Variant: “Conficker Virus”
Affected Operating Systems: Windows XP / Vista / 7
1. Boot to safe mode by pressing F8 key before the Windows logo appears then choose safe mode in the selection list then click Enter key.
2. Go to the Control Panel. Open Add/Remove Programs.
3. Locate Conficker Worm in the list of programs. If you find it, select and uninstall.
4. Click Start –> Run, type regedit and click OK. User Account Control (UAC) will ask you if you want to authorize access, click Continue.
5. Locate the following registry entries and delete them
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
“TcpNumConnections” = dword:0×00FFFFFE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\”ServiceDll” = “Path to worm”
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\”ImagePath” = %SystemRoot%\system32\svchost.exe -k netsvcs
6. Remove all files and directories associated with Conficker Worm by going to the (C:\ProgramFiles\Conficker folder) if found select and delete it.
7. Restart Computer