monty Posted April 6, 2004 Share Posted April 6, 2004 Hi guys, It seems like I have a virus making trouble on my PC, only problem is all virusscanners come up clean. They have the latest virusupdates but still nothing! CWSHREDDER doesn't find anything as well... Symptons are: When I connect to the internet (through network/shared connection) about 60 seconds later Windows tells me the RPC sercice has failed and my PC will restart. It then starts to countdown and restarts my PC. I tried to remedy this by telling WinXP not to restart my PC but restart the RPC sevice instead(in control panel,admin. tools, services). Now when winXP wants to restart the RPC, RPC will call on an svchost.exe which will then eat 99% of my processor speed... If I close this svchost with taskmanager, I can't open any webpages in a new window (neither by clicking on a link or right clicking) and I can't open the seach window from the start menu anymore... Anybody any idea (Francois maybe???) Monty Link to comment Share on other sites More sharing options...
MadFrankie Posted April 6, 2004 Share Posted April 6, 2004 theres a patch on the microsoft support website that will resolve it. Just do a search for Remote procedure call shutdown.. laters Link to comment Share on other sites More sharing options...
diaw Posted April 6, 2004 Share Posted April 6, 2004 This is an irritating problem... If the MS$ patch does not do the trick for you, then you may have to re-install the Winblow$ OS... Link to comment Share on other sites More sharing options...
monty Posted April 6, 2004 Author Share Posted April 6, 2004 Yep, it looks like the rpc/dcom exploit, but i have patched for that vulnerability months ago... If it's a virus it looks like it's unknown, right now I bet on some strange quirk of MS$... I have all my data backed up but reinstalling WinXP will be a hassle since I have some 80 programs on it.... That's 80 reinstalls I'll have to do it since I don't find any solution Link to comment Share on other sites More sharing options...
ajahnlau Posted April 6, 2004 Share Posted April 6, 2004 In todays BKK Post there's and article in the IT section [help desk]. Looks similar to your problem. A couple links given to fix the virus. Link to comment Share on other sites More sharing options...
Guest Lazarus Posted April 7, 2004 Share Posted April 7, 2004 Get all the latex patches from micro$oft that will fix it. If not.. format. Good luck Link to comment Share on other sites More sharing options...
francois Posted April 7, 2004 Share Posted April 7, 2004 hi' my 2B in here do you run outlook or outlook express? did you try an online antivirus? looks like an early version of bagle@mm ... and sometime ..sorry the Ms patch does not make the "trick" . if the threat is not coming from this one for sure, you can download the netsky@mm desinfection tool. try 2 things ... download the desinfection tool from symantec web-site. de-activate the system restore of XP. run the tool or the tools one after the other. surely will find something, clean, restart. and if you use it re-activate the sytem restore. I say to do it this way, because most of user aren't familiar with the registry and might cause more damage than good things and then .. make a backup francois Link to comment Share on other sites More sharing options...
monty Posted April 7, 2004 Author Share Posted April 7, 2004 Hi guys, Thanx for the reply's... I tried pretty much anything before I gave up, just wanted to know where the problem came from... Did online virusscan (both Mcafee's and Trendmicro's) Scanned with spybot, adaware and cwshredder (latest updates) Tried most of the virusspecific scanners (stinger, netsky@mm,...) All came up empty. In the end I guess my windows XP got corrupted somehow, since everything got solved by reinstalling WinXP (using the install cd and choosing upgrade) This way I didn't have to reinstall anything except for the driver of my Geforce videocard... All is running smooth again now! Monty Link to comment Share on other sites More sharing options...
francois Posted April 9, 2004 Share Posted April 9, 2004 hi' sorry I should have looked at my small database ... well, sometime, some devices refuse to start ... and give trouble to the boot or to the functions of the kernel ... the most common one is the printer. unplug it, start and in safe mode check that no residual printing job are in stock ... if so, delete them , and restart without the printer on, and once started, plug the printer. (assuming that it's an USB one) some other device, like the modem can create such situation ... this is what might have happened to you ... but the reinstall was a good move, since you don't need to reinstall everything, just check that all windows update are not gone ... francois Link to comment Share on other sites More sharing options...
monty Posted April 9, 2004 Author Share Posted April 9, 2004 Good tip on reinstalling the Win patches Francois, they did indeed disappear!!! I probably would have been blasted by some blaster look alike pretty soon!!!! Link to comment Share on other sites More sharing options...
francois Posted April 10, 2004 Share Posted April 10, 2004 hi' you are welcome monty anytime, if can help .. TO CONSIDER : think about to make a backup of the partition C:\ use drive Image version7, either you have a cd-write or not, you can perform a nice backup in less than 30mn if on cd-rw easy ! just give a name with date to the backup. if on the hdd, make a new folder first in a partition where you have a lot of space. useless to say :not the C:\ ... choose a high compression .. comes in about 50% compression. once a real probelm appears ... restore the backup, just update drivers or antivirus database, some program's update ... and there you are cheers francois Link to comment Share on other sites More sharing options...
singer Posted April 14, 2004 Share Posted April 14, 2004 In future dont open any emails that are say 30 -40 k . most simple none virus mails are about 2 to 3. Just about all 20 + mails are viruses. If you can get Nortons virus protection because it is excellent. Change your e mail client to yahoo because it has a virus scan on all emails and wont allow you to download one. Dont open ANY mail attachements that have .exe at the end . Its an executable file with an implanted virus. Link to comment Share on other sites More sharing options...
bkk_mike Posted April 21, 2004 Share Posted April 21, 2004 There is a free antivirus program from Grisoft (www.grisoft.com) - AVG Free Edition. It's single PC use only, but does issue updates, and the price is right. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now