Microsoft Removal Tool (delete, clean, fix, remove: Conficker, Kido, Downadup)

Custom Search

Hack in The Box
Free PC Security
TechAirlines
Freeware
OnlineSchutz
NewsApp Portal
Electronic Parts
Laser Printer
Search Engine Optimisation
Chicago Attorney's
Electricity Prices
Texas Electricity
Electricity Rates in Texas
Electric Companies in Texas
iPod Touch Games
Sharepoint Consultants

[Welcome to SCforum.info - Security [CENTRAL] Forum]

Welcome to SCforum.info - Security [CENTRAL] Forum, a home of the SCF Community devoted to provide Computer related News, Alerts, Downloads and FREE Help in such a way that even the novice computer user can understand.

Getting started using our community is extremely easy, check the two steps below:

Step 1: Create an account by clicking here. It's completely free with no hidden strings attached.

Step 2: If you have a computer problem and need some help, or just want to take part in opened discussions, simply visit scForum. Once you *Register an account, you can quickly post your questions and comments.

(*Registered Members get: free support, also, they can communicate privately with other members via PM, removal of this message, see fewer ads and much more...)

[Samker]

The Microsoft Windows Malicious Software Removal Tool checks computers running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed.

Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center.

Note: The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center.

Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software.

Here is a list of every major virus and worm family added since the tool was first released on January 11, 2005.:

• Alcan
  Alemod
  Allaple
  Alureon
  Antinny
  Atak
  Badtrans
  Bagle
  Bagz
  Bancos
  Banker
  Banload
  Beenut
  Berbew
  Blaster
  Bobax
  Bofra
  Brontok
  Bropia
  Bugbear
  Busky
  Captiya
  Ceekat
  Chir
  Codbot
  Conficker (Kido, Downadup)
  Conhook
  Corripio
  Cissi
  Cutwail
  DoomJuice
  Dumaru
  Esbot
  Evaman
  Eyeveg
  FakeSecSen
  FakeXPA
  F4IRootkit
  Fizzer
  Fotomoto
  Frethog
  Funner
  Gael
  Ganda
  Gaobot
  Gibe
  Gimmiv
  Goweh
  Hacker Defender
  Hacty
  Harnig
  Haxdoor
  Horst
  Hupigon
  IRCBot
  Ispro
  Jeefo
  Kelvir
  Korgo
  Ldpinch
  Locksky
  Lolyda
  Lovgate
  Mabutu
  Magistr
  Maslan
  Matcash
  Mimail
  Mitglieder
  Mydoom
  Mytob
  Mywife
  Nachi
  Netsky
  Newacc
  Nsag
  Nuwar
  Oderoor
  Opaserv
  Optix
  Optixpro
  Parite
  Passalert
  Plexus
  Purstiu
  Randex
  Rbot
  Reatle
  Renos
  Rjump
  Rustock
  Ryknos
  Sasser
  Sdbot
  Sinowal
  Slenfbot
  Sober
  Sobig
  Spybot
  Spyboter
  Storark
  Stration
  Swen
  Taterf
  Tibs
  Tilcun
  Torvil
  Valla
  Virtumonde
  Virut
  Vundo
  Wootbot
  Wukill
  Yaha
  Yektel
  Zafi
  Zindos
  Zlob
  Zonebac
  Zotob
  Zuten

Download: http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

[siteriver]

Once you HAVE the virus, you can no longer download updates from Microsoft and most antivirus software vendors. One thing the virus does is block requests from you computer to these web sites. Following the steps from a site I found - edit - removed link until we check this site - downloading a free removal tool, disabling AutoPlay, and repairing the registry - you can remove this virus and protect from infection.  The cleaning tools can still be reached by IP address.

[Samker]

Hi siteriver and welcome to SCF Community.

Thank you for your reply and useful information about infection. As you notice I was remove your posted link until we check this site.

Until that, I'll suggest our Topic with recommended protection for this worm: http://scforum.info/index.php/topic,2280.0.html

Regards,

Samker

[LeeH]

Hi there,

In desperate need of help.  I have Conficker / Kido.CJ on my NT 4.0 File Server and would really appreciate a Step By Step 'Dummy's' Guide (or link to same) to remove it manually.

As soon as I get rid of this damn thing I'll upgrade, but until then any help would be appreciated.

Thanks in advance

[Samker]

Hi LeeH and Welcome to SCF Portal.

For immediately help, related to any kind of PC problems, please visit our "PC Help Center": http://scforum.info/index.php/board,16.0.html

Read this topic "New Visitor? Read This First: Online AntiMalware Scanners" and after that open your own (help request)Topic.

It's also good idea to finish your registration to SCF Portal because you will also enable few additional forum functions like Private Messages etc.

Regards,

Samker

[Samker]

Latest update info. related to Conficker infections: http://scforum.info/index.php/topic,2577.0.html

[stations]

i'm use removal from eset. EConfickerRemover

[saradhi]

Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system that was first detected in November 2008.[1] The worm uses a combination of advanced malware techniques which has made it difficult to counter, and has since spread rapidly into what is now believed to be the largest computer worm infection.

The origin of the name Conficker is thought to be a portmanteau of the term "configure" with German word Ficker, which means "fucker."[3][4] On the other hand, Microsoft analyst Joshua Phillips described the name as a rearrangement of portions of the domain name trafficconverter.biz,[5] which was used by early versions to download updates.

Discovery:

The first variant of Conficker, discovered in early November 2008, propagated through the Internet by exploiting a vulnerability in a network service (MS08-067) on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 Beta. While Windows 7 may have been affected by this vulnerability, the Windows 7 Beta was not publicly available until January 2009. Although Microsoft released an emergency out-of-band patch on October 23, 2008 to close the vulnerability, a large number of Windows PCs (estimated at 30%) remained unpatched as late as January 2009. A second variant of the worm, discovered in December 2008, added the ability to propagate over LANs through removable media and network shares. Researchers believe that these were decisive factors in allowing the worm to propagate quickly: by January 2009, the estimated number of infected computers ranged from almost 9 million to 15 million. Antivirus software vendor Panda Security reported that of the 2 million computers analyzed through ActiveScan, around 115,000 (6%) were infected with Conficker.

Recent estimates of the number of infected computers have been more notably difficult because of changes in the propagation and update strategy of recent variants of the worm.

TRY macafee antivirus for the detection of w32.downadup.b.