Menu
What's new
By:
Filters

RPC Shutdown Virus

Hexidecimal

Hexidecimal

Emutalk Bounty Hunter.
ISS X-Force has captured active samples of an automated Internet worm that propagates via the MS RPC DCOM vulnerability documented in ISS X-Force Alert titled "Flaw in Microsoft Windows RPC Implementation" (http://xforce.iss.net/xforce/alerts/id/147).
This worm is currently propagating aggressively across the Internet.

Now supposedly, this is not a virus, but I have my doubts.

Microsoft has released this patch, which solves the problem.

What happens is a box pops up saying NT AUTHORITY/SYSTEM has caused the Remote Procedure Call to end unexpextedly and shuts down the computer after a 1 minute countdown.

This is apparently not a small thing, as my computer was affacted, then another computer in my household was affected, I have 2 reports, one of my friends did the same thing, and another computer he put XP on did it as well, I highly recommend getting this patch to avoid any problems.

This error tends to occur when using Internet Explorer.

the word this is the link, incase you missed it.
 
OP
Hexidecimal

Hexidecimal

Emutalk Bounty Hunter.
Norton users also want to update their definition and give the c:/windows/system 32 directory a scan, the worm is called msblast.exe, and the patch just stops it, doesn't delete it.
 
Tagrineth

Tagrineth

Dragony thingy
I had the problem while connected to IRC... got it three times in a row (didn't know you could save it at the time, so I let it restart thinking it was a fluke).

After three, I knew something was wrong, so I didn't open mIRC and just ran Windows Update.

I didn't get the problem that time... and haven't since. :)
 
Remote

Remote

Active member
Moderator
I've had probaly over a 100 attempts to connect to my comp but luckily I use protection, and when things like this happen it's a shame that some people didn't... :p
 
R

ra5555

N64 Newbie
lol just got my new notebook yesterday, connected to the lan using my cable onnection no prob. Log on to windows update, and then it said something like RPC shut down in one minute. I went WTF? then I rebooted went to windows update again, same thing happened. So I thought it's just windows update, lolz and then the third time, I connected to the internet, the PRC came again. After that, I quickly installed my firewall and it never happened again. Already cleaned the virus using PC-cillin. Man I am sad, getting a virus on the computer in the first day. :p
 
M

My95ZR2

New member
When I installed XP Pro, as soon as I got logged on, I got one of those annoying Messanger pop-up ads...Zone Alarms fixed that problem...

Adam
 
C

Chibi Nick

Emutalk Member
Hexidecimal said:
Norton users also want to update their definition and give the c:/windows/system 32 directory a scan, the worm is called msblast.exe, and the patch just stops it, doesn't delete it.
Click to expand...
I updated my definitions and stuff and it didn't find anything

Then I tried that tool to get rid of it (norton released it) and it said I didn't have it :getlost:

Soooo I dno wtf is up with that, but the patch fixed it so I don't really care :/
 
David_Hayter

David_Hayter

!
Damn!!!

Just got online with my notepad opened before the RCP window would appear!!!! I was just gonna post this exact problem Im having since yesterday... thx for the link to the patch, hope it works...
 
flow``

flow``

flow``
it got me.. well my mom's pc (go figure) and of course hooked onto me i assume..

did a nice synchronized format of both our pc's and threw on MS server 2k3 trial for the hell of it (just to run the latest and greatest)

both are up and running, with f-secure antivirus since norton is gay and doesnt like 2k3 anyway.
 
You must log in or register to reply here.

Top