Computers infected with the infamous Conficker worm will start scanning the Internet for instructions this April Fools' Day, and the results might not leave you feeling like it was a funny joke.

CBS's "60 Minutes" ran a piece on Conficker last night, and my phone has been ringing off the hook today from clients concerned about whether they should be concerned.

To that question I would answer, "Relax, but be vigilant."

If you have a legitimate copy of Windows, and you have installed the patch Microsoft released back in October 2008, you "should be" fine. Just to make sure, double check that you've got the patch installed on your machine. (MS08-067)

The update in question was probably installed in late October or November of last year; look for Security Update for Microsoft Windows (KB958644). If this patch isn't installed, browse to Microsoft's Download Center to retrieve and install it.

If your PC is blocked from visiting this site, use a noninfected PC to download the patch to a removable medium and install the update on the wormed PC from that device.

Next, run Microsoft's Malicious Software Removal Tool (MSRT). The latest version of this Microsoft tool identifies and removes all of the Conficker variants I've heard about. The easiest way to get MSRT is through Windows Update, but if you can't get through to that service on the infected PC, borrow a computer and download the tool from Microsoft's site.

Another sure tipoff that your computer may already be infected is if you have trouble connecting to your Anti-Virus update site. One of the things Conflicker (and it's variants) was programmed to do was to block you from accessing updates to your Anti-Virus program site.

If your PC is already infected and you can't access your AV Update site, a technical trick might enable you to visit a site that Conficker is blocking. Instead of entering the site's domain name in your browser's address bar, enter the site's dotted-decimal IP address instead, which Conficker doesn't seem to interfere with.

One way to learn the IP address of a Web site: using an uninfected PC, open a Firefox window and install the Show IP browser extension. With this extension enabled, the IP address of whatever site you're visiting shows up in the browser's status bar.

Of course, if you navigate to a site using its IP address and then click a link, the site will probably use a spelled-out domain name in the link. Conficker would block the resulting page, which you'd have to replace manually with its dotted-decimal equivalent. A pain in the butt for sure, but a lot less painful than the alternatives if you are already infected.

If you get something like this… DO NOT OPEN IT!   DO NOT FALL FOR THIS!!!    DO NOT CLICK ON ANY LINKS BELOW THIS LINE IN THIS POST!!!

postcards.org

 
You have just received a virtual
postcard from a family member!
.
You can pick up your postcard at
the following web address:
.
http://www.postcards.org/?d21-sea-sunset
.
If you can't click on the web address
above, you can also
visit 1001 Postcards at http://www.postcards.org/postcards/
and enter your pickup code, which is: d21-sea-sunset
.
(Your postcard will be available
for 60 days.)
.
We hope you enjoy your postcard, and if you do,
please take a moment
to send a few yourself!
You can do so by visiting this web address:
http://www2.postcards.org/
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)
.
We hope you like the postcard !
.
Regards,
1001 Postcards
http://www.postcards.org/postcards/

Clciking on the postcard someone in your family SUPPOSEDLY sent you will unleash all sorts of havoc on your computer!  DON'T DO IT!

Check Here Monday for a VALUABLE RESOURCE you can use to speed your way through the Social Marketing Maze!!

Have a Great Weekend!

Ed