| Pages in topic: [1 2 3] > | Virus alert! (msblast.exe): 'Remote Procedure Call terminated unexpectedly' / TFTP Thread poster: Daniel Jeory
|
|---|
Daniel Jeory
Local time: 14:17
Member (2003)
German to English
Watch out Windows XP users. When I connected to the Internet this evening, within 30 secs I got a message saying 'Remote Procedure Call terminated unexpectedly...computer will shut down in 1 minute'(!)
This happened 3 times (and only after going online). Each time, though, I managed to get some hits on Google about the problem before the computer went beserk and shut down.
On one site, it mentioned firewalls, so before trying to connect this time, I checked my Internet... See more Watch out Windows XP users. When I connected to the Internet this evening, within 30 secs I got a message saying 'Remote Procedure Call terminated unexpectedly...computer will shut down in 1 minute'(!)
This happened 3 times (and only after going online). Each time, though, I managed to get some hits on Google about the problem before the computer went beserk and shut down.
On one site, it mentioned firewalls, so before trying to connect this time, I checked my Internet connection settings and realized to my horror that my Internet connection firewall wasn't enabled in the dial-up dialog box. Now I've checked the box, voilà, no probs, fingers well and truly crossed!
The link below has a very recent thread going, so it looks like the problem's only just starting, so be careful and check your security settings!
www.computing.net/hardware/wwwboard/forum/15396.html ▲ Collapse
| | | | Uldis Liepkalns 
Latvia
Local time: 16:17
Member (2003)
English to Latvian
+ ...
Daniel Jeory wrote: Watch out Windows XP users. When I connected to the Internet this evening, within 30 secs I got a message saying 'Remote Procedure Call terminated unexpectedly...computer will shut down in 1 minute'(!) This happened 3 times (and only after going online). Each time, though, I managed to get some hits on Google about the problem before the computer went beserk and shut down. On one site, it mentioned firewalls, so before trying to connect this time, I checked my Internet connection settings and realized to my horror that my Internet connection firewall wasn't enabled in the dial-up dialog box. Now I've checked the box, voilà, no probs, fingers well and truly crossed! The link below has a very recent thread going, so it looks like the problem's only just starting, so be careful and check your security settings! www.computing.net/hardware/wwwboard/forum/15396.html
Yeah, my firewall is enabled all the time, little relieve it gives, though, taking into cosideration the Microsoft confession we lately had to translate, that XP firewall doesn't do anything at all...
http://support.microsoft.com/default.aspx?scid=kb;en-us;306203
I found this description on MS search just now, I do not have the original article in my home computer, but there were VERY serious problems... to put it mildly.
Uldis
| | | | Susana Galilea
United States
Local time: 08:17
English to Spanish
+ ...
| I received this message from my ISP provider | Aug 11, 2003 |
Security bulletin:
Microsoft Windows RPC Interface Buffer Overrun Vulnerability.
Systems Affected: Non patched systems running Windows 2000, Windows NT, Windows XP
A buffer overrun vulnerability is being exploited on Windows machines running the Windows 2000, NT, and XP operating systems that have not been patched against this vulnerability. Users who do not routinely perform Windows System Updates or Critical Updates which include Service Packs and Patches... See more Security bulletin:
Microsoft Windows RPC Interface Buffer Overrun Vulnerability.
Systems Affected: Non patched systems running Windows 2000, Windows NT, Windows XP
A buffer overrun vulnerability is being exploited on Windows machines running the Windows 2000, NT, and XP operating systems that have not been patched against this vulnerability. Users who do not routinely perform Windows System Updates or Critical Updates which include Service Packs and Patches may be affected.
***The most common complaint we have received through the exploitation of port 135 by most users is where systems have rebooted for no apparent reason while users were online. Please be advised that in some cases this could result in the execution of malicious instructions which could disable systems.***
xxx is recommending affected users take immediate action.
You can find the Windows Update Site here:
http://www.windowsupdate.com
It is recommended that all Service Packs and Critical Updates be applied.
You can find out more information as posted by Symantec here:
http://securityresponse.symantec.com/avcenter/security/Content/8205.html ▲ Collapse
| | | | |
|
|
|
Laura Gentili
Italy
Local time: 15:17
Member (2003)
English to Italian
+ ...
Hi Daniel,
Thank you so much for your suggestion!
This problem was driving me crazy last night, then a friend read your post to me. I did what you suggested and here I am, online again!
Laura
| | | | | A good firewall that's free | Aug 12, 2003 |
I recommend ZoneAlarm (www.zonelabs.com). Lean, safe and free for "personal" use. The "pro" version doesn't offer any further useful features.
Of course, no computer is ever secure, and it is important to be on the lookout for any unusual behavior.
| | | | Daniel Jeory
Local time: 14:17
Member (2003)
German to English
TOPIC STARTER | Don't forget the patch! | Aug 12, 2003 |
Laura Gentili wrote:
Hi Daniel,
Thank you so much for your suggestion!
This problem was driving me crazy last night, then a friend read your post to me. I did what you suggested and here I am, online again!
Laura
Hi Laura,
Don't forget to install the patch...clink on this link
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp
You have to choose the patch for your system, probably Windows XP 32bit.
Also, make sure you get rid of the msblast.exe worm by following the link in Oddie's message...very useful! Thanks a ton!
Good luck!
