M
MAS
Remote Procedure Call (RPC) service terminated
unexpectedly
unexpectedly
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
C
Chris Lanier
You have got a virus, removal info at...
http://www.kellys-korner-xp.com/xp_qr.htm#rpc
More info about the worm:
http://www.microsoft.com/security/incident/blast.asp
More info about the worm:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
http://www.kellys-korner-xp.com/xp_qr.htm#rpc
More info about the worm:
http://www.microsoft.com/security/incident/blast.asp
More info about the worm:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
G
Gary Davis
Its incredible people still are getting the Blaster virus!
M
Malvern
From what I read, only two things will kill the thing; neither are probablyGary Davis said:Its incredible people still are getting the Blaster virus!
realistic. Either EVERY computer has the patch installed or EVERY computer
without the patch has a firewall properly configured and activated. A more
distant solution is a new edition of Windows xp with the problem solved in
the programming.
K
Ken Briscoe
No, what's incredible is they still don't know about the blaster worm.Gary Davis said:Its incredible people still are getting the Blaster virus!
G
Gordon Burgess-Parker
Ken said:No, what's incredible is they still don't know about the blaster worm.
What's even more incredible is that people don't do ANY reasearch at ALL
before posting.
M
Maureen Goldman
MAS said:Remote Procedure Call (RPC) service terminated
unexpectedly
No, it's the msblaster worm.
http://www.microsoft.com/security/incident/blast.asp
D
davetest
What's even more incredible is that MS shippied XP with the firewallWhat's even more incredible is that people don't do ANY reasearch at ALL
before posting.
turned off. Many computer users are first time users and
unsophisticated. They are just getting nailed by this and similar
malware.
Microsoft could have considered this dynamic with it's release of XP,
instead of leaving people wide-open to Netbios and messenger port
attacks.
Dave
G
Gordon Burgess-Parker
davetest said:What's even more incredible is that MS shippied XP with the firewall
turned off.
Well it's interesting you should say that - I've been having some trouble
lately with my ISP and I've been deleting and re-creating dial up
connections and I've noticed that in fact the firewall is ON by default
because as I run ZoneAlarm, I have had to specifically turn it off!
R
R. McCarty
SP2 will have a new version Firewall , both incoming and outgoing
traffic control. Also, it will be enabled by "Default."
traffic control. Also, it will be enabled by "Default."
D
davetest
It's my understanding XP was recently chnaged.Well it's interesting you should say that - I've been having some trouble
lately with my ISP and I've been deleting and re-creating dial up
connections and I've noticed that in fact the firewall is ON by default
because as I run ZoneAlarm, I have had to specifically turn it off!
The firewall was apparently off when it first shipped.
I don't mean to make a big deal about it, but I really don't
understand MS's philiosophy on this and related issues.
Dave
G
Gordon Burgess-Parker
davetest said:It's my understanding XP was recently chnaged.
The firewall was apparently off when it first shipped.
I don't mean to make a big deal about it, but I really don't
understand MS's philiosophy on this and related issues.
Dave
No, it does seem odd, I agree - and my XP installation is nearly a year old
now as well.....
K
Ken Blake
In
You have the MSBlaster worm. To remove it, do the following:
The following instructions are in three parts
1. Stop it from running
2. Remove it from your system
3. Make sure it doesn't come back
Before beginning, if you have an always-on internet connection,
it's a good idea to disconnect it.
1. Stop it from running
Press Ctrl-Alt-Delete to bring up the Task Manager, then on the
Processes tab, click msblast.exe and then "End process." Reply
"Yes" to the warning message that comes up.
This stops the worm from running, so your system will not shut
down. However, it doesn't remove it, and if that's all you do, it
will start up again the next time you boot.
***
2. Remove it from your system
a. Start the registry editor program, regedit, by going to Start
| Run, and typing REGEDIT
Navigate to HKEY_Local_Machine\Software\Microsoft\Windows\Current
Version\Run by clicking the plus signs next to each of the
folders in the left hand pane. When you get to the last of them,
Run, click the word Run itself.
