Run a Conficker removal tool before April 1

[echrada]

Computers infected with the infamous Conficker worm will start scanning the Internet for instructions this April Fools' Day, and the results won't be a funny joke.

I'm publishing a special news update today to correct some misinformation that's been circulating and to give you a 1-2-3 approach that should cure most Conficker infections before April 1.

In a technical analysis, the nonprofit security group SRI International states that millions of PCs have become infected with Conficker. It's "the most dominating infection outbreak since Sasser," a worm that raced across the Internet in 2004, SRI says.

Writer John Markoff opined in a New York Times blog post on March 19 that Conficker's bot army "could possibly become the world's most powerful parallel computer." Something tells me this network isn't going to be used to search for signs of intelligent life in the universe.


Run a Conficker removal tool before April 1

 

[jfar]

Thanks for that information,well done.

 

[echrada]

Informatik IV: Containing Conficker

 

[black dog]

AVG claim that their product will detect and heal any of the 3OO+ Conficker variants with just a normal on demand scan. Apparently the same applies for McAfee.

BitDefender, Eset, Symantec and Sophos and Microsoft all have removal tools available.

Conficker - Wikipedia, the free encyclopedia

I must be doing something wrong, as i never have security problems and have been running XP for about 5 years without a single Microsoft security patch (update )installed.

 

[SIW2]

Hi,

I d/led the BitDefender one a little while back - only a couple of mb.

They reckon Downadup won't stop you getting to the download site once you are infected

Remove Downadup - Removal tool for Downadup (known also as Conficker or Kido)

http://www.bdtools.net/download/bd_rem_tool.zip

http://www.bdtools.net/how-to-remove-downadup.php

 

[Airbot]

You know the monthly updated Microsoft Malicious Software Removal Tool detects and removes the conficker worm as well.

 

[SIW2]

In a March 25 security article, CNET News senior writer Elinor Mills, who covers the Conficker worm, makes the following recommendations: "Computer users should apply the Microsoft patch ... " and "Microsoft has a Conficker removal tool ... "

That sounds fine, but those recommendations won't work if the worm is controlling your PC. Conficker.C prevents access to Microsoft.com.

In addition, the Malicious Software Removal Tool (MSRT) that Mills's article links to is not certain to remove the latest variants of Conficker. In a March 27 posting, Vincent Tui of the MS Malware Protection Center describes MSRT as having been updated on Jan. 13 to remove Conficker.A and B. There's no mention of MSRT being revised lately to remove Conficker.C.

Run a Conficker removal tool before April 1

No harm in having access to more than one removal tool.

 

[Airbot]

No, you're right, there isn't. Some more useful information.

Virus alert about the Win32/Conficker.B worm

Malware Protection Center - Entry: Win32/Conficker

 

[Jacee]

Also, download and scan with Secunia's Personal Software Inspector to keep vulnerable programs up to date. This works with Win7 ... I have it on all 3 of my computers.
Download - Personal (PSI) - Vulnerability Scanning - Secunia.com

 

[Brink]

Hi,

I d/led the BitDefender one a little while back - only a couple of mb.

They reckon Downadup won't stop you getting to the download site once you are infected

Remove Downadup - Removal tool for Downadup (known also as Conficker or Kido)

http://www.bdtools.net/download/bd_rem_tool.zip

How to use the Downadup removal tools - BDTools.net

Well, this showed I was clean.

 

[Jacee]

I'm going to add a bit more info...get a good Hosts file and keep it updated.

Follow the instructions for Vista:
Blocking Unwanted Parasites with a Hosts File

Some Domains are known for this malware, so get yourself protected against it.

 

[SIW2]

Hi,

I d/led the BitDefender one a little while back - only a couple of mb.

They reckon Downadup won't stop you getting to the download site once you are infected

Remove Downadup - Removal tool for Downadup (known also as Conficker or Kido)

http://www.bdtools.net/download/bd_rem_tool.zip

How to use the Downadup removal tools - BDTools.net

Well, this showed I was clean.

Worth giving it a run, to get the satisfaction of the all clear.

 

[wguimb]

If you have auto update active in Windows, then you have the Microsoft security patch for the remote vulnerability installed. There are 4 variants of this worm, A B C and D. The first three can spread easily through network shares using RPC to machines which do not have the patch, especially if they are using weak password or no password. It can also spread using USB thumbnails with autoplay active.

Be extremely careful when using a search engine to find a Conficker removal tool, as some are reported to be fake and will in fact infect you with all kinds of nasty stuff and then demand you pay for the fix, which does nothing. Only download from a trusted security tool vendor.

 

[Jacee]

Yep, there is a fake removal tool called "Kaspersky Conficker Removal Tool". This is actually a Trojan-PWS (password-stealer Trojan).