Question : Conficker Worm

We have been hit quite badly by the Conficker Worm which we are dealing with OK, i.e patching, updating Virussacn dat files etc..  One strange symptom we are experiencing is that we are getting a lot of account lockouts for users whose user logon names begin with "a".  We are sure that all our Domain Controllers [Windows 2008 Server] are protected.  We are aware that tripping account lockout policies is a feature of the Conficker virus but can't figure out why it is targeting user accounts beginning with the letter "a".  If we could understand this it would help us kill off the last remnants of the virus on our network.

Answer : Conficker Worm

hmmm...not really.  what are you concerned of?  it should be a descriptive name, but you can always use restore filelistonly to get the logical names in the backup.