Remove Conficker B++. Description and removal instructions
The main goal of this parasite is to download more malware or other viruses onto the computer. Also Conficker B++ logs user's keystrokes and performs other dangerous actions, making system more insecure. Obviously, Conficker B++ should be removed from the system as soon as possible after detection. Related files: [Random].tmp Conficker B++ properties: • Logs keystrokes • Changes browser settings • Connects itself to the internet • Hides from the user • Stays resident in background Automatic Conficker B++ removal:remover for Conficker B++
Conficker B++ manual removal:Kill processes:svchost.exe explorer.exe services.exe Delete registry values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHO WALLCheckedValue = dword:00000000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost, netsvcs = %Previous data% and %Random% HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ DisplayName = %ServiceName% Type = dword:00000020 Start = dword:00000002 ErrorControl = dword:00000000 ImagePath = “%SystemRoot%\system32\svchost.exe -k netsvcs” ObjectName = “LocalSystem” Description = %description% HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[random]\Parameters ServiceDll = %MalwarePath% HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\”ServiceDll” = “Path to worm” HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\”ImagePath” = %SystemRoot%\system32\svchost.exe -k netsvcs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters “TcpNumConnections” = dword:0×00FFFFFE Unregister DLLs: [Random].dll Delete files: %System%\\[Random].tmp %Temp%\\[Random].tmp Other programs to remove Conficker B++:• Malwarebytes Anti Malware - Review - Download• Malwarebytes Anti Malware - Review - Download • Windows Defender - Review - Download Information added: 23/02/09 Information updated: 23/02/09 Additional resources related to Conficker B++:Attention: If you know or you have a website or page about Conficker B++ removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about Conficker B++ parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Latest spyware news:
 Rogue security applications impersonate leading anti-virus manufacturers Attack of Waledac Worm is schedulled on July 4 Another Parasite Attack Spreads Via Twitter Free security product vets Twitter links Mac trojan targets game sites to infect users Security Threat at Fanny Mae Some web sites to avoid for today British Government will track all e-mail's YOUR SISTER NAKED LOLZ com “intervalhehehe” popupSubscribe to news 
Similar parasites:
|
FORUM:
HELP:
