Windows Maintenance: Difference between revisions

From Research
Jump to navigation Jump to search
Wilsonl (talk | contribs)
Wilsonl (talk | contribs)
 
(6 intermediate revisions by the same user not shown)
Line 20: Line 20:
The worm is known to activate on April Fool's Day (April 01), and affects all Windows platforms.
The worm is known to activate on April Fool's Day (April 01), and affects all Windows platforms.


Since it is difficult to recognize (it does not display any messages or warnings that indicate it has reached the computer), it's vital that computer users run the following tools to scan (and remove if found) their computers.  
Since it is difficult to recognize (it does not display any messages or warnings that indicate it has reached the computer), it's vital that computer users run the following utilities to scan (and cleanse) their computers.


=== Removal Tool 1 ===
=== Removal Tool 1 ===
Please [http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDwndp.exe download and run this utility] on your computer. The tool is provided and hosted by [http://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99 Symantec Corporation].
Please [http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixDwndp.exe download and run this utility] on your computer. This utility is provided and hosted by [http://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99 Symantec Corporation].


=== Removal Tool 2 ===
=== Removal Tool 2 ===
If the utility above cannot be downloaded, please [http://research.iat.sfu.ca/wiki/index.php?title=Image:KKiller_v3.4.1.zip download and run this utility] on your computer. This tool is provided by [http://support.kaspersky.com/faq/?qid=208279973 Kaspersky Lab], but hosted locally on this Wiki at SFU Surrey.
If the utility above cannot be downloaded, please [http://research.iat.sfu.ca/wiki/images/1/19/KKiller_v3.4.1.zip download, unzip, and run this utility] on your computer. This utility is provided by [http://support.kaspersky.com/faq/?qid=208279973 Kaspersky Lab], but hosted locally on this Wiki at SFU Surrey.

Latest revision as of 10:32, 1 April 2009

We Use

Removing unused device drivers

  • Press 'Windows'+'Break' to bring up the System Properties dialog box.
  • Select the Advanced tab, then click Environment Variables.
  • Click New. In the Variable Name box type: devmgr_show_nonpresent_devices, and in the Variable Value box type 1.
  • Click OK, and go to Device Manager (under the Hardware tab in System Properties).
  • Expand the different branches of devices. A faded icon means the device driver is unused.
  • To remove a device driver, right click the icon and click Uninstall.

Malware Removal - W32.Downadup/Conficker

Background Information

According to this IT security firm, this high-threat worm exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself. It also spreads through shared and removable drives. It reduces considerably the protection level of the computer, modifies the security policies of the user accounts and attempts to download another type of malware to the affected computer.

The worm is known to activate on April Fool's Day (April 01), and affects all Windows platforms.

Since it is difficult to recognize (it does not display any messages or warnings that indicate it has reached the computer), it's vital that computer users run the following utilities to scan (and cleanse) their computers.

Removal Tool 1

Please download and run this utility on your computer. This utility is provided and hosted by Symantec Corporation.

Removal Tool 2

If the utility above cannot be downloaded, please download, unzip, and run this utility on your computer. This utility is provided by Kaspersky Lab, but hosted locally on this Wiki at SFU Surrey.