Ever see this before?

Computer has shut down with error message stating:

"NT Authority / System"
"Remote Procedure Call Service Terminated Unexpededly".

This starts a 60 second countdown until the computer shuts down then comes back on (reboot?)
Just started happening yesterday, now this pops up every hour or so and shuts me down.
Already performed an AdAware scan and found & dumped 34 Spyware files, then a McAffee virus scan and found 1 file "Exploit-DcomRpc" which McAffee states is a Retina-Scan file,... Quarenteened it.

Anybody seen this before? ???
I'll check in the AM for updates.
Thanks.

Ed

 

Hey Ed,
I just sent ya a PM to tell ya that my work partner's home PC started getting the same error messages and their daughter's is getting them too. He thinks that she said it has something to do with a Microsoft problem and their ISP said to contact MS to get a patch to install.
It is only happening on Windows 2000 and Windows XP according to the info she has gotten so far.


Hope this helps,

 

I saw a news item today that mentioned the latest virus and it does exactly what you are describing. Have you done a full system virus scan today?

 

http://www.cert.org/advisories/CA-2003-19.html

http://support.microsoft.com/?kbid=823980

The top link is the CERT article on this. Think of CERT as the international computer police.

The second link is to the Microsoft article on this. Choose the patch appropriate to your operating system.

Short story there is a flaw in some software on your PC that people (hackers) are trying to take advantage of. If you are behind a firewall you should be OK. If not, your in trouble. The patch above is very important so apply it.

http://securityresponse.symantec.com...ster.worm.html

This link is the current virus/worm using this hole in your computer to try and attack you.

I have not applied this patch myself yet to correct this problem. It might NOT fix it, but it won't hurt. I personally believe it will fix it. Please let me know your experience.

Also, as a side note, if you have a cable modem or DSL, do yourself a favor and buy one of those $100 Linksys or Netgear firewalls. That type of device will protect you from this type of attack. (provided it configured right)

-Tom
Yeah.. I guess I'm a computer guru.

 

Thanks Tom,
I sent a copy of your post to my fellow worker so he can give it to his wife and daughter. I guess since I'm using the old antique Windows 98 on a dial-up at home and the PC's at work are behind all sorts of firewalls, bells and whistles ,,,,,,,, I don't have to worry about it. : however,,, I will look into it.

Thanks again! ;D
Dennis

 

Thanks for the replys. ;D
I'm running XP.
Did the "Patch" this AM, now waiting to see if that takes care of it.
Saw an article in this morning's Washington Post Business section that said there's a "bug" going around.

Wondering why these PITA geeks can't find something better to do than sit around the house all day trying to hose somebody's computer. :

When they catch them they ought to sentence them to 6 months with nothing but a "Pong" game and a black & white monitor & local tv channels.

 

There are actually at least two varieties of exploit for this DCOM/RPC problem. The patch on Microsoft's website only fixes the problem for one of them on Windows 2000. It seems to be more effective on XP. If you have Windows 2000, MS recommends checking and securing certain TCP/IP ports via a firewall. Sorry, I can't remember for sure which ones. This could be either a software or hardware firewall.

This one could be pretty serious if you have anything on your machine that you don't want somebody getting a hold of. On corporate machines, it could allow someone to take control remotely with the rights of the person logged on to the machine.

 

This stuff about some buffoon being able to get into my pc and do some serious damage gives me the ******. I'm about ready to go remember how to operate a pencil and paper (input/output devices) and an abacus (central processing unit) and unplug my machine and use it as a paper weight. Any of you senior engineers out there willing to give tutorials on how to use a slide rule?

 

Our corporate IT group just put this out this morning:

The W32Blaster Virus is infecting PCs. You may experience "SVC host.exe" application errors.

They say some computers become slow to respond and some will not run common applications.
(No solutions yet, they are working on it)

FWIW,
Rob

 

The patch posted above kicked it's sorry behind. ;D
No shutdowns since downloading patch. ;D

 

Funny (or not, actually) I had this problem last night. Ran Norton on it three times, Ad aware, SpyBot, and anything else I could think of. Tried, unsuccessfully, to get a hold of Microsoft (now I know why) and then Dell. Finally got some guy at Dell on the 20th try, and he had me turn off the Remote Procedure Call (RPC). Now that I know what it is (heard it on the news this morning) I'll go home, download the hotfix, and turn the RPC back on.

What an idiot. I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.

 

You know you've got it when a 60 second shutdown timer pops up on your screen. The virus uses the RPC vulnerability. It looks like it's reaching critical mass today. Luckily, it's an easy one to stop: Download this security update. Once you've installed that patch, go here and download the removal tool.

http://www.microsoft.com/technet/tre...n/ms03-010.asp

http://securityresponse.symantec.com...ster.worm.html

 

[quote author=Cowhand link=board=10;threadid=18290;start=0#msg171567 date=1060706212]
I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.
[/quote]

IMHO, I would not base my decision to purchase a computer based on tech support or price. I would base it on reliability. (Not software but hardware relibality, you will see why later.) All we use at work are Dell computers, from the 500+ desktops to the 80+ servers and 50+ laptops. We have had the least amount of trouble, hardware wise, from Dell.

 

Ditto that. We've got about 180 Dell desktops at my jobsite and all have been basically trouble free.

 

Our offices switched from Micron, to Dell, and now just changed to Gateway,
(they make commoooters)