Skip to main content
Published Apr 09, 2009 | Updated Sep 15, 2017

Worm:Win32/Conficker.E

Detected by Microsoft Defender Antivirus

Aliases: Win32/Conficker.worm.119296 (AhnLab) Win32.Worm.Downadup.A (BitDefender) Win32/Conficker.A (CA) W32/Conficker.G (Command) Win32/Conficker.AQ (ESET) Trojan-Dropper.Win32.Kido.o (Kaspersky) Net-Worm.Win32.Kido.js (Kaspersky) W32/Conficker.worm.gen.d (McAfee) W32/Confick-D (Sophos) W32.Downadup (Symantec) Trojan.DR.Kido.CE (VirusBuster) Worm:Win32/Conficker.gen!A (Microsoft) Worm:Win32/Conficker.E.dll (Microsoft)

Summary

Worm:Win32/Conficker.E is a member of the Win32/Conficker family and was proactively detected when first discovered as Worm:Win32/Conficker.gen!A. Conficker.E acts as an update mechansim for previous variants of Win32/Conficker. This variant deletes its own executable on May 3 2009.
 
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.
 
Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. More information is available here.
 
Microsoft also recommends that users apply an update that changes the AutoPlay functionality in Windows to prevent this worm from spreading via USB drives. More information is available in the Microsoft Knowledgebase Article KB971029.
 
Use the Microsoft Malicious Software Removal Tool, Microsoft Security Essentials, Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.
 
Note: Computers infected by Conficker may be unable to connect to Web sites related to security applications and services that may otherwise assist in the removal of this worm (for example, downloading antivirus updates may fail). In this case users will need to use an uninfected computer to download any appropriate updates or tools and then transfer these to the infected computer.
 
Microsoft Help and Support have provided a detailed guide to removing a Win32/Conficker infection from an affected computer:
For detailed instructions on how to manually remove Win32/Conficker, view the following article using an uninfected computer:
http://support.microsoft.com/kb/962007 - Virus alert for Win32/Conficker and manual removal instructions
Follow us