-
June 1st, 2004, 07:18 PM
#1
Junior Member
calling Remote Procedure Call and Shutting down system automatically
whenever i'm using internet through window's XP through dail-up connection, it connects the server but after one minute a massage flashed "Window NT Authorization calling Remote Procedure Call and a timer starts to shut down the system) with in 30 seconds the autoshudown process starts.
but whenver i used internet through LAN it works properly .
-
June 1st, 2004, 07:24 PM
#2
Sounds like blaster.... Hit ctrl alt del and see if the process msblaster.exe is running.
-
June 1st, 2004, 07:27 PM
#3
Rmove Blaster with this,
http://securityresponse.symantec.com...oval.tool.html
Then update your XP, use AV and use a firewall when on internet.
Greetz
-
June 1st, 2004, 07:30 PM
#4
go here
Get the no reboot hack. All it is is a bat file that aborts any attempt to shut your computer down. Get the removal tools and patches for both the blaster and the sasser worm off of that page and you'll be good.
note: while the noboot.bat is running you won't be able to shut your computer down if you need to restart after running the patches or removal tools so make sure to close it
-gunder
So much to learn, so little time.
-
June 2nd, 2004, 12:52 AM
#5
Yeah, the reboot hack is basically opening a command prompt and typing 'shutdown -a 9999' or something similar. The two conflict, and your machine doesn't shut down. This should give you enough time to hit Windows Update and get the fixes...
Also, the problem is that this is an exploit that's abused through an RPC hole in lsass.exe (if my sources are correct, there's so many out there!). Not a virus, but a hole. Reason it probably bailed on your LAN is because it couldn't be reached (good thing).
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
June 2nd, 2004, 01:05 AM
#6
Banned
Vorlin ... Now there's a name I haven't seen in quite some time. How are you buddy?
-Quad
-
June 2nd, 2004, 02:48 AM
#7
Originally posted here by SexyBadGirl
Vorlin ... Now there's a name I haven't seen in quite some time. How are you buddy?
-Quad
Haha, nice..good to see another name that I haven't seen in a while! Not too bad, actually, just putzing around, doing more postgresql/php than I've ever imagined. You?
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
June 2nd, 2004, 04:33 AM
#8
control panel---->administrative tools---->services.
scroll down to the first RPC (authorities) entry, right click and select properties. Select the recovery tab and for the first, second and third failures select restart the service instead of restart the computer. That will allow you to remain online long enough to download the removal tool for blaster (msblast.exe) or sasser (avserv2.exe), whichever happens to have infected your system.
Al
It isn't paranoia when you KNOW they're out to get you...
-
June 2nd, 2004, 12:06 PM
#9
Junior Member
eyy... bro...thats no virus...its a winXp bug..try this...go to RUN type SERVICES.MSC look for REMOTE PROCEDURE CALL (RPC) then right click goto PRoperties then goto Revovery
then in 1st Failure choose "Take No Action", 2nd Failure chooose "Take No Action" and
3rd Failure chooose "Take No Action",...
mabuhay...
mang juan
\"pag lingkuran ang sambayanan...\"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|