Does anyone know anything about a virus that is causing an error message followed by an automatic shutdown. Some sort of RPC (remolte procedure call). There is also something else about NT AUTHORITY/SYSTEM. I know of at least three people experiencing this. please help!!

I will use my powers for good this one time...

Thats pretty vague. Can you at least load windows?

If you have no virus scanner and you can at least run a web browser before it crashes, check out:

http://housecall.trendmicro.com/ (click "scan now").

What version of windows?
How old is the installation?
What is your file system type (fat or NTFS.. if you don't know thats cool)?
Can you reproduce the problem? If so, how?

Originally posted by X-Gote
I will use my powers for good this one time...

Thats pretty vague. Can you at least load windows?

If you have no virus scanner and you can at least run a web browser before it crashes, check out:

http://housecall.trendmicro.com/ (click "scan now").

What version of windows?
How old is the installation?
What is your file system type (fat or NTFS.. if you don't know thats cool)?
Can you reproduce the problem? If so, how?

xp, installed 2 months ago, NTFS

problem happens about every 5 minutes or so

virus scanner cant finish scan and finds nothing before auto shutdown.

I am posting or my roommate orion.

Originally posted by X-Gote
I will use my powers for good this one time...

Thats pretty vague. Can you at least load windows?



If you have no virus scanner and you can at least run a web browser before it crashes, check out:

http://housecall.trendmicro.com/ (click "scan now").

What version of windows?
How old is the installation?
What is your file system type (fat or NTFS.. if you don't know thats cool)?
Can you reproduce the problem? If so, how?

i've got it. no time so here are the answers in the order of your questions.

yes.
xp
2-3 months
i think fat
the problem happens within 2 minutes of startup. i get a system shutdown popup that counts down 1 minute then restarts.

How bout safe mode? Have you tried reinstalling windows or using the repair options from booting off the cd? Get me on aim, probably be easier to just call me. I should have some time this afternoon after lunch.

Originally posted by X-Gote
How bout safe mode? Have you tried reinstalling windows or using the repair options from booting off the cd? Get me on aim, probably be easier to just call me. I should have some time this afternoon after lunch.

keith found a fix for it by microsoft. seems to be working just fine again.

thanks M$ :up

we'll see if it holds...

Links?

http://microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC-9532-3DE40F69C074&displaylang=en

thanks for the link :up :up

http://www.cnn.com/2003/TECH/internet/08/11/internet.attack.ap/index.html

WASHINGTON (AP) -- A virus-like infection that was the subject of urgent U.S. government and industry warnings spread rapidly Monday across the Internet, causing computers to mysteriously restart and coordinating an electronic attack against Microsoft Corp.



Problem is they are just attacking innocent users. People that bought a computer at best buy to browse the web and email their family members . What message are they sending anyways? Buy a mac? Fucking ridiculous. I would love to find one of those punks and smash their face untill its unrecognizable. :fu dorks

oh my god.. this just started happening to me today too..

and i NEED SOME HELP!!!!

argh..

i got some advice online to goto the services menu and disable the Remote Procedure Call and the reaction to the repeating crash of the authority/system thing.. and also to disable the user "thing" for that.. and now...

i'm fuckin broken ...... check the picture.... there's no name in the User Name area.... just blank...

does anyone know how to renable this?
i just got the patch.but now i can't do anythign to fix my computer back to normal.. the taskbar on the bottom isn't there anymore and doesnt come up.. and now i can't run my antivirus correctly program or move any of the icons on my desktop..

please help someone.

this is what i'm talking bout

does anyone know what msblast.exe is?

i cant find anythign online about it?

GUDDAM THAT IS A HIDIOUS BROWSER COLOR!

its my gf's.. which is why i'm freakin out..................
anyway.. does anyone know how to get to safe mode using xp?

get ad-aware and spybot search & destroy and scan that thing for spyware and whatnot. that patch on MS's site is for Windows XP only, as stated on the site, so i hope you didn't install it.

i have used all the spyware stuff and they are all gone...

yeah.. i haven't installed it..
and this computer is runnning xp.

i dont wanna install the patch until i can fix the whole problem with the user..

does anyone know how to activate the user in xp?
or does anyone know how to get to safe mode in xp?

someone help!! please!


i'm going thru this comp lookin 4 shady shit..

anyone know anything bout..

wowexec.exe
webdar.exe
msblast.exe


anyone?!?!

thnx

I've been helping people with this all day at work.

It's a virus called W32.Blaster.Worm that takes advantage of a security exploint in Windows XP on TCP port 135.

To fix the issue, you start by end tasking on the virus MSBLAST.EXE in the services tab to prevent the shutdown and then closing the security hole by running this patch.

http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp

Once you've done that then you need to remove the virus. It has not been detectable by a virus scan so don't bother running one. You'll need to follow the instruction here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

There's a registry hck involded so back it up first and good luck.

The virus is probably a scare tactic to get people to buy something other than a Windows PC. The idea is to get people to use a *NIX system or (heaven forbit) a MAC.

:raging

weaaak... did your PC start shutting off again?

This might help....


http://www.dogsonacid.com/showthread.php?s=&threadid=146505&cache=30

Get patch here: http://msn.com.com/4520-6600_16-506...ns&tag=msn_home

More info: http://us.mcafee.com/virusInfo/defa...&virus_k=100547

You should download WinXP or Win2k Patches. You've become apart of someones botnet that will likely DDos microsoft or AOL and you will get arrested by the FBI! :eek Just call 9-1-1.

Originally posted by viXen
Get patch here: http://msn.com.com/4520-6600_16-506...ns&tag=msn_home

More info: http://us.mcafee.com/virusInfo/defa...&virus_k=100547

thx viXen, but we've got it covered

I didn't bother reading the other posts. I remembered I had those links and was going to post but forgot.

Sorry, just trying to help.

This might be old news for some but it's still pretty interesting. In the code of the virus there's a little message.

The first one is a greeting to a friend and the next part is to Bill Gates:

"billy gates why do you make this possible?" Then it says. "Stop making money and fix your software!!"