Find an entry called "Windows Auto Update" on the right side.
Right-click it and delete it.
b. Do a Windows search for msblast, and delete all files found.
The worm is now gone, and won't start again the next time you
boot. But if that's all you do, you can get reinfected just as
you did the first time.
***
3. Make sure it doesn't come back
a. Make sure you're running a firewall that prevents worms like
this from getting in. You can enable the built-in Windows XP
firewall, or download and install another one such as the free
version of ZoneAlarm. To enable the built-in firewall, go to
Control Panel, double-click Networking and Internet Connections,
then click Network Connections. Right-click your connection, then
click Properties, and on the Advanced tab, click the option
"Protect my computer and network..."
b. If you've disconnected your internet connection, reconnect it.
Download and install the Microsoft patch at
http://download.microsoft.com/downl...e-b7a52a983f01/WindowsXP-KB823980-x86-ENU.exe
That will remove the vulnerability that the worm exploits.
c. Be sure you are running an anti-virus program, and that you
regularly download the latest updated virus definitions.
MAS said:Remote Procedure Call (RPC) service terminated
unexpectedly
You have the MSBlaster worm. To remove it, do the following:
The following instructions are in three parts
1. Stop it from running
2. Remove it from your system
3. Make sure it doesn't come back
Before beginning, if you have an always-on internet connection,
it's a good idea to disconnect it.
1. Stop it from running
Press Ctrl-Alt-Delete to bring up the Task Manager, then on the
Processes tab, click msblast.exe and then "End process." Reply
"Yes" to the warning message that comes up.
This stops the worm from running, so your system will not shut
down. However, it doesn't remove it, and if that's all you do, it
will start up again the next time you boot.
***
2. Remove it from your system
a. Start the registry editor program, regedit, by going to Start
| Run, and typing REGEDIT
Navigate to HKEY_Local_Machine\Software\Microsoft\Windows\Current
Version\Run by clicking the plus signs next to each of the
folders in the left hand pane. When you get to the last of them,
Run, click the word Run itself.
Find an entry called "Windows Auto Update" on the right side.
Right-click it and delete it.
b. Do a Windows search for msblast, and delete all files found.
The worm is now gone, and won't start again the next time you
boot. But if that's all you do, you can get reinfected just as
you did the first time.
***
3. Make sure it doesn't come back
a. Make sure you're running a firewall that prevents worms like
this from getting in. You can enable the built-in Windows XP
firewall, or download and install another one such as the free
version of ZoneAlarm. To enable the built-in firewall, go to
Control Panel, double-click Networking and Internet Connections,
then click Network Connections. Right-click your connection, then
click Properties, and on the Advanced tab, click the option
"Protect my computer and network..."
b. If you've disconnected your internet connection, reconnect it.
Download and install the Microsoft patch at
http://download.microsoft.com/downl...e-b7a52a983f01/WindowsXP-KB823980-x86-ENU.exe
That will remove the vulnerability that the worm exploits.
c. Be sure you are running an anti-virus program, and that you
regularly download the latest updated virus definitions.
S
Steve Nielsen
I'd reverse the order of steps 2 and 3. If you don't prevent before
removing the worm you will just get re-infected again before you can
install a firewall or patch.
Steve
removing the worm you will just get re-infected again before you can
install a firewall or patch.
Steve
S
Steve Nielsen
Well, you have to take into account that open ports are there for
functionality and ANY of them can be exploited in some way or other.
Also remember that vulnerabilities are generally not known until AFTER
they are exploited. I don't think MS can be blamed for these things, but
it is my opinion that future Windows releases should ship with more
protection capabilities built in, like virus protection. Heck, they did
that back in the DOS days for a while.
Steve
functionality and ANY of them can be exploited in some way or other.
Also remember that vulnerabilities are generally not known until AFTER
they are exploited. I don't think MS can be blamed for these things, but
it is my opinion that future Windows releases should ship with more
protection capabilities built in, like virus protection. Heck, they did
that back in the DOS days for a while.
Steve
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.