AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Hardware > CRASHED!

CRASHED! A topic for SEVERE and immediate Hardware and Operating System FAILURES. We will try to get you up again. NOT for Optimization questions!


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 12th August, 2003, 04:41 AM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

New virus?

Has anybody had any problems with the RPC on their xp?
I've gotten an error message regarding this and my computer restarted itself.
I wouldn't think too much into it, except that two of my friends have had the exact same thing happen to them, one running xp home (came with the compaq she bought) and I'm not sure about the other. I'm running xp pro.
If I can, I'll grab a screenie of it and post it for you all to see.
It's pi$$ing me off to no end and it's only just begun.
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 12th August, 2003, 04:50 AM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

Oh, can't copy/paste, which is another thing that was happening with my friends' computers....and I updated my AVG and continue to get a message saying that my database is too old, yet shows it as being updated only today. :S
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 12th August, 2003, 05:01 AM
cloasters's Avatar
Asst. BBS Administrator
 
Join Date: September 2001
Location: Location, Location
Posts: 21,871

There aren't any new "Critical Updates" at World Domination Central. Right, like MS knows something? A pal said that his Comcast(formerly AT&T Cable) connection was gonesville today. Something about "problems with Win2K and XP" reported from Comcast.

BBBBB won't rest until your problem is fixed, have no doubt.
__________________
When the world will be better.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 12th August, 2003, 05:49 AM
Staz's Avatar
Member/Contributer
 
Join Date: June 2002
Location: Lafayette LA
Posts: 3,241
Send a message via Yahoo to Staz

Is this what you are experiancing betty?
__________________
How come whenever I have a 50/50 chance I'm wrong 80% of the time?

What goes in a computer? Click me to find out.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 12th August, 2003, 08:37 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Betty, is there a firewall between you and the internet? If not, disconnect your machine from the internet!

On another machine (IE, a safe one) follow the link that Staz provided, and download the patch. It should fit on a floppy as it's only 1.2Mb in size.

Install it! Do the same for your friends. RPC is a critical part of Windows that affects just about everything on a windows box.

The problem you've having with RPC is due to a great big wide open hole in the way that RPC works. There is at least one worm that uses the RPC hole to distribute itself, and there's countless programs that'll blow RPC up quite happily. This issue affects Windows NT/2000/XP and 2003!
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 12th August, 2003, 04:52 PM
barneygumble742's Avatar
Member
 
Join Date: June 2003
Posts: 397
Send a message via AIM to barneygumble742 Send a message via Yahoo to barneygumble742

Talking

i had EXACTLY the same problem as betty yesterday. i even thought there was something wrong with xp so i formatted and installed xp, which isn't that big of a deal to me. but that kept on happening after the fresh install.

so i went to the windowsupdate.com site and downloaded ALL the critical updates and patches available. note: before i got the update and patches, i did not have ANY previous updates/patches. so i can't really tell which specific patch it is.

after doing this, i read on slashdot that its a RPC DCOM worm infecting win2k servers. also read on cnn.com that this worm was expected in mid july and affects winxp (home and pro).

after i got the updates, i have not had any problems with xp. and i started freakin' out because in my 10+ years with computers, this is the first time i got affected by a worm/virus.

hope it helps,
barneygumble742
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 12th August, 2003, 05:14 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,605

Hi Aedan! Is this download available on the windows update site? i.e. If I have all the updates for 2000 pro, am I reasonably protected?
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 12th August, 2003, 05:54 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Yes, Windows Update includes this particular patch.

Personally, I'd rather not connect a vulnerable machine to the internet, even if it is to patch a known problem. I'd rather get the patch seperately, apply it to the machine, and then connect to the internet.

That way, you don't have to worry about wierd things happening as you're trying to patch your machine. Worst case, it could leave the machine in an unusuable state!
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 12th August, 2003, 06:11 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,605

Thanks and understood! How long must we wait to learn the nature of the security hole in the fix!":O}
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 12th August, 2003, 06:32 PM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

Alrighty, thanks for the info.
I dropped by my friends' computer store and they're swamped with work in regards to this issue.
So many businesses and individual users here in my home town were hit. Many had firewalls or were behind a router and still got hit.
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 12th August, 2003, 06:40 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,605

Looks like this might be a bad one!
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 12th August, 2003, 07:18 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Quote:
Originally Posted by Betty
So many businesses and individual users here in my home town were hit. Many had firewalls or were behind a router and still got hit.
Sounds like firewalls/routers might have been misconfigured to be honest. I've noticed that some firewall/router boxes will allow data back in a port if the computer behind them ever sent data out of that port. Unfortunately, there are a number of ports that should never be open to the internet for various reasons. Thanks to MS, those ports are very easy to take advantage of.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #13 (permalink)  
Old 12th August, 2003, 08:52 PM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

Quote:
Originally Posted by Staz
Is this what you are experiancing betty?
I downloaded the one for win2k for a friend (fresh install) it says that he has to have a minimum of service pack 2 installed...I tried for service pack 4, it didn't like it at the install. grr. I'm trying to get sp 1 and then work my way up, although, I doubt that will make any difference.
I also installed sygate on his machine.
The avg site seems to be working only intermittently. so, as of yet, he's got no anti-virus...I'm reluctant to install norton (I hate norton).
Any advice?

