------------------------------------
Disclaimer
------------------------------------

Like many of those that have read, and have seen, I'm unaware on how large of a threat this is to the average PC user. This is not a time for you to leave comments of 'Hurr. You should get a mac instead'.

This is your warning that you need to have your computer looked at ASAP. Conficker is a Downadup Worm who's motives are yet undetermined. There is the possibility of this being a giant hoax, but it is a serious enough one where Microsoft is offering a $250,000 reward for information leading to the arrest and conviction of the individuals behind the creation and/or distribution of Conficker.

Please feel free to forward this in your own journal(s). I don't know about you, but with the eve of 'ranks' just around the corner, I rather be safer than sorry.


------------------------------------
Information
------------------------------------

1) Wiki: [link]

2) One of the many news articles: [link]

3) Symatic Information on the Worm: [link]


(Information below gotten from sources above, respectfully:)


Infection of Microsoft-Windows accessible Conficker.c has been spreading since late last fall. The first wave targeted machines and dug in to software, hiding in wait, and was first discovered in November. The second wave began distributing copies of itself in December 2008, and the most recent in March 2009, is able to transfer itself through removable media, such as thumb drives, making it possible to infect any machine the user plugs into.



Symptoms

* Account lockout policies being reset automatically.
* Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Error Reporting Services disabled.
* Domain controllers responding slowly to client requests.
* Unusual amounts of traffic on local area networks.
* Websites related to antivirus software becoming inaccessible.


Automated detection

The worm makes several in-memory patches to NetBIOS-related DLLs in order to open re-infection backdoors.[4] On March 27, 2009 Dan Kaminsky, Tillmann Werner and Felix Leder discovered that this gives infected hosts a detectable signature when scanned remotely.[15] Signature updates for a number of network scanning applications are now available including NMap[16] and Nessus [17] and QualysGuard.


Removal

On October 15, 2008, Microsoft released an emergency out-of-band patch to fix vulnerability MS08-067, which the worm exploits to spread.[38] This patch was released prior to the release of the Conficker worm. Removal tools are available from Microsoft,[39] BitDefender,[40] Enigma Software,[41] ESET,[42] F-Secure,[43] Symantec,[44] Sophos,[45] and Kaspersky Lab,[46] while McAfee and AVG can remove it with an on-demand scan.


More URL help on removal:

1) [link]
2) [link]
3) [link]


Conficker strain A and B are fixable; strain C has no fix yet.


Last but not least. From Symantec's own page regarding the worm:

Advice to Stay Safe from the Downadup Worm:

1. Run a good security suite (we are partial to Norton Internet Security 2009 and Norton 360 Version 3.0).
2. Keep your computer updated with the latest patches. If you don’t know how to do this, have someone help you set your system to update itself.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
5. Be smart with your passwords. This includes

1. Change your passwords periodically
2. Use complex passwords – no simple names or words, use special characters and numbers
3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

6. Use a passwords management system such as Identity Safe (included in Norton Internet Security 2009 and Norton 360 Version 3.0) to track your passwords and to fill out forms automatically.
7. Run Norton Internet Security 2009, Norton AntiVirus 2009 or Norton 360 Version 3.0. You can also try Norton Security Scan.


(Obviously they suggest their virus program, but honestly any of the big ones out there are working on helping. Please review Symantec's full FAQ for more information)


Thanks.
-Mel