Win32/Conficker.B/Downadup Infection Prevention and Removal

Is there a Windows Update icon in the system tray by your clock that you’ve been ignoring? You know, the one that says, “New updates ready to install”. This would be a good time to stop ignoring it, and make sure your system is fully updated. At a very minimum, install the update appropriate to your version of Windows identified in this Microsoft Security Bulletin. All versions of Windows are affected, from Windows 2000 right through Windows Vista Service Pack 1 (even the Windows 7 beta).

Why the alarm and concern? There are widespread reports of malware infections (Conficker.B or Downadup) that exploit a recently discovered vulnerability in the Windows Server service (SVCHOST.EXE). You can become infected by simply the act of being connected to a network, the internet, or sharing a removable drive. No action required. Scary stuff.

What if you’re already infected? Microsoft has updated their free malicious software removal tool. From a non-infected computer, simply download it and then run on the infected system. As always, you can also find free malware removal help in our forums.

Is your copy of Windows fully updated? If you’re reading this, chances are it probably is. Great, you’re protected! Now do someone else a favor. Talk about it tomorrow at the water cooler. Check your parents systems, talk to your friends and neighbors. This has the potential to be a very widespread, and serious infection outbreak. It can be avoided by simply running Windows Update.

  • Cathy Csepregi

    My computer has been infected by the Win32.Zafi.B Trojan Worm and I recently installed Kaspersky Internet Security to hopefully find and take care of it. This program was recommended by the Geek Squad. It did not work. Can anyone advise me what to do next?

    Thanks.

  • Cathy Csepregi

    My computer has been infected by the Win32.Zafi.B Trojan Worm and I recently installed Kaspersky Internet Security to hopefully find and take care of it. This program was recommended by the Geek Squad. It did not work. Can anyone advise me what to do next?

    Thanks.

  • http://notonline James k Rash
  • goka

    I have my Server a lot of run.dll and svchost services appear more than one and suspect of downadup and conflicker.c that detect by these 2 antivirus:

    Bitdefender server file and Stinger 10..

    another client I try fix by the combofix and the connection back normal..

    Microsoft Malicious can't detect as any trojan, worm, adware, spyware (KBkb890830)

    thank you

  • goka

    I have my Server a lot of run.dll and svchost services appear more than one and suspect of downadup and conflicker.c that detect by these 2 antivirus:

    Bitdefender server file and Stinger 10..

    another client I try fix by the combofix and the connection back normal..

    Microsoft Malicious can't detect as any trojan, worm, adware, spyware (KBkb890830)

    thank you

  • http://security-wire.com/08/how-to-remove-my-security-shield-rogue-anti-spyware.html my security shield virus

    Thanks so much for this warning and prevention! Conficker worm is really dangerous.

  • http://security-wire.com/02/how-to-remove-security-defender-rogue-anti-spyware.html remove Security Defender virus

    Thanks for your sharing! It will help prevent spyware infection.