CONFICKER

Conficker, is a computer worm targeting the Microsoft Windows operating system

that was first detected in November 2008. It uses flaws in Windows OS software
and dictionary attacks on administrator passwords to propagate while forming a
botnet, and has been unusually difficult to counter because of its combined use
of many advanced malware techniques.
Recent estimates of the number of infected computers have been notably difficult
because the virus has changed its propagation and update strategy from version
to version. In January 2009, the estimated number of infected computers ranged
from almost 9 million to 15 million. Microsoft has reported the total number of
infected computers detected by its antimalware products has remained steady at
around 1.7 million from mid-2010 to mid-2011. By mid 2015, the total number of
infections had dropped to about 400,000.

Symptoms:

Account lockout policies being reset automatically.

Certain Microsoft Windows services such as Automatic
Updates, Background Intelligent Transfer Service (BITS), Windows
Defender and Windows Error Reporting disabled.
Domain controllers responding slowly to client requests.
Congestion on local area networks (ARP flood as consequence of network
scan).
Web sites related to antivirus software or the Windows Update service
becoming inaccessible.
User accounts locked out

Many third-party anti-virus software vendors have released detection updates to

their products and claim to be able to remove the worm.