I think some of ISP's already block port 445 (from the last worm), maybe is hard to find vurnerable IP's (maybe some kiddies got lucky) or dumb admin open that port and I just tried that exploit on my own vmware server...cause..I am to "chicken" to try it on someone else server