It’s known as Conficker, Downadup or Kiddo.
http://www.ksl.com/index.php?nid=148&sid=5404507
Anybody have any more information about this?
Susan
Symantec is pretty good.
http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99
Normally the big Anti-Virus companies have strategies and downloads to deal with this kind of thing.
Is there any way to tell if you’ve got it before removing it?
Here’s a free removal tool from Symantec:
http://www.symantec.com/security_response/writeup.jsp?docid=2009-011316-0247-99
The Jan 13 version of the Microsoft’s Malicious Software Removal Tool:
You don’t need to download it if you have automatic updates enabled, but if you don’t, this is where to go.
I don’t recall clicking on any X. All I know is that ZoneAlarm suddenly spotted Net-Worm.Win32.Kido.bt and isolated it immediately. Bit of a scare, though.
djm
And the worms ate into his brain.
The worms crawl in.
The worms crawl out.
The worms play pinocle
On your snout.
djm
Appreciate the link, Simon. Very easy and I’m worm-free!
Susan
At least until your next check-up at the vet. 
One of the three vectors this worm employs is riding around of memory sticks, ipods, etc - USB devices that get carried from computer to computer. It’s well worth using the following elegant little hack to disable windows’ insane promiscuity. If you recall, the Sony rootkit also exploited the same weakness.
Anyway, there seems to be a solution: a one-shot, quick way to prevent AUTORUN.INF files from being used on a PC, from any medium. My colleague and fellow low-budget Windows hacker Emin Atac thought up the idea, and I spent all of 15 minutes testing it. Now it’s your turn (well, “the world is our beta site” works well enough as a corporate mantra for Microsoft).
All you do is to copy these three lines into a file called NOAUTRUN.REG (or anything.REG) and double-click it. Corporate network people can transform it into a script for their favourite command-line registry manipulator, or maybe make it a system policy thingy.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@=“@SYS:DoesNotExist”
>
> This hack tells Windows to treat AUTORUN.INF as if it were a configuration file from a pre-Windows 95 application. IniFileMapping is a key which tells Windows how to handle the .INI files which those applications typically used to store their configuration data (before the registry existed). In this case it says "whenever you have to handle a file called AUTORUN.INF, don't use the values from the file. You'll find alternative values at HKEY_LOCAL_MACHINE\SOFTWARE\DoesNotExist." And since that key, er, does not exist, it's as if AUTORUN.INF is completely empty, and so nothing autoruns, and nothing is added to the Explorer double-click action. Result: worms cannot get in - unless you start double-clicking executables to see what they do, in which case, you deserve to have your PC infected.
>
> The only downside of this is that if you insert a CD with software on it, you have to explore it by hand to find the setup program. Of course, if that means your kids install less software, that could also be considered an upside. [> [source](http://nick.brown.free.fr/blog/2007/10/memory-stick-worms.html)> ]Where would you put such a file (non-Windows person)?
djm
Anywhere. Double click it once and adds the necessary line to your registry, and following your next reboot the autorun process is defanged. You don’t need the file after that; you can delete it if you like.
Okay, but what if I want to undo this at a later date?
djm
Before running the file, you use something like RegEdit to save the current registry key to a file like AUTRUN.reg or whatever. Then you can execute AUTRUN.reg at any time to restore the original autorun behavior.