Event ID - 4444

Port No4444
Service NameW32.Blaster.E.Worm
RFC Doc0
ProtocolTCP
DescriptionW32.Blaster.E.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The worm targets only Windows 2000 and Windows XP computers. While Windows NT and Windows 2003 Servers are vulnerable to the aforementioned exploit (if not properly patched), the worm is not coded to replicate to those systems. This worm attempts to download the Mslaugh.exe file into the %Windir%\System32 folder, and then execute it.
Reference LinkPort Number:4444 Service Name:W32.Blaster.E.Worm Port:TCP
AttackAccording to Symantec

Removal Instructions:
Removal using the W32.Blaster.Worm Removal Tool
Symantec Security Response has developed a removal tool to clean the infections of W32.Blaster.E.Worm. Try this tool first, as it is the easiest way to remove this threat.

Manual Removal
As an alternative to using the removal tool, you can manually remove this threat. The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.