F-Secure have produced a list of domains used by the Downadup/Conflicker worm to attempt to update itself. A random sampling from the list indicates that none of the domains are registered at present but given the names are programatically generated and unlikely to be used by real web sites this could be used as a block list in case they are ever used.

The domain list might also be useful for network administrators to identify machines infected with the Downadup/Conflicker worm as no legitimate processes should be making HTTP requests to domains on this list.

For more information see the below links:

MS08-067 Worm, Downadup/Conflicker
Downadup Blocklist for MS08-067 (Downadup/Conflicker)
AL-2008.0110 -- [Win] -- Microsoft Security Bulletin MS08-067 Critical - Vulnerability in Server Service Could Allow Remote Code Execution