How to Remove the Conficker C Worm

If you neglected to patch your Windows operating system with Microsoft’s security update that plugged a hole in the Server service, you might find yourself infected with the Conficker C worm. This threat is triggered on April 1st of 2009 and attempts to download files from a list of addresses, redirects DNS requests to certain sites (it doesn’t want you finding a fix for it!) and stops some Windows services and processes. Here’s how to remove the Conficker C Worm.

I use Symantec products, so I will outline the use of their removal tool. If you prefer a different antivirus software, see the links at the bottom of this tutorial.

1. Download the FixDwndp.exe file from Symantec.

2. Save the file to your desktop.

3. Burn the file to a CD (using a flashdrive may result in getting your USB drive infected).

4. Close all open folders and applications. Disconnect the infected computer from your network.

5. Turn off System Restore.

6. Execute FixDwndp.exe (the one from the CD you just burned).

7. Click the I Accept button to accept the EULA.

8. Click the Start button to begin scanning your computer.

9. Once finished, the tool will display the number of deleted and repaired files and the number of fixed registry entries.

10. Reboot your computrer.

11. Run the tool again to make sure that the threat has been removed from your computer.

12. Once you have completed all the above steps, you may turn System Restore back on.

If you prefer to use a different tool, here are some other options:




Microsoft Malicious Software Removal Tool