General discussion

  • Creator
    Topic
  • #2317339

    Continuesly restart…

    Locked

    by dextremejr ·

    I encounter some problem one of my client computer everytime i open the PC, after 2 minutes he always said this, Windows must now restart because (RPC) or Remote Procedure Call terminated unexpectedly, Is there anybody encounter this problem plz tell what to do as of now i don’t let any customer to use those PC… Anybody help me about this, Thanks in Advanced

All Comments

  • Author
    Replies
    • #2738508

      Microsoft Knowledge Base Article 327148

      by maxwell edison ·

      In reply to Continuesly restart…

      Microsoft Knowledge Base Article – 327148

      suggests that you install the latest service pack.

      http://support.microsoft.com/default.aspx?kbid=327148

      or tiny

      http://tinyurl.com/jq34

    • #2738368

      OR…. MS03-026 – sounds like to me…..

      by lordinfidel ·

      In reply to Continuesly restart…

      that you are infected by mblaster

      need to stay up on hotfixes……

      (-;

      http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

      • #2738851

        Reply To: Continuesly restart…

        by joseph moore ·

        In reply to OR…. MS03-026 – sounds like to me…..

        Yep, that is Blaster.

        http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

        or

        http://tinyurl.com/jozm

        And if you want to read up on the development of the exploit (not necessarily the worm creation exactly, but some of the exploit logic) go to http://www.xfocus.org/index.html and look at their Forums. Really interesting.

        • #2738828

          Been reading it since yesterday afternoon

          by lordinfidel ·

          In reply to Reply To: Continuesly restart…

          Tuesday around 1pm est is when the 1st report came in. Some guy on security-basics did not know why his machine kept rebooting and had dcom errors in the log.

          It just goes with my theory, those who practice good security will not get hit with the latest and greatest.

          By simply filtering all of the rpc ports at the permiter stops this thing. Unless of course it morphs into e-mail.

          No one ever learns…. such a shame. I’m sure though people will start blaming M$ even though the patch has been out for a month.

        • #2738763

          meant monday

          by lordinfidel ·

          In reply to Been reading it since yesterday afternoon

          not tuesday, since yesterday was tuesday; and the day before was monday.

          everything is a blur….

          veritigooooooooooooooooooooooooooooooo
          I””’mmmmmm faaaaaalllllliiiiiinnnnnngggggggg

        • #3542646

          Yesterday

          by worlduser ·

          In reply to meant monday

          Sorry, but yesterday was actually Wednesday – for those of you who live underground (the other side of the world) and of course any lurking wooooooooooooooooooooorrmmmmmmmmmmmmmssssssssss! or blurryeyeddizzzzzydonnntknoooooooooooowwwwwwwwwwdaaaaaaaaaaers

    • #3542658

      restart – virus

      by worlduser ·

      In reply to Continuesly restart…

      Warnings from ISPs etc are now appearing.

      “In order to prevent your machine from repeatedly rebooting and you are running the Windows 2000 operating system, please carry out the following:
      How to Configure TCP/IP Security
      To configure TCP/IP security:
      Click Start, point to Settings, click Control Panel, and then double-click Network and Dial-up Connections.
      Right-click the interface on which you want to configure inbound access control, and then click Properties.
      In the Components checked are used by this connection box, click Internet Protocol (TCP/IP), and then click Properties.
      In the Internet Protocol (TCP/IP) Properties dialog box, click Advanced. Click the Options tab.
      Click TCP/IP filtering, and then click Properties.
      Select the Enable TCP/IP Filtering (All adapters) check box. When you select this check box, you enable filtering for all adapters, but you configure the filters on a per-adapter basis. The same filters do not apply to all adapters.
      There are three columns with the following labels:
      TCP Ports
      UDP Ports
      IP Protocols
      In each column, you must select either of the following options:
      Permit All. If you want to permit all packets for TCP or UDP traffic, leave Permit All activated.
      Permit Only. If you want to allow only selected TCP or UDP traffic, click Permit Only, click Add, and then type the appropriate port in the Add Filter dialog box.
      If you want to block all UDP or TCP traffic, click Permit Only, but do not add any port numbers in the UDP Ports or TCP Port column. You cannot block UDP or TCP traffic by selecting Permit Only for IP Protocols and excluding IP protocols 6 and 17.
      For more information please use the following link:
      http://support.microsoft.com/?id=309798

      Good luck

Viewing 2 reply threads