[Edited at 2003-08-12 12:53]
| | | | Zhoudan
Local time: 21:17
English to Chinese
+ ...
| I had this, too. | Aug 12, 2003 |
Thank you all. I had the same problem an hour ago. Your posting saved me a lot of frustrations. I immediately downloaded the ZoneAlarm firewall and started to run the virus removal tool. But oddly enough, the removal program does not find the worm in my system, though I saw it in my Norton virus history record that a blaster was found and isolated (I Liveupdated my Norton only four hours ago!). Is it possible that the removal tool failed to detect the worm because it had already been isolated or... See more Thank you all. I had the same problem an hour ago. Your posting saved me a lot of frustrations. I immediately downloaded the ZoneAlarm firewall and started to run the virus removal tool. But oddly enough, the removal program does not find the worm in my system, though I saw it in my Norton virus history record that a blaster was found and isolated (I Liveupdated my Norton only four hours ago!). Is it possible that the removal tool failed to detect the worm because it had already been isolated or deleted, considering I had Liveupdated the Norton Anti-Virus? Hope I have made myself clear. Any input would be appreciated. ▲ Collapse
| | |
|
|
|
| | Bob Kerns (X)
Germany
Local time: 15:17
German to English
| Install the patch first and then get rid of the virus | Aug 12, 2003 |
Speaking from personal experience today:
As long as the Microsoft patch has not been installed this virus can continue to enter your computer.
So the best thing to do is to install the patch first (links already provided in previous posts above) and only then download and run the Symantec solution to get rid of the virus.
This has caused me headaches today but my system seems to be clean now.
I'll keep my fingers crossed for you all (and for my... See more Speaking from personal experience today:
As long as the Microsoft patch has not been installed this virus can continue to enter your computer.
So the best thing to do is to install the patch first (links already provided in previous posts above) and only then download and run the Symantec solution to get rid of the virus.
This has caused me headaches today but my system seems to be clean now.
I'll keep my fingers crossed for you all (and for my system too) ▲ Collapse
| | | | Daniel Jeory
Local time: 14:17
Member (2003)
German to English
TOPIC STARTER | Now I can't open pdf files | Aug 12, 2003 |
OK, I've rid my computer of the virus (as far as I can tell), but now I've just found out I can't open any pdf attachments in Outlook Express.
When I double click on the message, it tells me 'OE has removed access to the following unsafe items...'.
Is it possible this is a result of the virus? Does anyone have any ideas how I can solve this mystery?!
Thanks!
| | | | | Spent the entire morning dealing with it :( | Aug 12, 2003 |
I found I had W32 Blaster this morning when Zone Alarm informed me that a program called msblast was trying to access the Internet. Since I'd never heard of it, I clicked on "more info" and I found that it was a very bad virus that had wormed its way into my computer. Norton Antivirus had not detected it; I run LiveUpdate and then it found it.
Norton could not quarantine or delete the virus. By clicking on the name of the virus in Norton's warning box I accessed a Syma... See more I found I had W32 Blaster this morning when Zone Alarm informed me that a program called msblast was trying to access the Internet. Since I'd never heard of it, I clicked on "more info" and I found that it was a very bad virus that had wormed its way into my computer. Norton Antivirus had not detected it; I run LiveUpdate and then it found it.
Norton could not quarantine or delete the virus. By clicking on the name of the virus in Norton's warning box I accessed a Symantec page, from which I could download a tool to delete the virus from my system. I was also recommended to download the protection patch. I ran Windows Update and the patch was downloaded together with others.
Now I've got here and I find everybody is dealing with W32 Blaster! Wow. Well, at least I'm not the only one. Misery likes company and all that. My recommendation would be, if you don't have Zone Alarm, then get it; it was thanx to it that I found the villain before more damage was done. ▲ Collapse
| | |
|
|
|
Per Riise (X)
Norway
Local time: 15:17
English to Norwegian
+ ...
| PDF'files won't download/open | Aug 12, 2003 |
Daniel Jeory wrote:
OK, I\'ve rid my computer of the virus (as far as I can tell), but now I\'ve just found out I can\'t open any pdf attachments in Outlook Express.
When I double click on the message, it tells me \'OE has removed access to the following unsafe items...\'.
Is it possible this is a result of the virus? Does anyone have any ideas how I can solve this mystery?!
Thanks!
I\'m no computer wizard, but it might be because your firewall doesn\'t \"let\" pdf-files through.
| | | | Laura Gentili
Italy
Local time: 15:17
Member (2003)
English to Italian
+ ...
| Zipped Files Attachments | Aug 12, 2003 |
I have enabled the Firewall, installed the patch, removed the worm (thank you all!) but now my OE removes zipped files attached to my e-mail messages as "not secure".
| | | | Marie Lowrie
United Kingdom
Local time: 14:17
German to English
| Thanks so much for the info! | Aug 12, 2003 |
I had exactly the same problem. The same message appeared every time I logged on to the net. I had no idea what was causing it and was considering re-booting my system which would have been an absolute nightmare. Thanks so much for this information!
| | | | | Pages in topic: [1 2 3] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Virus alert! (msblast.exe): 'Remote Procedure Call terminated unexpectedly' / TFTP | Anycount & Translation Office 3000 | Translation Office 3000
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info » |
| | CafeTran Espresso | You've never met a CAT tool this clever!
Translate faster & easier, using a sophisticated CAT tool built by a translator / developer.
Accept jobs from clients who use Trados, MemoQ, Wordfast & major CAT tools.
Download and start using CafeTran Espresso -- for free
Buy now! » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
