Announcement

Collapse
No announcement yet.

Ok, what OTHER virii attack the RPC?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ok, what OTHER virii attack the RPC?

    Tried to use the FixBlast.exe, but it claimed that the msblast virus wasn't there. Unfortunately I don't have direct access to this computer, and have to walk through a computer newbie. So any easy pointers on getting this fixed would be greatly appreciated.

    Why is that service even ON? Lousy windows....

    Leech
    Wah! Wah!

    In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

  • #2
    Nachi is the other one I can think off.
    Chief Lemon Buyer no more Linux sucks but not as much
    Weather nut and sad git.

    My Weather Page

    Comment


    • #3
      Welchia, too...
      Hey, Donny! We got us a German who wants to die for his country... Oblige him. - Lt. Aldo Raine

      Comment


      • #4
        Originally posted by MultimediaMan
        Welchia, too...
        Same worm just a different name too confuse matters.
        Chief Lemon Buyer no more Linux sucks but not as much
        Weather nut and sad git.

        My Weather Page

        Comment


        • #5
          Ok, now how the hell to fix it? Fresh install of windows, second it hits the net it's infected?

          Leech
          Wah! Wah!

          In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

          Comment


          • #6
            make sure the build-in firewall is enabled before you ever open an internet connection. Then agian, this is no help to you, is it

            Comment


            • #7
              Can't you turn off the service?
              Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.

              Comment


              • #8
                By BlackViper
                Remote Procedure Call (RPC)

                This service is rather vital. Practically everything depends on this service to be running. This is also the only service that you should not (and will not) disable via the Services MMC. If you do, your computer may (will) become unbootable AND you cannot place this service back to automatic to fix it. Leave it on Automatic and do not change it. If, for whatever reason, the service became disabled and you can no longer boot your system,
                If there's artificial intelligence, there's bound to be some artificial stupidity.

                Jeremy Clarkson "806 brake horsepower..and that on that limp wrist faerie liquid the Americans call petrol, if you run it on the more explosive jungle juice we have in Europe you'd be getting 850 brake horsepower..."

                Comment


                • #9
                  Hmm, Remote, eh? Now that has to be the worst naming I've seen.
                  Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.

                  Comment


                  • #10
                    Sure the computer is infected at all?

                    This could just be a script kiddie running a scan for any XP machines without the newest patch installed - a simple call can force an unpatched winxp to shutdown.

                    Just had this with a machine I installed last friday. It was on a cablemodem, and 12 seconds after I logged it on, a script hit its open ports and shut it down.

                    Had to take 3 tries to download the fix.
                    After this, the problem of course went away.

                    The computer did not get infected at all - scanned with Norton and panda.

                    ~~DukeP~~

                    Comment


                    • #11
                      Well it's dead easy to find. Look in c:\windows\system32\wins and if you have dllhost and svhost you've got the nachi.

                      Another way is download stinger and run that. This detects and removes the nachi blaster while other notable virus checkers ignore it.

                      You'll also need to turn off system restore if you don't it gets restored next time you boot up. Of course you do this before cleaning.
                      Chief Lemon Buyer no more Linux sucks but not as much
                      Weather nut and sad git.

                      My Weather Page

                      Comment


                      • #12
                        Originally posted by leech
                        Ok, now how the hell to fix it? Fresh install of windows, second it hits the net it's infected?

                        Leech
                        before you go onto the internet with your fresh install of xp, turn on the xp firewall & install this patch which you saved onto floppy or cdr beforehand.
                        after that go onto the windows update site for critical updates.

                        Comment

                        Working...
                        X