|
|
|
|
| Author |
|
|
Registered
|
OT Computer trouble
getting Generic Host Process for Win32 Services needs to shut down and an RPC error with XP.
Can't recall DL'g anything recent that would cause this. Solutions??? 714 856-1266
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
08-11-2003, 03:02 PM
|
|
|
Registered
|
Oh yes...dial up.
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
|
08-11-2003, 03:08 PM
|
|
|
Registered
Join Date: Jun 2003
Posts: 396
|
I get that damn RPC error too, XP and dial-up..... I seem to have it figured that it has something to do with having too many windows opened, usually when I have 3 open internet windows, is when I'll get the NT/Authority Shutdown in process, due to RPC unexpectedly quiting......
< ------ I was just about to search for this problem..
__________________
Jack 86 Red 951 - Turbo Twists, otherwise stock for now 83 Black 944 w/86 951 front end - still down and out, but coming back slowly. 02 Altima SE 3.5 - grocery go-getter 00 Yellow Ducati Monster 900i.e. 88 Chrysler Conquest TSi |
||
|
08-11-2003, 03:20 PM
|
|
|
Registered
|
Just cleared out a bunch of "junk" in the control panel modem settings. We will see if reducing these will help.
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
|
08-11-2003, 03:38 PM
|
|
|
Registered
|
OK. Seems to be somewhat stable. Probably crash now that I've said that.
Went into Phone and Modem Options / Advanced and got rid of everything except NDIS, TAPI and Unimodem 5 Service Provider (what ever that is). These were the only ones I could not delete!
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
|
08-11-2003, 03:55 PM
|
|
|
Registered
|
I have the same problem.
Topic came up at Rennlist and it seems it is pretty common now with XP. I'm pretty sick of it. |
||
|
08-11-2003, 04:17 PM
|
|
|
|
Registered
|
Clear out the modem thing I mentioned! Seems to be doing OK now.
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
|
08-11-2003, 04:36 PM
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
It could be a few things (RPC means Remote Proceedure Call, BTW).
Are you running any software firewalls? |
||
|
08-11-2003, 04:40 PM
|
|
|
Registered
|
Cleaned out everything I could get to including McAfee 7. Reloaded the Juno front end dialer (can use Netscrape or MS Infernal Exloder after it couples up with their servers).
No Joy. Finally dug into the modem setup and did what I mentioned above. Working now -- for dail up.
__________________
Hugh - So Cal 83 944 Driver Person NOT a 'real' Porsche -- Its Better!!!! When was the last time you changed your timing and balance belts and/or cam chain and tensioner? New Users please add your car's year and model to your signature line! Never break more than you fix! |
||
|
08-11-2003, 05:01 PM
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
Go into task manager, and see if you have "MSBLAST" running.
CTRL + ALT + DEL (once) |
||
|
08-11-2003, 05:07 PM
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
For other people having this problem also
W32.Blaster.Worm
From what I can tell you are likely infected with this worm. Follow the procedure and you should be fine. Remember, security updates are your FRIEND. 
|
||
|
08-11-2003, 05:22 PM
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
|||
|
08-11-2003, 05:26 PM
|
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
Web Worm Attacks Windows, Spreads Fast-Experts
Monday, August 11, 2003; 7:23 PM
SAN FRANCISCO (Reuters) - An Internet worm that takes advantage of a recently discovered, widespread security hole in Microsoft Corp.'s Windows software emerged around the United States on Monday, crashing systems and spreading to vulnerable computers, security experts said. The worm, dubbed LoveSan, Blaster, or MSBlaster, exploits a vulnerability in the Distributed Component Object service that is hosted by a Remote Procedure Call feature in Windows 2000 and Windows XP. Once it gets onto a vulnerable computer, the program downloads code from a previously infected machine that enables it to propagate itself. Then, it scans the Internet for other vulnerable machines and attacks them, said Johannes Ullrich, chief technology officer at the Internet Storm Center at the SANS Institute. In some cases, the worm crashes the victim machine, but does not infect it, he said. It is spreading rapidly and has infected several thousand machines, Ullrich said. The worm also appears to instruct the computer to launch a distributed denial of service (DDOS) attack on August 16 against a Microsoft Web site, he added. In a DDOS attack, a Web site is temporarily paralyzed after receiving requests from numerous multiple computers. "It's dangerous from the perspective that it can consume a lot of bandwidth," said Russ Cooper of TruSecure Corp. "Every compromised machine is constantly attacking." The worm contains code that includes a phrase: "Billy Gates why do you make this possible? Stop making money and fix your software," according to SANS. Anti-virus provider Network Associates rated it a medium risk for consumers and corporate computer users, while rival Symantec Corp. rated it a high risk for distribution and a low risk for damage. Security professionals have been expecting such a worm since last month. Link |
||
|
08-11-2003, 05:50 PM
|
|
|
Registered
|
So, once we instal that security update, it will be fine or do we have to do something else?
