January 28th, 2009

I had a very tiring day today — thanks to this win32:conficker worm. I had to scan all 20 computers in my network, including the server, four hours before the café opened. I woke up 5:00 AM — quite a remarkable feat for me, who usually wakes 9:30 in the morning.

It wasn’t until yesterday that I noticed I had been infected by this notorious Worm. It spreads through flash drives by infecting autorun.inf and targets an entire network.

Here’s a step by step guide on how to remove this virus on your network.

1. Turn of System Restore

• Click Start, right-click My Computer, and then click Properties.
• In the System Properties dialog box, click the System Restore tab.
• Click to select the Turn off System Restore check box. Or, click to select the Turn off System Restore on all drives check box.
• Click OK.
• When you receive the following message, click Yes to confirm that you want to turn off System Restore:

2. Download and Install Avast! 4 Professional. (It’s a 60 day trial but you can purchase it if you like)

3. Update the Program Files, and Virus Database

4. Download and Install Microsoft Security Bulletin MS08-067 Patch.

5. Download and Install Flash Disinfector. (This will make your computer immune in every autorun.inf file)

6. Unplug every network cable in the entire network (Because it spreads trough LAN). Just to make sure turn off your Modem and Network Hub.

7. Run a Boot Time Scan.

8. Turn On Your System Restore.

And that’s it! You’re now worm free.

