Seems to be a possible worm based on the RPC/DCOM exploit making the rounds?
puts these files in %systemdrive% rpc.exe rpctest.exe tftpd.exe worm.exe lolx.exe also in %windir%\system32 lolx.exe dcomx.exe rpc.exe and dcomx.exe appear in the running tasks. I pulled samples of them and submitted to SARC. -Dave
smime.p7s
Description: S/MIME cryptographic signature
