Could it have something to do with this new worm, W32/Nachi? New variant of Blaster worm "fixes" infected systems "Microsoft Windows users infected last week by the W32.Blaster worm might appreciate the attention of a new version of that worm that cleans corrupted systems, then installs a software patch to prevent future infections. " Or not, as the case may be... "After infecting vulnerable Windows 2000 or Window XP machines, the new worm searches for and removes the Blaster worm file, Msblast.exe, and attempts to download and install a Windows software patch from Microsoft that closes the security hole used by the worm, according to antivirus companies. The new worm hides behind a different file name from the Blaster worm, Dllhost.exe, which allows it to bypass antivirus software configured to detect and stop Blaster, according to Ian Hameroff, security strategist at Computer Associates International." http://computerworld.co.nz/webhome.nsf/nl/11EB8FEAE5D99127CC256D8600740667