This talk examines the growth and evolution of the Conficker Worm release on 21 November 2008, exploiting the MS08-067 Vulnerability in the Microsoft RPC/Dcom stack. Nearly two years after the initial mass infection there are still in excess of 7 million systems still infected. While the Conficker Working group has done much in trying to foster an understanding of the worm, and subsequent resultant botnet, there are still a myriad of unanswered questions. We present a detailed analysis done on the initial outbreak looking at the Geopolitical origins of the Scanning (and possible target pre-selection) and worm spread in the days leading up to and following the recognised launch date of Nov 21st. An overview is shown of the following two years of traffic looking at both geo-political and topological origins - where are the infected hosts living in the physical and digital realms. We conclude with a comparison of 5 years of SQL slammer data, showing the natural extension phase that this 2003 malware is in. When will the Conficker extinction start. Data used for this analysis is is collected using two passive network telescopes, located at Rhodes University, augmented with a large dataset from CAIDA.org collected during November 2009.