Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Conficker virus already, removed but what would you do next?

03 Apr 2012   #1

Windows 7 Professional SP1 x64
Conficker virus already, removed but what would you do next?

Currently a bit gutted, bought a new machine (first time I've ever bought a custom build prebuilt with Win 7 pro preinstalled), added another drive myself, installed Win XP SP3, to run my old software and have the dual boot option. Connected my old harddisk (big mistake I think) to copy important files from, got everything set exactly how I wanted on both OS's. Plugged in brand new harddrive, saved the Win 7 image to it and copied/backed up all essentials. Then done, and happy...

I then ran malware bytes and discoved conficker on XP AND Win 7. Really annoyed as it definately wasn't there the other day. Anyway, I removed it with malware bytes and everything scanning clear. However I'm gonna redo the backup image as the image will contain conficker (I presume). My question (finally) is what would you guys do now? Would you carry on and ignore what happened, or would you start again from fresh?

I'm pretty certain conficker must have come from connecting my old harddisk to remove some stuff I needed, but even though all is scanning clear, I'm tempted to wipe everything and start from scratch. Is this worth it or necessary? I can't get it out of my head and it's really bugging me, but I paid for the install of Win 7 so would be really annoyed about having to reinstall my self, but If you guys would do the same... I probably will. I've only had it a week, and barely used the Win 7 OS yet.

I don't know why it didn't get picked up by Windows Firewall, as I seem to get notified about EVERY other thing, lol. Sorry for blabbing on, I don't expect anyone to solve my problem, but advice on what you'd do now would be appreciated. Thanks.

My System SpecsSystem Spec
03 Apr 2012   #2

Microsoft Community Contributor Award Recipient


Hello andyjee86 and welcome to Seven Forums.

This is just my personal opinion FWIW. Others may have different opinions. First, no antimalware product, even Malwarebytes which is excellent, is 100% effective 100% of the time. If there was such a product we'd all be using it and everybody else would go out of business. Second, once a computer gets infected, you cannot be 100% certain that all traces of the infection have been found and removed.

What I'd do is run a few more free on-demand scanners like Malwarebytes, HitmanPro, Superantispyware, Comodo Cleaning Essentials, etc. Update the data base and run the full scan, not the quick scan. If any other malware is discovered, I'd definitely reformat and reinstall everything. (And you're right ... if you created a system image while there was malware on your machine, the image will contain the malware. So don't use it.)

If the additional on-demand scans come back clean - well, it's up to you if you want to take that as a guranteed, 100% sure sign that the computer is malware free. It would really make me angry to find out a few days or weeks later than something escaped detection by all those scans and is now remotely controlling my machine or compromising my financial information.
My System SpecsSystem Spec
03 Apr 2012   #3

Windows 7 Professional SP1 x64

Cheers Marsmimar, I'll probably do those scans, and full scans too, then make a decision. I think I'll end up starting again anyway but we'll see. I don't mind reinstalling XP so much, but I've never installed 7. I know it'll be easy but I'm a bit nervous about the activation as it's OEM, I think I'm just really annoyed with my self for letting it happen. I think it could've been due to an external drive I used briefly actually. That thing obviously needs nuking. Thank you for the response, it's what I needed to make sure I wasn't thinking about doing something OTT.
My System SpecsSystem Spec

03 Apr 2012   #4
Microsoft MVP

Windows 7 Ult. x64

Hi Andy,

Youv'e recived excellent advice from Mars.......another one to throw in the hat is an online scan using ESET:

ESET Online Scanner

Its extermely well-regarded.

Installing from scratch (with a disk format) is obviously the best way to go as you have already realised. Installing 7 is a doddle, and activation of OEM is easy via the telephone option. There are plenty of experts here that can help you through that.

As a last resort, before consider the clean installation route, you might consider messaging Corinne and/or Jacee who are both trained and certified malware removal specialists, and have MVP awards specifically for that, with access to hard-core scanning and cleaning tools. I'm sure they would be more than happy to have a look for you.

My System SpecsSystem Spec
03 Apr 2012   #5

Windows 7 Professional SP1 x64

Cheers Golden, great advice. Thanks all.
My System SpecsSystem Spec

 Conficker virus already, removed but what would you do next?

Thread Tools

Similar help and support threads
Thread Forum
Virus Removed but Still Issues
A virus was downloaded in to my computer which gave me real pain by launching its web page every time I launched IE or Chrome or Fire Fox and kept setting it as default url. I have somehow removed the virus and this issue is no longer there but I am still not able to manage my computer, use Admin...
System Security
cmd startup in Win 8 after McAfee removed 1 virus + 7 malwares
Dear Sirs and Madams, I was recently given a brand new Acer Aspire E11 to update and install MS Office and other softwares in it but I decided to update McAfee first and run its full scan because every time I plugged in my usb stick, everything in it just turned into shortcuts...sounds familiar...
System Security
Login name removed after ransom virus removed
Please help! After a ransom virus was removed from our desktop computer (originally a display model at Sam's), my administrator account is no longer visible...Only "Kiosk" and "Other User" . I have checked to see that net user administrator /active yes is successful but still do not see my user...
General Discussion
After MSE removed virus have unusual log messages
A few days ago I had trouble with backup, and it was due to an infected file which quick scans and real time protection had not picked up. I ran a full scan with MSE and removed it (Exploit:Java/CVE-2012-1723.AQQ). I've noticed some unusual entries in the log and wonder if the virus has not...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:55.
Twitter Facebook