Had this question 6
Bobby Mikkelson asked on

Warning: Security related E-Mail Hoax stating that network is infected.

Microsoft has recently become aware of an email hoax that begins like the following:

"Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected..."


This is not a legitimate communication from Microsoft and the link within that communication points users to a 'rogue' security program.  These rogue programs generate misleading alerts and false detections of malicious code to convince users to purchase the illegitimate security software.  Some rogues may display product names or logos in an apparent unlawful attempt to impersonate Microsoft products or other legitimate software applications.


If you believe your machine has become infected, we encourage you to use the Windows Live OneCare Safety scanner to check your PC for malware and to help remove them from your system.  In addition, we encourage you to submit any other suspicious files to the MMPC team for analysis.

If you do not have an antivirus/antispyware software on your machine, you download Microsoft Security Essentials or choose from a list of other software providers:  Windows 7 security software providers, Windows Vista security software providers, Windows XP security software providers.


You can also find out how to get free virus-related assistance from Microsoft here: http://www.microsoft.com/protect/support/default.mspx.


Thank you
Found this helpful 0
SpiritX MS MVP replied on


For any that think they might have Conficker :

Can you get to Microsoft.com, McAffee.com, Symatec.com? Thinking you could have a conficker.

Check with this site

Virus alert about the Win32/Conficker worm

Protect yourself from Conficker

How to remove the Downadup and Conficker worm (Uninstall Instructions)

How to Remove Conficker Worm Manually

BDTool to remove


Run the Microsoft Malicious Removal Tool, Scan with Malwarebytes and run Prevx to be sure it is gone. (If needed 
use UnHackMe below.) 

Start - type in Search box -> MRT  find at top of list - Right Click on it - RUN AS ADMIN.

You should be getting this tool and its updates via Windows Updated - if needed you can download it here.

Download - SAVE - go to where you out it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)

Microsoft Malicious Removal Tool - 32 bit

Microsoft Malicious Removal Tool - 64 bit

Run these :

Malwarebytes - an on-demand scanner - update on Updates tab and run when ever you suspect malware.

also install Prevx to be sure it is all gone.

Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other security programs. This is
a scanner only, VERY EFFECTIVE, if it finds something come back here or use Google to see how to remove. 

PCmag - Prevx - Editor's Choice


Here are some online free scanners to help if needed (skip if not) :


New Vista and Windows 7 version

Original version


Other Free online scans


Also do these to cleanup general corruption.

Run DiskCleanup - Start - All Programs - Accessories - System Tools - Disk Cleanup

Start - type this in Search Box ->  COMMAND   find at top and RIGHT CLICK  -  RUN AS ADMIN

Enter this at the prompt - sfc /scannow

How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log

Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.

How to Run Check Disk at Startup in Vista


Run Malwarebytes when you can.

IE - Tools - Internet Options - Advanced Tab - click Restore then click Reset - Apply / OK

IE - Tools - Internet Options - Security - Reset all Zones to default level - Apply / OK

Close IE

IE - Tools - Manage Addons (for sure disable SSV2 if it is there, this is no longer needed but Java still installs it
and it causes issues - you ever update Java go back in and disable it again.) Look for other possible problems.

Windows Defender - Tools - Software Explorer - look for issues with programs that do not look right. Permitted
are usually OK and "not permitted" are not always bad. If in doubt about a program ask about it here.

Could be a BHO - BHOremover - Free - standalone program, needs no install, download and run - not all
are bad however some can cause your issue. (Toolbars are BHO's)

Startup Programs

Be sure to do this :

Logon as Admin

Start - type in Search box ->   COMMAND   - find on list above - RIGHT CLICK - RUN AS ADMIN

Enter each of these one at a time and hit enter after each

ipconfig /flushdns

nbtstat -R

nbtstat -RR

netsh int reset all

netsh int ip reset

netsh winsock reset


Here are some for rootkits if they were an issue :

SpyDLL Remover - Free

Advanced Windows Service Manager

Run Rootkit Revealer - Free

UnHackme - trial 5.5 or later

This tells you how to use UnHackme and has a link to version 2.5 -use it as a guideline with
the current version available as above is 5.5 or later

IceSword - Free
Instructions and Pictorial
Tutorial for using IceSword

Revo Uninstaller - Free

Hope this helps.

Rob - Bicycle - Mark Twain said it right.
Rob Brown - Microsoft MVP - Windows Experience : Bicycle - Mark Twain said it right.
Found this helpful 0
Thomas is cool replied on


Try downloading macafe! (If haven't done!)