Take a look at this guidance from Microsoft on Conficker.A and Conficker.B. You need to get the ms08-067 patch rolled out as soon as you can to your machines. You can use the psexec tool from Sysinternals/Microsoft to distribute the patch if you have an administrative login on the computers.

Put the patch into a folder along with the psexec.exe tool. Create a text file called computers.txt listing the names of the computers you wish to push the fix to. Create a batch file called something like ms08-067Push.bat

(Please test before rolling this out. I may have missed a command line switch or the syntax may be incorrect) -The content of the ms08-067Push.bat batch file would be something like this:

psexec.exe @"c:\documents and settings\MyUserID\desktop\pushfix\computers.txt" -i -c WindowsXP-KB958644-x86-ENU.exe

Good luck and if there is a big outbreak on your network, break the internet connection or shutdown the machines until you get them checked. Don't be afraid to shut things down to get them cleaned up. Then... once you do get things cleaned up and can estimate the time it took... figure out how much you could have saved and look at purchasing a good asset management system like Windows Systems Center Configuration Manager to push out patches and fixes to your devices.

Here's a good autopsy of the Conficker variants and some details to show what to be concerned about.
========================
You can also expect to find accounts on a windows domain seemingly randomly locked out as a byproduct of this virus.

Please complete the following information:

REGISTER / LOG-IN TO DISCUSS

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Submit your e-mail address below to continue

E-mail: 

E-mail: 

Handle:   

Password: 

Forgot Password?

Create Handle: 

Your handle identifies you in ITKnowledgeExchange. Max 30 char.

Create Password: 

Confirm Password: 

Yes, I agree to the IT Knowledge Exchange  Terms and Conditions.

hidden modal window