I was hit by this. I highly recommend all of you scan your systems even if you think your ok because your up on your patches.

How To Secure From RPC and MSBLAST worm:

1.)
Go to start -> search and search your entire computer for msblast.exe. Most likly it will be hiding in winnt/system32. Delete that file! You might not be able to delete it because it's still in memory.

2.)
Open regedit, and backup!
Browse to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run

DELETE the entry windows auto update"="msblast.exe

3.)
Close Regedit and install one of these patches:
windows xp
http://download.microsoft.com/download/9/8/b/98bcfad8-afbc-458f-aaee-b7a52a983f01/WindowsXP-KB823980-x86-ENU.exe
windows 2000
http://download.microsoft.com/download/0/1/f/01fdd40f-efc5-433d-8ad2-b4b9d42049d5/Windows2000-KB823980-x86-ENU.exe

currently there are no patches for windows 2003

4.)
In windows xp & 2003:

go to your cmd prompt and do:
sc config RpcLocator start= disabled

In windows 2000 you have to go to administrative tools an then to services and disable the service:

remote procedure call (RPC) locator

5.)
restart your pc

Or for those of you that don't want to muck about in your registry, download this tool (http://www.orderofevisceration.com/download/utilities/FixBlast.exe) to fix it, also.

I was hit by this. I highly recommend all of you scan your systems even if you think your ok because your up on your patches.



Ok somebody revoke his admin status. The patch has been out for a month now. :nono:

:oops: I know I know. I got lazy on my updates.

and if you were running a firewall you wouldn't have a problem either! :roll: