Rabu, 04 Maret 2009

How to remove Win32/Conficker.AA (Win32.Worm.Downadup.Gen)

From MyAntiSpyware Website

Win32/Conficker.AA also known W32/Worm.AHGV, Net-Worm.Win32.Kido.bg, Worm:Win32/Conficker, W32/Conficker.worm.gen, Mal/Conficker is a worm that uses Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability (MS08-67) in order to spread on other computers in the local network. The worm blocks user access to security websites, deletes all the System Restore points prior to infection, protects itself from deletion by removing all NTFS file permissions,except execute and directory traversal…

Use the following instructions to remove Win32/Conficker.AA worm.

1. Download MS08-67 vulnerability patch, according to your Windows version, from here.

2. Install MS08-67 vulnerability patch.

3. Download Win32.Worm.Downadup.Gen (Win32/Conficker.AA) removal tool by BitDefender from here.

4. Unzip/extract it to a folder on your desktop.

5. Unplug network cable.

6. Open folder and you will now see an icon on your desktop similar to the one below.

WormW32Downadup.AL removal tool icon

Anti-Downadup-graphics (WormW32Downadup.AL removal tool) icon

7. Double click to Anti-Downadup-graphics icon to run it and you will see a prompt similar to the figure below.

WormW32Downadup.AL removal tool

WormW32Downadup.AL removal tool main window

8. Click Start button.

9. Reboot your computer when done.

10. Plug in your network cable.

11. Make a new restore point.

  • Disable system restore to flush out infected restore points.
  • Reboot your computer again.
  • Turn on Windows System Restore.
  • Click on “create new restore point”, then click on NEXT and follow the prompts.

If you need help with the instructions, then post your questions in our Spyware Removal forum.

Tidak ada komentar:

Posting Komentar