[QUOTE=quantum;3082600]This is over 2 weeks old.[/QUOTE]
Wrong. It woke up yesterday at 12am London time. And it has opened up iexplore.exe and used different url's to receive it's instructions on the pc's here. It used sites like aol.com to communicate out and get the current time.
[QUOTE=LIDeadHead;3082605]Wrong. It woke up yesterday at 12am London time. And it has opened up iexplore.exe and used different url's to receive it's instructions on the pc's here. It used sites like aol.com to communicate out and get the current time.[/QUOTE]
I'm signed up for alerts from CERT - 2 weeks old. Trust me.
[QUOTE]UPDATE: Researchers have discovered a new variant of the Conficker Worm on [B]April 9, 2009[/B]. This variant updates earlier infections via its peer to peer (P2P) network as well as resuming scan-and-infect activity against unpatched systems. Public reporting indicates that this variant attempts to download additional malicious code onto victim systems, possibly including copies of the Waledac Trojan, a spam-oriented malicious application which has previously propagated only via bogus email messages containing malicious links.
US-CERT is aware of public reports indicating a widespread infection of the Conficker/Downadup worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a corporate network, if the network servers are not patched with the MS08-067 patch from Microsoft.
Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection may be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:
If a user is unable to reach any of these websites, it may indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet - in the case for home users.[/QUOTE]