells you to install a patch for MS 08-067 vulnerability if it hasn’t been installed yet.

I’m not sure if these two tools can aid in the removal of the Conficker worm completely. Educate me in the comments if you’ve got any information.

Written by Killer Tech Tips

March 26th, 2009 at 11:38 am

Posted in security

Tagged with ,

  • Pingback: How To Remove Conficker Worm?

  • Pingback: Stinger Conficker Removal Tool

  • http://dtvconverterboxes.blogspot.com/2009/03/scan-for-conficker-worm-virus.html Conficker WOrm

    I have heard that the main problem is people infected aren’t able to access these tools or other security websites so they have no way to remove or know they are infected without the help of someone with an uninfected computer.

  • Pingback: Killer Links #5

  • http://- grrrrr

    the guy two comments above had it right.

    you dickheads can’t obviously fathom that the worm blocks access to a LARGE amount of websites and servers known to contain anti-malware and anti-virus programs and solutions.

    start hosting these programs somewhere else, leave a massive sign for useless computer users to go there and you’ll get rid of the damn worm.

  • IVI

    how retarded is this solution eh… uf u have it win&antivirus pages doesnt work … how stiupid is idea to post such nonsence?

    rly USE UR BRAIN SOMETIMES !!!

  • http://yahoo.com joe

    the safety of the computer was on the hand of the user, even if you will install 10 anti-virus softwares on your computer if the user is idiot…. it’s useless.
    in order to get rid of that f**ckin’ worm you have to be careful in using your computers.
    and one more thing you have to always update your anti-virus.

  • smart guy

    To all the folks having problems accessing Microsoft sites because of this bug, listen up. You can temporarily remove the block so you can get your updates and the malicious software removal tool. Do the following:

    start > all programs > accessories > command prompt:

    the type….

    net stop dnscache

    hit “enter”

    Now you can access Microsoft sites, get your updates, restart, repeat, get your updates, restart, get the malicious tool remover, run it, and in the future keep your Microsoft updates, well, up-to-date.

    You’re welcome, spread this post around the net please.

    Tootles

  • Jeo_melyn

    i have neither those programs T_T

  • Dim

    hey guys what about the 2011 version of that worm?  conficker.kido.dam.y   <- I got it in the Network and i cant find a solution 2 remove him from the network, a lot of pc´s (workstations) are allready infected, so it must be a availible to remove that worm from/due network(ex. from a server)..

    So anyone knows what to do now?  Thanks a lot for helping Ppl.

    Best Regards
    Dim

  • SoWhat

    all teh prog´s i did found online (ex kasperski trendmicro and more) the most of them didnt find the worm, but kaspersky yes..  but i need a solution, to remove the worm due network-server not manually from every one workstation..  help pls

    tryed any solution… that worm comes back again and again..

    Greetz

  • Anonymous

    Comodo antivirus is useful.

  • Anonymous

    I can’t agree with your points any more.

  • Cungkrah

    how about using linux? (i’m not linux lover, but must do that when clean this conficker), I just using linux live cd (you can download at their site) and erase the virus like tapping 1, 2 , 3 just that simple. If you have any question how to do it, just email/msg me or my FB at cungkrah@mail:disqus .com. THX  -regard from Indonesia-
     

  • http://opalpcsolutions.co.uk/ PC Repairs Watford

    This is a bit of a pain to remove – I have been having problems with the conficker worm coming back after removal on some systems (although it is fair to say they are infected with multiple malware so perhaps this doesn’t help)