WIN32 Conficker Worm Infected

Title:

Infected by Win32/Conficker Worm (backdoor-conficker).

Vulnerability:

What is Win32/Conficker Worm?
This worm makes changes to you PC and can disable important system services and security products, like antimalware or antivirus software.
It spreads by infecting PCs on your network, removable drives (like USB flash drives), and weak passwords. Following show the impact if this virus is found present:

  • Account lockout policies are being tripped.
  • Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender, and Error Reporting Services are disabled.
  • Domain controllers respond slowly to client requests.
  • The network is congested.
  • Various security-related Web sites cannot be accessed.
  • Various security-related tools will not run.

Solution:

  • You should use an antivirus product to remove the Conficker malware from the system. Or, follow the steps in the "Manual steps to remove the Win32/Conficker virus" section of this Knowledge Base article to manually remove the malware from the system.
  • Use strong administrator passwords that are unique for all computers.
  • Do not log on to computers by using Domain Admin credentials or credentials that have access to all computers.
  • Make sure all systems have the latest security updates applied.
  • Disable the Autoplay features. For more information, see step 3 of the "Create a Group Policy object" section.
  • Remove excessive rights to shares. This includes removing write permissions to the root of any share.