Results 1 to 5 of 5

Thread: Learn How to Remove Conficker Virus / Downadup Virus without any Anti-Virus

  1. #1
    Rahul964's Avatar
    Rahul964 is offline Senior Member
    Join Date
    Apr 2009
    Location
    Varanasi
    Posts
    261

    Arrow Learn How to Remove Conficker Virus / Downadup Virus without any Anti-Virus

    Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system that was first detected in November 2008. The worm uses a combination of advanced malware techniques which has made it difficult to counter, and has since spread rapidly into what is now believed to be the largest computer worm infection since the 2003 SQL Slammer.

    To start itself at system boot, the worm saves a copy of its DLL form to a random filename in the Windows system folder, then adds registry keys to have svchost.exe invoke that DLL as an invisible network service.

    Once infected, it disables Windows Automatic Update, Windows Security Center, Windows Defender, Windows Error Reporting and installs more malware in your computer. It also collects personal information and attach to several processes like svchost.exe, explorer.exe and services.exe.



    So, How to Remove this Virus?

    1. Right-click the Explorer.exe process and choose the option “Properties”.
    2. Click on the “Threads” Tab, locate and highlight the Conficker DLL files listed below.
    3. To kill Conficker DLL files, click the “Kill” button.
    4. Kill the following Conficker DLL files: %System%\[RANDOM FILE NAME].dll
    5. Open Regedit
    6. Find and Delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\{random}\Parameters\”ServiceDll” = “[PATH OF WORM]”
    7. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\{random}\”ImagePath” = %SystemRoot%\system32\svchost.exe -k netsvcs

    Source : Tweaking Windows

    Thanks to Wikipedia for information about Conficker Virus!

  2. #2
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Thank you Rahul964, I was just wondering how to avoid Conficker

    Just kidding, you made a good work

  3. #3
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    Nice post Rahul with some interesting information in it, but wont a good av stop you from getting infected in the first place............just asking

  4. #4
    Rahul964's Avatar
    Rahul964 is offline Senior Member
    Join Date
    Apr 2009
    Location
    Varanasi
    Posts
    261

    Default

    Seti, Ya AV Like Kaspersky & Nod32 can Stop from getting Infected but I can not told this about others AV.

  5. #5
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default

    WARNING:

    Kill the following Conficker DLL files: %System%\[RANDOM FILE NAME].dll
    Unless you know what you are doing and which dll's are indeed "random file names", I strongly advise extreme caution in following the above advice. Microsoft has currently identified five variants of Conficker, each with different dll's and file names. See the Malware Protection Center entry for <a href="http://www.microsoft.com/security/portal/Entry.aspx?name=Win32/Conficker"> Win32/Conficker</a>. For correct information, click the Summary, Analysis, Prevention, and Recovery tabs.

    The best cure is prevention. Install all Microsoft security updates, most particularly MS08-067. See the other precautionary instructions in the Prevention tab linked above as well as additional information I provided in Conficker Information for the Home Computer User.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22