|
||
|
08-11-2003, 07:00 PM
|
|
|
Registered
|
You need toremove a reg entry as well, under your "RUN" key HKLM\software\microsoft\windows\currentversion\run , again look for MSBLAST and remove it. Then delete any copies of MSBLAST.exe from your system.
I am going to be up all night I can already tell, we had an internal swat team applying this patch to 4000+ servers last week, all but 52 of them were successfull, so of course 9 of the 52 are infected already. Man I hate working in IT sometimes!
__________________
2021 Model Y 2005 Cayenne Turbo 2012 Panamera 4S 1980 911 SC 1999 996 Cab |
||
|
08-11-2003, 07:12 PM
|
|
|
Registered
|
i copy and pasted "HKLM\software\microsoft\windows\currentversion\run" but it didn't work
|
||
|
08-11-2003, 07:16 PM
|
|
|
Registered
|
Use "regedit" from the "run" line under your start button. HKLM is Hkey Local Machine.
__________________
2021 Model Y 2005 Cayenne Turbo 2012 Panamera 4S 1980 911 SC 1999 996 Cab |
||
|
08-11-2003, 07:19 PM
|
|
|
Registered
Join Date: Jun 2003
Posts: 396
|
Well. I decided to just reinstall XP, before ever seeing the replies to this.
I only had one registry entry on msblast, I deleted, WTH I can always restore  A search of both hard drives didn't turn up any MSblast.exe though. And just a tidbit of info. After a full clean install. I was able to get on the internet for only about 5 minutes before I got the RPC error and 60 second shutdown. If this is all caused by a virus, it obviously strikes fast, with no user input necessary. After shutdown, I enable the built in Firewall(XP's own), and downloaded that MS patch that Apache linked us to. So far, I've been online now for 10 minutes. We'll see.
__________________
Jack 86 Red 951 - Turbo Twists, otherwise stock for now 83 Black 944 w/86 951 front end - still down and out, but coming back slowly. 02 Altima SE 3.5 - grocery go-getter 00 Yellow Ducati Monster 900i.e. 88 Chrysler Conquest TSi |
||
|
08-11-2003, 07:23 PM
|
|
|
Registered
Join Date: Jun 2003
Posts: 396
|
As to security updates being your friend..... Well, maybe for you broadband guys. Hell, the first time I did SP1, it took close to 10 hours to d/l. I try to snag updates through the window's catalog when I find time, I try to store them for times like this.
__________________
Jack 86 Red 951 - Turbo Twists, otherwise stock for now 83 Black 944 w/86 951 front end - still down and out, but coming back slowly. 02 Altima SE 3.5 - grocery go-getter 00 Yellow Ducati Monster 900i.e. 88 Chrysler Conquest TSi |
||
|
08-11-2003, 07:25 PM
|
|
|
Registered
Join Date: May 2003
Posts: 65
|
The precise removal instruction are about 3/4 of the way down on the Semantic page.
1. Disable System Restore (Windows Me/XP). 2. Update the virus definitions. 3. Do one of the following: Windows 95/98/Me: Restart the computer in Safe mode. Windows NT/2000/XP: End the Trojan process. 4. Run a full system scan and delete all the files detected as W32.Blaster.Worm. 5. Reverse the changes that the Trojan made to the registry. Details are here. Link It is very important that you APPLY THIS PATCH FIRST before you proceed with steps 1-5. You are still infected BlueQuestTSi, that is why the symptoms reappeared with no user interaction. This worm gets the code to rebuild itself from over the internet. You will need to repeat steps 1-5. |
||
|
08-11-2003, 07:38 PM
|
|
 |
| Thread Tools | |
| Rate This Thread | |
|
|
1983 Porsche 944 2.5 liter
1983 Porsche 944 2.5 
1985.5 Porsche 944 2.5L Supercharged 
911 SC
Panamera
