[axis77]

ive been reading about the april 1st deadline, but how do we know if our pc has been infected with this virus, and does patching ms08-067 fix this? or just not allow your pc to send out info or prevent it from being infected??

[TOGG]

I haven't seen anything about a 'deadline' but, generally speaking, if you can get to the Windows Update site, your antivirus is still updating, you can run the MS Malicious Software Removal Tool and your Restore points haven't mysteriously disappeared recently, you probably don't have Conficker (yet).

There seems to have been a lot of confusion about the status of the various patches and things like the the Windows Autorun/Autoplay function. I have seen comments in various places about the need to be careful if anyone with access to your computer uses 'external devices' (such as USB memory sticks), which might have been used on another computer.

I recently saw a report about the C variant of Conficker which suggests that it is one nasty piece of work. It's fairly technical and is subject to revision, but you can read it here if you want to; http://mtc.sri.com/Conficker/addendu...-global-impact I think the only thing we can do is to keep everything patched.

EDIT: Just noticed the post referring to this article; http://tech.yahoo.com/blogs/null/128...-come-april-1/ It seems to be a short summary of the technical thing I linked to, but I don't know where the assumption about 1st April comes from. I assume it's because, in the past, some malware has been triggered on that date.

[TOGG]

I have now re-read that tech article I posted the link to (which I first saw about a week ago) and this reference to 1st April appears just before the 'Domain Generation Algorithm' section;

"Finally, C introduces a substantial modification of the DGA and query procedure, discussed in Domain Generation Algorithm. The DGA will be activated on 1 April 2009, and before April 1st it will enter a loop that sleeps 24 hours and then rechecks the date via getlocaltime. Prior to entering the April 1st date check, C will sleep for an initial random interval between 30 and 90 minutes. More specifically, this sleep interval is between 30 and 90 minutes if the local hour is after 11 a.m. and before 7 a.m. If the local time is after 8 a.m. and before 11 a.m., the sleep period will be between 2.5 and 3.5 hours. It will then check for Internet connectivity, and if connected will enter the domain generation logic. The next section describes this logic in greater detail."

[lotuseclat79]

Giz Explains: How a Brainy Worm Might Jack the World's PCs on April 1.

See last paragraph for link on what to do if infected in order to get rid of it.

-- Tom