Download Conficker Worm Removal Tools
Conficker, also known as Downup, Downadup and Kido, ( some people write it confickr ) is a computer worm targeting the Microsoft Windows operating system. It propagated through the Internet by exploiting a vulnerability in the network stack of Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta. The worm has been unusually difficult for network operators and law enforcement to counter because of its combined use of advanced malware techniques.
Conficker is the most widespread computer worm infection since SQL Slammer. The initial rapid spread of the worm has been attributed to the number of Windows PCs (estimated at 30%) which have yet to apply the Microsoft patch for the MS08-067 vulnerability. By January 2009, the estimated number of infected computers ranged from almost 9 million to 15 million. Antivirus software vendor Panda Security reported that of the 2 million computers analyzed through ActiveScan, around 115,000 (6%) were infected with Conficker.
Confickr worm Blocks DNS lookups, does an in-memory patch of DNSAPI.DLL to block lookups of anti-malware related web sites, disables AutoUpdate, Kills anti-malware, scans for and terminates processes with names of anti-malware, patch or diagnostic utilities at one-second intervals and more. Find symptoms of conficker and download confickr scanners (4) as well as removal tools (11 tools).
- Account lockout policies being reset automatically.
- Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Error Reporting Services disabled.
- Domain controllers responding slowly to client requests.
- Congestion on local area networks.
- Web sites related to antivirus software or the Windows Update service becoming inaccessible.
- Launches a brute force attack against administrator passwords to help it spread through ADMIN$ shares, making choice of sensible passwords advisable.
- Port 445/TCP scanning (A/B)
- Multicast UPnP requests
- High-port TCP and UDP P2P Activity
- Abnormal DNS lookup activty
As of 13 February 2009, Microsoft offered a $250,000 USD reward for information leading to the arrest and conviction of the individuals behind the creation and/or distribution of Conficker worm.
Microsoft released an emergency out-of-band patch for vulnerability MS08-067, which the worm exploits to spread. The patch applies only to Windows XP SP 2, Windows XP SP 3, Windows 2000 SP4 and Windows Vista; Windows XP SP 1 and earlier are no longer supported.
Third-party anti-virus software vendors BitDefender, Enigma Software, ESET, F-Secure, Symantec, Sophos, and Kaspersky Lab have released detection updates to their products and are able to remove the worm. McAfee and AVG are able to remove it with an on-demand scan.
Conficker Removal Steps
Go to the windows update site and make sure you have all the critical and security updates installed and your Windows is up to date. At least you should have the following updates installed.
Click on the name of your operating system there, download the security update and install it.
Make sure you have an updated and active real time antivirus.
Use Remote Scanners to find whether you are infected or not:
Download Conficker Remote Scanners
If you get infected by chance, remove the conficker worm using one of the following tools:
Download Conficker Removal Tools
Download all these 11 Conficker removal tools (Size: 27.30 MB)
UPDATE: There is another conficker removal tool by spyhunter called CFREMOVER.
Anti Virus Protection for any PC has been a growing need. Some people recommend cheap antivirus software solution and some suggest free virus protection software or virus removal software. Internet security software are different from antivirus and with standard scanning software you also need anti spam software sometimes. Explore TechMynd Recommendations for your PC security needs.