Take a look at this guidance from <a href=”http://technet.microsoft.com/en-us/security/dd452420.aspx”>Microsoft on Conficker.A and Conficker.B</a>. You need to get the ms08-067 patch rolled out as soon as you can to your machines. You can use the psexec tool from Sysinternals/Microsoft to distribute the patch if you have an administrative login on the computers.
Put the patch into a folder along with the <a href=”http://live.sysinternals.com/psexec.exe”>psexec.exe</a> tool. Create a text file called <b>computers.txt</b> listing the names of the computers you wish to push the fix to. Create a batch file called something like <b>ms08-067Push.bat</b>
(Please test before rolling this out. I may have missed a command line switch or the syntax may be incorrect) -The content of the <b>ms08-067Push.bat</b> batch file would be something like this:
<b><i>psexec.exe @”c:\documents and settings\MyUserID\desktop\pushfix\computers.txt” -i -c WindowsXP-KB958644-x86-ENU.exe </i></b>
Good luck and if there is a big outbreak on your network, break the internet connection or shutdown the machines until you get them checked. Don’t be afraid to shut things down to get them cleaned up. Then… once you do get things cleaned up and can estimate the time it took… figure out how much you could have saved and look at purchasing a good asset management system like Windows Systems Center Configuration Manager to push out patches and fixes to your devices.
Here’s a good <a href=”http://mtc.sri.com/Conficker/”>autopsy of the Conficker variants</a> and some details to show what to be concerned about.
You can also expect to find accounts on a windows domain seemingly randomly locked out as a byproduct of this virus.