Computer gurus.
08-11-2003, 09:39 PM
#1
Administrator / Scooter Bum
Thread Starter
Computer gurus.
Ever see this before?
Computer has shut down with error message stating:
"NT Authority / System"
"Remote Procedure Call Service Terminated Unexpededly".
This starts a 60 second countdown until the computer shuts down then comes back on (reboot?)
Just started happening yesterday, now this pops up every hour or so and shuts me down.
Already performed an AdAware scan and found & dumped 34 Spyware files, then a McAffee virus scan and found 1 file "Exploit-DcomRpc" which McAffee states is a Retina-Scan file,... Quarenteened it.
Anybody seen this before? ???
I'll check in the AM for updates.
Thanks.
Ed
Computer has shut down with error message stating:
"NT Authority / System"
"Remote Procedure Call Service Terminated Unexpededly".
This starts a 60 second countdown until the computer shuts down then comes back on (reboot?)
Just started happening yesterday, now this pops up every hour or so and shuts me down.
Already performed an AdAware scan and found & dumped 34 Spyware files, then a McAffee virus scan and found 1 file "Exploit-DcomRpc" which McAffee states is a Retina-Scan file,... Quarenteened it.
Anybody seen this before? ???
I'll check in the AM for updates.
Thanks.
Ed
08-11-2003, 10:20 PM
#2
Administrator
Join Date: Aug 2001
Location: Disputanta, Virginia
Posts: 3,529
Likes: 0
Received 2 Likes
on
2 Posts
Re:Computer gurus.
Hey Ed,
I just sent ya a PM to tell ya that my work partner's home PC started getting the same error messages and their daughter's is getting them too. He thinks that she said it has something to do with a Microsoft problem and their ISP said to contact MS to get a patch to install.
It is only happening on Windows 2000 and Windows XP according to the info she has gotten so far.
Hope this helps,
I just sent ya a PM to tell ya that my work partner's home PC started getting the same error messages and their daughter's is getting them too. He thinks that she said it has something to do with a Microsoft problem and their ISP said to contact MS to get a patch to install.
It is only happening on Windows 2000 and Windows XP according to the info she has gotten so far.
Hope this helps,
08-11-2003, 10:27 PM
#3
It's my pot and I'll stir it if I want to. If you're not careful, I'll stir your's as well!
Re:Computer gurus.
I saw a news item today that mentioned the latest virus and it does exactly what you are describing. Have you done a full system virus scan today?
08-11-2003, 11:57 PM
#4
Registered User
Join Date: Dec 2002
Posts: 12
Likes: 0
Received 0 Likes
on
0 Posts
Re:Computer gurus.
http://www.cert.org/advisories/CA-2003-19.html
http://support.microsoft.com/?kbid=823980
The top link is the CERT article on this. Think of CERT as the international computer police.
The second link is to the Microsoft article on this. Choose the patch appropriate to your operating system.
Short story there is a flaw in some software on your PC that people (hackers) are trying to take advantage of. If you are behind a firewall you should be OK. If not, your in trouble. The patch above is very important so apply it.
http://securityresponse.symantec.com...ster.worm.html
This link is the current virus/worm using this hole in your computer to try and attack you.
I have not applied this patch myself yet to correct this problem. It might NOT fix it, but it won't hurt. I personally believe it will fix it. Please let me know your experience.
Also, as a side note, if you have a cable modem or DSL, do yourself a favor and buy one of those $100 Linksys or Netgear firewalls. That type of device will protect you from this type of attack. (provided it configured right)
-Tom
Yeah.. I guess I'm a computer guru.
http://support.microsoft.com/?kbid=823980
The top link is the CERT article on this. Think of CERT as the international computer police.
The second link is to the Microsoft article on this. Choose the patch appropriate to your operating system.
Short story there is a flaw in some software on your PC that people (hackers) are trying to take advantage of. If you are behind a firewall you should be OK. If not, your in trouble. The patch above is very important so apply it.
http://securityresponse.symantec.com...ster.worm.html
This link is the current virus/worm using this hole in your computer to try and attack you.
I have not applied this patch myself yet to correct this problem. It might NOT fix it, but it won't hurt. I personally believe it will fix it. Please let me know your experience.
Also, as a side note, if you have a cable modem or DSL, do yourself a favor and buy one of those $100 Linksys or Netgear firewalls. That type of device will protect you from this type of attack. (provided it configured right)
-Tom
Yeah.. I guess I'm a computer guru.
08-12-2003, 12:37 AM
#5
Administrator
Join Date: Aug 2001
Location: Disputanta, Virginia
Posts: 3,529
Likes: 0
Received 2 Likes
on
2 Posts
Re:Computer gurus.
Thanks Tom,
I sent a copy of your post to my fellow worker so he can give it to his wife and daughter. I guess since I'm using the old antique Windows 98 on a dial-up at home and the PC's at work are behind all sorts of firewalls, bells and whistles ,,,,,,,, I don't have to worry about it. :
however,,, I will look into it.
Thanks again! ;D
Dennis
I sent a copy of your post to my fellow worker so he can give it to his wife and daughter. I guess since I'm using the old antique Windows 98 on a dial-up at home and the PC's at work are behind all sorts of firewalls, bells and whistles ,,,,,,,, I don't have to worry about it. :
however,,, I will look into it.Thanks again! ;D
Dennis
08-12-2003, 05:30 AM
#6
Administrator / Scooter Bum
Thread Starter
Re:Computer gurus.
