I know this is a little too late for Shar, but here's info for the rest
of you about this worm, from a reputable online newsletter.
Maggie
========================================================================
The Blaster Worm is Taking No Survivors! _______________
A new worm was discovered 8-11-03 that exploits an RPC hole through TCP
port 135 it then downloads & runs a file called Msblast.exe that results
in your computer shutting down. This worm is causing a huge amount of
disturbance and can be found in Windows NT, 2000, XP and 2003 Server.
One of the payloads of this worm is to cause the DCOM (Distributed
Component Object Model) RPC (Remote Procedure Call) interface to appear
and tell the user that the system will be shutdown in 60 seconds. Even
if you are protected from the vulnerability, you may see this box pop
up...it does not mean that the system is infected, only that an attempt
to overrun the RPC has been made. To make things worse a variant of the
worm has already been found as of Wednesday morning. For more details
and what to do, surf over to:
