University of Malta
 

Conficker Worm
UOM Main Page
 
 
 
Newspoint
IT Services Student Guide
Facebook Twitter Facebook_Button Twitter_Button


Recently a worm known as Conficker (also referred to as Downadup and Kido) has been infecting Windows PCs that have not been regularly patched/updated, or which use weak administrator passwords, causing damage and launching attacks on other computers. The worm also propagates itself through USB pen disks. The worm affects Windows based systems only.

To protect your system from the Conficker infection ensure that your computer system:


If you have a Windows PC follow these instructions to download and run a tool that checks and removes the Conficker worm. There is no need to run this tool on IT Services open access workstations.


This page should be printed before following these instructions.


  1. Download the FixDownadup.exe file.
  2. Save the file to your Windows desktop.
  3. Close all the running programs and disconnect your system from the network/Internet.
  4. If you are running Windows XP, turn off System Restore.
  5. Double-click the FixDownadup.exe file that you have downloaded to the Windows desktop (step 1 & 2).
  6. Click Start to begin the process, and then allow the tool to run.
  7. Restart your computer after the detection process is over.
  8. If you are running Windows XP, re-enable System Restore
  9. Reconnect your computer to the network/Internet.

Turn off System Restore (Win XP only)

  1. Click Start.
  2. Right-click My Computer, and then click Properties.
  3. On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.
  4. Click Apply.
  5. When you see the confirmation message, click Yes.
  6. Click OK.

Turn on System Restore (Win XP only)

  1. Click Start.
  2. Right-click My Computer, and then click Properties.
  3. On the System Restore tab, uncheck Turn off System Restore or Turn off System Restore on all drives.
  4. Click Apply.
  5. When you see the confirmation message, click Yes.
  6. Click OK.

Disable the Server Services (Win XP)

If you are sharing your hard disk or printer directly connected to your computer then these will no longer work.

  1. Click Start.
  2. Click Run.
  3. Type services.msc.
  4. Scroll down in the Services Window to locate Server and right-click on Server.
  5. Click Properties.
  6. Click Stop button.
  7. Click Yes to stop the Computer Browser (this is not Internet Explorer or FireFox).
  8. In the Startup type: field choose Disabled.
  9. Click OK button.

Disable the Server Services (Win Vista)

If you are sharing your hard disk or printer directly connected to your computer then these will no longer work.

  1. Click Start.
  2. In the Start Search field type services.msc.
  3. Click Continue button
  4. Scroll down in the Services Window to locate Server and right-click on Server.
  5. Click Properties.
  6. Click Stop button.
  7. In the Startup type: field choose Disabled.
  8. Click OK button.
Calendar
 
 
Last Updated: 4 January 2010

Log In back to UoM Homepage