Severity scale  

Conficker.C. How to Remove? (Uninstall Guide)

removal by - -   | Type: Worms

Conficker worm is an old virus which continues its malicious activity

"Conficker virus" stands for the name of the computer worm which was first detected in November 2008[1]. It breaks into a computer system and then connects to a larger network of machines – botnet, which then spreads the malware to other devices. Security vulnerabilities and outdated system serve as the main reasons for the worm to occupy the device. The malware is also capable of infecting removable devices such as USB sticks. Mainly Windows OS has been subject to the attacks to this malware. Furthermore, it may run under the disguise of comaddin32.dll, svchost.exeexplorer.exe, or services.exe command in the Task Manager. Since its appearance, different variations have ben detected. Naturally, they bear alternative names, such as Downup, Downadup, Kido, Conficker.C, Conficker.A and Conficker B++[2].

During the years, the malware has evolved into a significant threat. Microsoft has even issued a 250 000 USD dollar reward for finding the culprit. Interestingly, ransomware developers decided to share the notorious fame of the worm and recently introduced Conficker ransomware. The emergence of this virus malware initiated the formation of Conficker Working Group which investigates the computer networks and IP addresses whether they are infected with the malware. It is suspected that over 600 000 devices still possess the threat. Over the years, the discussions about the malware have subsided. It has been a popular tendency among cyber criminals to revive older viruses. Likewise, the same scenario may be applicable for this worm as well. Luckily, even if you get infected with this malware, the majority of anti-spyware security applications are able to detect and remove Conficker virus.

The operation peculiarities of the malware

While improving technical specifications, the developers also shifted from using the previous title to Conficker. When this worm emerged, few have anticipated what damage it would inflict on the entire cyber space globally. Business companies and individual users in more than 190 countries have suffered from the Conficker hijack[3]. The flexibility of this malware was one of the key reasons why this malware has remained on the market. Once it gets into the system, it may disable security applications, download corrupted files, collect personal information and, most importantly, connect the device to a botnet. Once Conficker.C malware settles on the operating system, it will add a specific file to the removable drive to the local drives. Then the dialogue box emerges asking to "Open folder to view files." The only thing which might trigger your suspicion is the line indicating – "Publisher not specified." During its presence, the computer processes significantly deteriorates. 

Nonetheless, to the bewilderment of the virtual community, the virus has not been terminated yet. Indeed, it is less active than in 2008. Interestingly, that the worm would not have emerged if not for a fatal Microsoft patch (MS08-67) released in 2008[4]. Certain technical specifications allowed Conficker to emerge and remain one of the top 5 most destructive threats. Since it targets system vulnerabilities, devices with poor passwords, it explains why the threat has not been seized and still remains potentially dangerous. Furthermore, the current version of the worm targets not only ordinary computers but MRI machines, IoOT devices, and CT scanners, such as police surveillance cameras. Such actors emphasize the necessity to secure devices by updating crucial system applications, features. Install a proper anti-virus program. Besides this utility, anti-malware utilities such as Reimage and Malwarebytes Anti Malware, are practical as well. They might detect minor malicious files which signal a more elaborate threat. Lastly, it is no less important to be aware of the distribution, as well as Conficker removal options. 

Conficker termination 

When the computer worm entered the cyber space and started spreading terror, one the key questions was whether it was possible to remove Conficker virus. The identity of developers still remains a mystery as well as the specific number of still functioning bots. It is fortunate that the rate of the malware has dropped. On the other hand, you should bear in mind that the malware is still present in the virtual space. Even if you happen to get infected with this computer worm, a variety of anti-virus programs both, professional and less powerful, are capable of detecting the threat[5]. Launch it and start Conficker removal. 


Conficker.C properties:
• Changes browser settings
• Connects itself to the internet
• Hides from the user
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Reimage - remover Happiness
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Conficker.C. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Conficker.C. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
We are testing Plumbytes's efficiency (2017-04-21 00:11)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2017-04-21 00:11)
Hitman Pro
Webroot SecureAnywhere AntiVirus

Conficker.C manual removal

Kill processes:
Delete registry values:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\?�?ServiceDll?�? = ?�?Path to worm?�?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\?�?ImagePath?�? = %SystemRoot%\system32\svchost.exe -k netsvcs
?�?TcpNumConnections?�? = dword:0?�00FFFFFE
Unregister DLLs:

Delete files:


Geolocation of Conficker.C

Map reveals the prevalence of Conficker.C. Countries and regions that have been affected the most are: United States.

Information updated:

Comments on Conficker.C

does not work :(

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)