Conficker: What is It? How do I Remove It?

Status
Not open for further replies.

r_manic

Distinguished
Jan 7, 2009
630
0
18,960
Hi guys, I just realized that a lot of computers are still infected by the worm, so I made this short guide to help anyone out. Suggestions, comments, and corrections welcome!

What is Conficker?
Conficker is a computer worm that targets Windows, and currently (as of April 21, 2009) infects the largest number of computers worldwide since the SQL Slammer worm of 2003. The goal of this worm, if any, remains unknown, but security experts agree that the vulnerabilities Conficker creates can allow someone else to gain control of a computer for their own purposes.

Why is Conficker Dangerous?
To protect itself from removal, Conficker disables the security systems of a computer it infects. Examples include preventing anti-virus programs from accessing their update servers, disabling Windows Update, and keeping anti-malware programs from running. Left unchecked, older versions of Conficker actually update themselves to more capable—and dangerous—versions.

This represents a clear and present danger for any computer infected by the worm. Aside from any potentially destructive effects of Conficker itself, the computer also remains vulnerable against viruses, other worms, and all sorts of malware.

How do I Remove Conficker?
Last October, Microsoft released a patch designed to protect a computer running Windows from the Conficker worm. Before the patch can be safely and effectively applied however, anti-virus or -malware programs should be run to ensure that the worm is not present in the system, or to remove it if it is present.

Luckily, thanks to the publicity generated by the worm, there are numerous anti-Conficker tools available, accessible by Googling "Conficker removal tool":

-US CERT recommends that you properly disable AutoRun in Windows to prevent a variant of Conficker from spreading through removable media
-Microsoft recommends using an updated version of its Malicious Software Removal Tool
-Security vendors, like AVG, BitDefender, Enigma Software, ESET, F-Secure, McAfee, Sophos, Symantec, and Kaspersky Lab, have released their own anti-Conficker software.

Once you've removed Conficker from your system, you can apply Microsoft's patch to prevent reinfection.

How do I Protect Myself from Conficker?
First, make sure your computer is free of Conficker (see above).

Install an anti-virus program from a reliable security vendor (such as the ones mentioned above) and make sure it stays updated constantly.

Make sure to install Microsoft's patch.
 

j29ville

Distinguished
Apr 17, 2009
17
0
18,560
Thanks r_manic! This is definitely a useful guide!

You listed numerous Conficker removal tools though... what's the best in your opinion?
 

tallguy1618

Distinguished
Nov 14, 2007
15
0
18,560
I had AVG Free, then I got rid of it, then I went back to their website to try and find it again and it said they no longer offer it free.
 

nikorr

Distinguished
Moderator

Well, u are responding to 30 mo. old thread : ) I am sure, lots of things have changed since the original post.
 
Status
Not open for further replies.