31. March 2009 21:14
Hey Claude, I've got good news, good news, and more good news for you.
1. The way that conficker works is by attacking a bug that was known in Windows but was not patched by the computer's owner. Fortunately, I've spoken with the bozo that patched your computer and he assures me that he did, in fact, patch your system with all patches that were available on the day that he worked on it. Sometimes when you install programs on your computer it uses new components that weren't used before. Those components might have patches too. When I updated your computer, I made sure that I rebooted and checked Microsoft Update as one of the very last things that I did. The end result of this is that I know your computer was fully patched when you got it. The bug that conficker uses was fixed with the patching I performed on your system. Yay! You're probably covered. (I *never* speak in absolutes.)
2. A whole pile of smart people figured out a way to find it. I won't bore you with the details, but most of the antivirus programs out there are busy jamming it into their products to protect you. I've been told AVG 8.5 does include conficker protection, so once more, you should be safe.
One small warning: One of the things this sucker does is turn off some of the things that keep you safe such as: Windows Update, Windows Security Center, Windows Defender and Windows Reporting. It also may block some antivirus software websites! Hence it could be blocking your antivirus. In the unlikely event that you have been infected, and you notice odd behaviour from your computer, use one of the removal tools listed here.
3. Last of the good news is that it's April Fools Day in Australia right now and so far it's looking okay. That's not to say that 12 hours from now the servers are going to wake up and cause havok. But as of this moment right now, we're going fine.
Most important is to not panic. Second most important is to use some common sense.
Patch your system by using Windows Update or Microsoft Update. That would have stopped this in it's tracks.
Unfortunately, many people object to Windows Update because of the check they employ to test for pirated copies of Windows. Please go patch your systems! Microsoft gives access to critical updates to avoid this exact scenario. If your copy of Windows is pirated, then get a proper licence, install a distribution of Linux (I prefer Ubuntu) or get off the internet. If you're one of my clients, call me immediately because something requires immediate attention.
In my opinion, Microsoft has done a truly horrible thing by linking WGA to Microsoft Update. It gives the impression that you're under the magnifying glass for piracy instead of focusing on it's job to keep you safe. I would like to see it offer critical updates first and then push out the WGA. But I'm not majority shareholder in Microsoft yet.
Second on the list of common sense is to have an antivirus program installed. There is a lot of hype about Conficker right now, use an anti-virus program I trust. I personally recommend the free versions of AVG, Avast and Avira for home users and there is always the Open Source ClamWin - based on the technically excellent ClamAV. There are several other reputable anti-virus companies available, although I do not believe there is any reason for home users to pay for anti-virus solutions any more.
Third, go get a home router and don't connect to the internet unless you're behind a firewall. Bonus, you can easily hook several computers to your broadband connection.
Safe computing out there.