Symantec Security Response encourages you to ignore any messages regarding this hoax. It is intended only to cause unwarranted concern. This hoax arrives as a message box on the computer screen. The message box is not a result of executing a local file, but the result of a user remotely instructing the computer to display the message box via Microsoft Networking. Users should take steps to lock down their system to prevent this type of hoax message box from appearing.
Message box hoaxes and SPAM can arrive unexpectedly to your computer if Microsoft Networking is enabled. Microsoft Networking can be blocked by configuring your desktop firewall to block ports:
135/tcp - Microsoft RPC
135/udp - Microsoft RPC
138/udp - Microsoft NetBIOS
139/tcp - Microsoft RPC, Named Pipes, NetBios, File Sharing
445/tcp - Microsoft Named Pipes, RPC, File Sharing
445/udp - Microsoft Named Pipes, RPC, File Sharing
To disable the service that allows remote message boxes perform the following steps. Please be aware modifying these configurations may prevent other applications from operating properly and will disable the ability to share files via Microsoft Networking with remote computers:
For Windows 9x:
Select Start | Settings | Control Panel
Select the Configuration tab
Click File and Print Sharing
Disable I want to be able to give others access to my files.
Disable I want to be able to allow others to print to my printer(s).