Conficker, is a computer worm targeting the Microsoft Windows operating system
that was first detected in November 2008. It uses flaws in Windows OS software and dictionary attacks on administrator passwords to propagate while forming a botnet, and has been unusually difficult to counter because of its combined use of many advanced malware techniques. Recent estimates of the number of infected computers have been notably difficult because the virus has changed its propagation and update strategy from version to version. In January 2009, the estimated number of infected computers ranged from almost 9 million to 15 million. Microsoft has reported the total number of infected computers detected by its antimalware products has remained steady at around 1.7 million from mid-2010 to mid-2011. By mid 2015, the total number of infections had dropped to about 400,000.
Symptoms:
Account lockout policies being reset automatically.
Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Windows Error Reporting disabled. Domain controllers responding slowly to client requests. Congestion on local area networks (ARP flood as consequence of network scan). Web sites related to antivirus software or the Windows Update service becoming inaccessible. User accounts locked out
Many third-party anti-virus software vendors have released detection updates to
their products and claim to be able to remove the worm.