*edit* this machine is fixed...onto the next problem
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!

Last edited by Betty; 13th August, 2003 at 08:31 PM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #14 (permalink)  
Old 12th August, 2003, 10:09 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

If a vulnerable system gets hit during the install of a service pack, it'll probably stop the install. Basically, RPC is an important part of windows, and without it very little works!
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #15 (permalink)  
Old 12th August, 2003, 10:52 PM
Veky's Avatar
Member
 
Join Date: June 2003
Location: Croatia
Posts: 269
Send a message via ICQ to Veky Send a message via AIM to Veky Send a message via MSN to Veky Send a message via Yahoo to Veky

It's a global attack, everyone without the security patch was infected.

Symantec released a cleaning utility:

http://securityresponse.symantec.com...oval.tool.html
__________________
Epox 8RDA3+ Pro
AthlonXP-M 2500+ @ 2.45GHz (11 x 225)
2 x 1024MB PC3200 Geil Value
PNY GeForce 6800GT
Seagate 250GB SATA
Tagan 430W PSU
Windows XP SP2
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #16 (permalink)  
Old 13th August, 2003, 06:27 AM
funnyperson1's Avatar
Member
 
Join Date: September 2002
Location: Blacksburg, VA aka Vtech
Posts: 592
Send a message via AIM to funnyperson1

if your system is shutting down and you want to temporarily stop it so you can download the patch then:

start->run
Then run cmd or command.exe in 98.
At the prompt type in shutdown -a and it should stop the shutdown process .
__________________
Biostar TForce550
A64 X2 3600+ (65nm)@2.9 (1.4V)
TR Ultra 90
2GB Crucial Ballistix 6400@ DDR2 1000 C5
Geforce 7900GS
2x160gig hdd with WinXP, Vista, and Ubuntu
member of FOLDING@HOME team 32
Latitude D620 with XP, Ubuntu Gutsy Gibbon
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #17 (permalink)  
Old 13th August, 2003, 08:31 PM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

alrighty, more problems.
My friend has a compaq with the blaster worm. the worm is cleaned out, but it's still malfunctioning, I can't get the rpc started and I can't install the patch because of it. I also can't seem to install a firewall of any sort and the removal tool has consistently shown the computer free of the worm and avg shows no viruses/worms/trojans on the machine.
Can I repair this without having to run the windows xp repair....there's an admin password on the machine that wasn't put there by my friend or any family member (apparently the store she bought it from took the liberty of adding an admin password or compaq did?)

Advice please!!
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #18 (permalink)  
Old 14th August, 2003, 12:01 AM
Jazz's Avatar
Member/Contributer
 
Join Date: December 2001
Location: St. Louis
Posts: 1,105
Send a message via ICQ to Jazz Send a message via AIM to Jazz

Betty try nothing for the password. Ive found that that is the most common compaq password.
__________________
AOA Team fah
"Remember there is a time to pray and there is a time to fight, anything can be a weapon if you are holding it right "
Never be afraid to try something new. Remember, amateurs built the ark. Professionals built the Titanic.
"Folding protiens and taking names"
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #19 (permalink)  
Old 14th August, 2003, 12:23 AM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,605

Remove the new password! It's my understanding that the creation of a new Admin password lies within the capabilities of the virus.

I'd try Norton's remover. If that fails, you may have to reformat and reinstall.
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #20 (permalink)  
Old 14th August, 2003, 06:41 AM
Betty's Avatar
Member/Contributer
 
Join Date: September 2001
Location: Port Alberni, B.C., Canada
Posts: 3,668
Send a message via ICQ to Betty Send a message via MSN to Betty

Quote:
Originally Posted by Daniel ~
Remove the new password! It's my understanding that the creation of a new Admin password lies within the capabilities of the virus.

I'd try Norton's remover. If that fails, you may have to reformat and reinstall.
Okay, when I had to stop working on her machine to go to work I had run compaq's own stupid system recovery thing and apparently the services are re-enabled, but...it's still all buggy....I'm picking the machine up to take home to fix tomorrow after work.
I'll keep you all updated and holler for help some more, I'm sure.

*side note*
I did try nothing for the password...no go. when I talked to the guy that worked at the store that sold her the pos, he was very reluctant to give advice or tell me how to run comcrap's system recovery.
__________________
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, wine in the other, body thoroughly used up, totally worn out and screaming... Boy, What a ride!!
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Need virus help... Smoney22 Data Security 1 18th December, 2006 12:16 AM
Can you say...virus? Logan Data Security 5 17th November, 2005 04:47 PM
Virus Help ! way2slo Data Security 2 30th April, 2003 09:48 PM
Another virus Uncle Bob Mookydooky's Just for laughs! 7 29th June, 2002 03:55 PM


All times are GMT +1. The time now is 04:18 PM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0