We've been monitoring the locations of the files that infected machines are now trying to download. So far none of them have activated.