Thanks for the replys. ;D
I'm running XP.
Did the "Patch" this AM, now waiting to see if that takes care of it.
Saw an article in this morning's Washington Post Business section that said there's a "bug" going around.
Wondering why these PITA geeks can't find something better to do than sit around the house all day trying to hose somebody's computer. :
When they catch them they ought to sentence them to 6 months with nothing but a "Pong" game and a black & white monitor & local tv channels.
I'm running XP.
Did the "Patch" this AM, now waiting to see if that takes care of it.
Saw an article in this morning's Washington Post Business section that said there's a "bug" going around.
Wondering why these PITA geeks can't find something better to do than sit around the house all day trying to hose somebody's computer. :
When they catch them they ought to sentence them to 6 months with nothing but a "Pong" game and a black & white monitor & local tv channels.
08-12-2003, 05:49 AM
#7
Registered User
Join Date: Jun 2002
Location: Kansas City & Maysville, MO
Posts: 811
Likes: 0
Received 1 Like
on
1 Post
Re:Computer gurus.
There are actually at least two varieties of exploit for this DCOM/RPC problem. The patch on Microsoft's website only fixes the problem for one of them on Windows 2000. It seems to be more effective on XP. If you have Windows 2000, MS recommends checking and securing certain TCP/IP ports via a firewall. Sorry, I can't remember for sure which ones. This could be either a software or hardware firewall.
This one could be pretty serious if you have anything on your machine that you don't want somebody getting a hold of. On corporate machines, it could allow someone to take control remotely with the rights of the person logged on to the machine.
This one could be pretty serious if you have anything on your machine that you don't want somebody getting a hold of. On corporate machines, it could allow someone to take control remotely with the rights of the person logged on to the machine.
Trending Topics
08-12-2003, 06:44 AM
#8
Registered User
Join Date: Feb 2003
Location: McKinney, TEXAS
Posts: 1,747
Likes: 0
Received 0 Likes
on
0 Posts
Re:Computer gurus.
This stuff about some buffoon being able to get into my pc and do some serious damage gives me the ******. I'm about ready to go remember how to operate a pencil and paper (input/output devices) and an abacus (central processing unit) and unplug my machine and use it as a paper weight. Any of you senior engineers out there willing to give tutorials on how to use a slide rule?
08-12-2003, 07:44 AM
#9
Registered User
Join Date: Feb 2003
Location: McKinney, TEXAS
Posts: 1,747
Likes: 0
Received 0 Likes
on
0 Posts
Re:Computer gurus.
Our corporate IT group just put this out this morning:
The W32Blaster Virus is infecting PCs. You may experience "SVC host.exe" application errors.
They say some computers become slow to respond and some will not run common applications.
(No solutions yet, they are working on it)
FWIW,
Rob
The W32Blaster Virus is infecting PCs. You may experience "SVC host.exe" application errors.
They say some computers become slow to respond and some will not run common applications.
(No solutions yet, they are working on it)
FWIW,
Rob
08-12-2003, 11:36 AM
#11
Registered User
Join Date: May 2003
Location: The 951-Flatbill center of the universe
Posts: 1,515
Likes: 0
Received 0 Likes
on
0 Posts
Re:Computer gurus.
Funny (or not, actually) I had this problem last night. Ran Norton on it three times, Ad aware, SpyBot, and anything else I could think of. Tried, unsuccessfully, to get a hold of Microsoft (now I know why) and then Dell. Finally got some guy at Dell on the 20th try, and he had me turn off the Remote Procedure Call (RPC). Now that I know what it is (heard it on the news this morning) I'll go home, download the hotfix, and turn the RPC back on.
What an idiot. I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.
What an idiot. I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.
08-12-2003, 12:08 PM
#12
Registered User
Re:Computer gurus.
You know you've got it when a 60 second shutdown timer pops up on your screen. The virus uses the RPC vulnerability. It looks like it's reaching critical mass today. Luckily, it's an easy one to stop: Download this security update. Once you've installed that patch, go here and download the removal tool.
http://www.microsoft.com/technet/tre...n/ms03-010.asp
http://securityresponse.symantec.com...ster.worm.html
http://www.microsoft.com/technet/tre...n/ms03-010.asp
http://securityresponse.symantec.com...ster.worm.html
08-12-2003, 02:42 PM
#13
Registered User
Join Date: Jun 2003
Location: Milwaukee, WI
Posts: 18
Likes: 0
Received 0 Likes
on
0 Posts
Re:Computer gurus.
[quote author=Cowhand link=board=10;threadid=18290;start=0#msg171567 date=1060706212]
I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.
[/quote]
IMHO, I would not base my decision to purchase a computer based on tech support or price. I would base it on reliability. (Not software but hardware relibality, you will see why later.) All we use at work are Dell computers, from the 500+ desktops to the 80+ servers and 50+ laptops. We have had the least amount of trouble, hardware wise, from Dell.
I love my Dell, got a great deal on it, but their tech support sucks. If you can understand the guy on the other end. If not, it REALLY sucks.
[/quote]
IMHO, I would not base my decision to purchase a computer based on tech support or price. I would base it on reliability. (Not software but hardware relibality, you will see why later.) All we use at work are Dell computers, from the 500+ desktops to the 80+ servers and 50+ laptops. We have had the least amount of trouble, hardware wise, from Dell.
