REMOTE PROCEDURE CALL (RPC)

[Microsoft]

Greetings

While operating XP, I get this automatic shut down warning by NT authority -
Remote Procedure Call. And the PC reboots.

Thanx for advice in advance.

nazar hayat

 

[Kelly]

That is an old one:

To stop the reboots: Go to Start/Run and type in: services.msc. Scroll down
to Remote Procedure Call (RPC)/Recovery/First Failure/Restart the Service.
Or go to Start/Run/CMD and type in: shutdown -a.

Close Windows Explorer, run the edit on line 257 which includes the prompt
for the patch once your system has been cleaned.

This script removes all variants of the W32.Blaster.Worm (original, B, C, D,
E and F) and will inform you whether or not the patch is already installed.
http://www.kellys-korner-xp.com/xp_tweaks.htm. Direct download:
http://www.kellys-korner-xp.com/regs_edits/msblast.vbs

More information here:

W32.Blaster.Worm
http://www.kellys-korner-xp.com/xp_qr.htm#rpc

MS Blaster Tool: http://tinyurl.com/3h8kw

While you are at it:

W32.Sasser Removal Tool (Line 321) Right hand side)
http://www.kellys-korner-xp.com/xp_tweaks.htm

Also, run the cleaners mentioned here:
Cleaning Up XP: http://www.kellys-korner-xp.com/xp_c.htm#cleanup

 

[Brian]

Even better: Go to Windows Update and get all the appropriate updates.

 

[Microsoft]

Greeting

Thanx.

Deeply appreciate.

nazar

 

[Bruce Chambers]

Greetings --

If you connected the PC to the Internet without having first
enabled a firewall, without having first installed an antivirus
application with current virus definition files, and before installing
the KB828471 Hotfix, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms. It only takes a few seconds of
exposure.

To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.

MS04-012 Cumulative Update for Microsoft RPC-DCOM
http://support.microsoft.com/default.aspx?scid=kb;en-us;828741

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html

W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html

W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html

McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[Microsoft Gump XP]

"Bruce Chambers" <[email protected]> asked "what's the
sound of one hand clapping?", and I said it's a bit like this:

If you connected the PC to the Internet without having first
enabled a firewall, without having first installed an antivirus
application with current virus definition files, and before installing
the KB828471 Hotfix, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms. It only takes a few seconds of
exposure.

That's a fact. It happened to me last week. I reinstalled the OS and
went on line to test my modem. I wasn't on for more than a couple of
minutes and I got the system reboot thing. It was a pain in the ass. I
couldn't run NortonAV or any of the Windows patches after. I had to
reinstall the OS again (and all the drivers and my programs and
stuff)!! It broke my heart.

First thing I did when I reinstalled the second time is install the
Microsoft patch, then the Norton stuff and get them updated.

Will we ever see a day when Microsoft produce a truly secure OS?

Considering how secure they *promised* XP to be, it seems the viruses
and worms out these days are worse than anything I've experienced with
Windows 9x..


- Dave -
- Remove 123456 to email -
- Ich Bin Ein Irelander -

 

[Bruce Chambers]

Greetings --

Well, since this specific threat has been well-known and widely
publicized for at least a year, and a patch to fix the vulnerability
for even longer, not to mention the fact that WinXP comes with a
built-in firewall that could (and should) have enabled _before_ the
computer was connected to the Internet, I really don't see how you've
anyone to blame but yourself. (Nor war another reinstallation at all
necessary, this worm is easily removed.)

No OS is 100% secure, nor will there ever be one.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[Hilary Karp]

Geez, I don't understand it. When will they make sex safe. I only had
unprotected sex for a few minutes and I caught all kinds of nasties.

Going online w/o a firewall active is like unprotected sex. You are
asking for it. Any having a firewall is just one measure that is not
always 100% effective. It takes the combination of a good up to date
AV, running spyware cleaning programs, a firewall and most of all safe
browsing and safe hex. You can't be stickin your thing into whatever
you want and expect no problems. The most important line of defense is
the user, acting with common sense and knowledge. And there was no
reason to have to reinstall the OS to repair the Blaster infection.

Microsoft Gump XP wrote: