Worm:Win32/Conficker!B removal

The Worm:Win32/Conficker!B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Worm:Win32/Conficker!B virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Worm:Win32/Conficker!B?


File Info:
name: D0707EB4C58AC60989A8.mlw
path: /opt/CAPEv2/storage/binaries/330ea0473d737824139e9c49503bcba92f740a5597e38f0eb0eef61a68a4ef48
crc32: A0F4F212
md5: d0707eb4c58ac60989a8156ad38c78d4
sha1: bac1d7b3c1054cc1a1f940474d2834a3c7f160e0
sha256: 330ea0473d737824139e9c49503bcba92f740a5597e38f0eb0eef61a68a4ef48
sha512: 1a4b67776a52d907efee8ffa9c1fdd6762b001628bfbb35997904b454510368faf411d95c5e517aad528db7926e812f30252089c4b13f42b43366b96d81ff2fb
ssdeep: 768:5y3vpdwgPh4P2Xh2nYzCu+9HXvQNRgEuW5vJPBT067HNN:k3vpdwqeAh2YzCuiHXvQNZuWpJPx3
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13FB24C10664C4CD3EF9CB97CACE98C6DD6A6406447F18686EFB337266C572BE4834289
sha3_384: c0242661d5bb8ecb8acfe9703b57221cd658740734f8fa65db80769ef85dc4cab5035c141120f90a8ac488a34cdcefb0
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2002-08-17 07:01:13

Version Info:
0: [No Data]

Worm:Win32/Conficker!B also known as:

Bkav	W32.AIDetectMalware
Lionic	Worm.Win32.Kido.kYOF
MicroWorld-eScan	Win32.Worm.Downadup.Gen
FireEye	Generic.mg.d0707eb4c58ac609
Skyhigh	BehavesLike.Win32.Backdoor.mh
McAfee	W32/Conficker.worm.gen.a
Malwarebytes	Worm.Conficker.Generic
Zillya	Downloader.Kido.Win32.377
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Worm:Win32/Conficker.3fb8f239
K7GW	Trojan ( 00394c0e1 )
K7AntiVirus	Trojan ( 00394c0e1 )
VirIT	Worm.Win32.DOWNADUP
Symantec	SMG.Heur!gen
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Conficker.AA
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Worm.Kido-307
Kaspersky	Trojan-Downloader.Win32.Kido.bj
BitDefender	Win32.Worm.Downadup.Gen
NANO-Antivirus	Trojan.Win32.Kido.bxabt
Tencent	Malware.Win32.Gencirc.10b3443d
Emsisoft	Win32.Worm.Downadup.Gen (B)
F-Secure	Worm:W32/Downadup.gen!A
DrWeb	Win32.HLLW.Shadow.based
VIPRE	Win32.Worm.Downadup.Gen
TrendMicro	WORM_DOWNAD.AD
Sophos	Mal/Conficker-A
Ikarus	Trojan-Downloader.Win32.Kido
Jiangmin	Worm/Kido.un
Webroot	W32.Worm.Conficker.Gen
Varist	W32/Conficker!Generic
Antiy-AVL	Worm[Net]/Win32.Kido
Kingsoft	malware.kb.a.1000
Microsoft	Worm:Win32/Conficker.gen!B
Xcitium	NetWorm.Win32.Kido.A@26lsaq
Arcabit	Win32.Worm.Downadup.Gen
ViRobot	Worm.Win32.Conficker.164228
ZoneAlarm	Trojan-Downloader.Win32.Kido.bj
GData	Win32.Worm.Downadup.Gen
Google	Detected
AhnLab-V3	Win32/Conficker.worm.Gen
Acronis	suspicious
BitDefenderTheta	AI:FileInfector.C483ABCE17
ALYac	Win32.Worm.Downadup.Gen
MAX	malware (ai score=100)
VBA32	Worm.Win32.kido.91
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	WORM_DOWNAD.AD
Rising	Worm.Conficker!1.99FA (CLASSIC)
Yandex	Trojan.DL.Kido!FVfOUIzL4sQ
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.964643.susgen
Fortinet	W32/Kido.IH!tr
DeepInstinct	MALICIOUS
alibabacloud	Trojan[downloader]:Win/Conficker.AA

How to remove Worm:Win32/Conficker!B?

Worm:Win32/Conficker!B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X