Son of Conficker?

[David Gillett <gillettdavid () FHDA EDU>]

  Yesterday I noticed that our DNS servers were forwarding resolution
requests for domain names that reminded me of the ones the Conficker worm
was generating about 18 months ago or so.  (If I recall correctly, the
Conficker domains were all in .cn whereas I believe this latest crop were
all in .ru ...)
  So it should not have surprised me when today three of our campus servers
began trying to establish CIFS connections (Win 2K/XP file sharing, TCP port
445) to addresses scattered across the Internet, presumably trying to spread
some worm they've become infected with....
 
  Is anyone else seeing this?
 
David Gillett