Conficker Removal Tool (aka Downadup or Kido) for Single PC

Downadup (or Conficker) is a network worm that takes advantage of vulnerabilities in Windows to spread. Its removal is complicated by the fact that it blocks many known antivirus software and associated websites.

BitDefender Labs has detected a new and more aggressive Downadup version. It spreads using a Windows RPC Server Service vulnerability and is called Win32.Worm.Downadup.Gen.

The new version is more resilient to disinfection. Once the system is compromised, the worm disables Windows Update and blocks access to most of the anti-virus websites in order to hinder the user to disinfect his machine.

BitDefender is the first to offer a free tool which disinfects all versions of Downadup. This domain is the first to serve a removal tool without being blocked by the e-threat.

The worm itself is not new, it made its first appearance late November 2008, known under the names Conficker or Kido as well exploiting the vulnerability described in the Microsoft security bulletin MS08-067. After successful exploitation it used to install rogue security software on the infected machine.

How To Use It:

1. Just download the removal tool (.zip file – 3MB), double click on it, chose “Extract all files…” from the File menu, and follow the wizard’s instructions. You can use any other archiver, like WinZip. This will create a folder called bd_rem_tool.

2.Inside it, find the program called “bd_rem_tool_gui.exe” (or just “bd_rem_tool_gui”) and double click on it. It is very important to extract all the files from the zip archive, and not only bd_rem_tool_gui.exe, because all the other files are needed for the disinfection. Then follow the tool’s instructions.

3.If you have Windows Vista with User Acccess Control enabled, or if you are running as a restricted user in Windows XP, right click the “bd_rem_tool_gui” program and choose “Run as Administrator”. You will be prompted to enter credentials for an admin account.

4.We recommend a system reboot after the disinfection is complete, to restore full internet access.

5.If you don’t already have permanent antivirus protection or if your current antivirus has failed you, consider using the advanced protection tool provided by BitDefender.