It's unlikely this affects anyone, but better safe than sorry. It turns out that if you have Win2k Service Pack 1 or 2, and used MS's "workaround," posted at the same time as the July patch for the RPC vulnerability, this workaround doesn't work. It's only relevant if you had a Win2k SP1 or SP2 computer on which you disabled DCOM instead of applying the patch; if you applied the patch (before being infected of course) you are OK... http://www.pcworld.com/news/article/0,aid,112006,00.asp