W2k SP4 strange DCOM event in eventlog

[Matthias Güntert <MatzeGuentert () gmx de>]

Hello 

Today i have recognized a strange event in the eventlog of our companies
Windows 2000 (SP4) DCs witch has every patch applied provided by microsoft:

Eventid: 100006, Source: DCOM

Dcom got error "class not registered" from the computer 192.168.100.4 when
attempting to activate the server: {D99E6E73-FC88-11D0-B498-00A0C90312F3} 

192.168.100.4 is our exchangeserver witch pop's the mails from a suse linux
7.3 box standing in the dmz. 

I have searched www.eventid.net for that, but couldnt figure out why this
has happens. I have already searched the regestry for that key. I am concerned
because of the new worm blaster! Was that a unsuccessful attempt of the DCOM
exploit??

Sorry for my bad english, hope someone can help me out...

Best Regards

Matthias Güntert

-- 
COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test
--------------------------------------------------
1. GMX TopMail - Platz 1 und Testsieger!
2. GMX ProMail - Platz 2 und Preis-Qualitätssieger!
3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post


---------------------------------------------------------------------------
----------------------------------------------------------------------------