Hey Claude, I've got good news, good news, and more good news for you.
1. The way that conficker works is by attacking a
bug that was known
in Windows but was not patched by the computer's owner. Fortunately, I've spoken with the bozo
that patched your computer and he assures me that he did, in fact,
patch your system with all patches that were available on the day that
he worked on it. Sometimes when you install programs on your computer
it uses new components that weren't used before. Those components
might have patches too. When I updated your computer, I made sure that
I rebooted and checked Microsoft Update as one of the very last things
that I did. The end result of this is that I know your computer was
fully patched when you got it. The bug that conficker uses was fixed
with the patching I performed on your system. Yay! You're probably
covered. (I *never* speak in absolutes.)
2. A
whole pile of smart people figured out a way to find it. I won't
bore you with
the details, but most of the antivirus programs out there
are busy jamming it into their products to protect you. I've been told
AVG 8.5 does include conficker protection, so once more, you should be
safe.
One small warning: One of the things this sucker does is turn off some
of the things that keep you safe such as: Windows Update, Windows
Security Center, Windows Defender and Windows Reporting. It also may
block some antivirus software websites! Hence it could be blocking
your antivirus. In the unlikely event that you have been infected, and
you notice odd behaviour from your computer, use one of the removal
tools listed
here.
3. Last of the good news is that it's April Fools Day in Australia
right now and so far
it's looking okay. That's not to say that 12
hours from now the servers are going to wake up and cause havok. But
as of this moment right now, we're going fine.
- Mark
---
Most important is to not panic. Second most important is to use some common sense.
Patch your system by using
Windows Update or Microsoft Update. That would have stopped this in it's tracks.
Unfortunately, many people object to Windows Update because of the check they employ to test for pirated copies of Windows. Please go patch your systems! Microsoft gives access to critical updates to avoid this exact scenario. If your copy of Windows is pirated, then get a proper licence, install a distribution of Linux (I prefer
Ubuntu) or get off the internet. If you're one of my clients, call me immediately because something requires immediate attention.
In my opinion, Microsoft has done a truly horrible thing by linking WGA to Microsoft Update. It gives the impression that you're under the magnifying glass for piracy instead of focusing on it's job to keep you safe. I would like to see it offer critical updates first and then push out the WGA. But I'm not majority shareholder in Microsoft yet.
Second on the list of common sense is to have an antivirus program installed.
There is a lot of hype about Conficker right now, use an anti-virus program I trust. I personally recommend the free versions of
AVG,
Avast and
Avira for home users and there is always the Open Source
ClamWin - based on the technically excellent ClamAV. There are several other
reputable anti-virus companies available, although I do not believe there is any reason for home users to pay for anti-virus solutions any more.
Third, go get a home router and don't connect to the internet unless you're behind a firewall. Bonus, you can easily hook several computers to your broadband connection.
Safe computing out there.