SEARCH FINESCALE.COM

Enter keywords or a search phrase below:

Virus/Worm alert...VERY IMPORTANT.

1782 views
10 replies
1 rating 2 rating 3 rating 4 rating 5 rating
  • Member since
    February 2003
  • From: Long Island
Virus/Worm alert...VERY IMPORTANT.
Posted by Moses on Tuesday, August 12, 2003 12:34 PM
This is URGENT, protect yourself asap. I have had 3 people come to see me today already about this on there home PC's


Q. My computer keeps restarting after something to do with a Remote Procedure Call (RPC) terminates unexpectedly. WHAT THE HELL IS THIS?

A. You've been hit by the RPC exploit, a serious flaw in the Windows NT line of Windows products (NT, 2000, XP, and 2003 Server). If this has happened, your system has been compromised, and your only option is pretty much to reformat and reinstall all your programs from known-good sources. Any single part of your system could be infected with who-knows-what, as the RPC exploit gives a malacious user unrestricted access to your system.

So Protect your system before you have to reformat (its the only solution once it's happened), get the patch on ASAP People

What does this mean. It seems that a worldwide worm/virus is circulating. If you have Windows XP, Windows 2000 or Windows NT 4.0..you will need to download this patch. About 1/3 of home uses have been hit already in one day. This is a major worm, and could result in doing a complete reformat of your system.

If you have been infected, you will no becuase your system will reboot over and over again. If this is happening you will need to download this fix:

http://securityresponse.symantec.co...er/FixBlast.exe

All those who have not been infected and those who were infected and downloaded and installed the fix above, you will need to get the patch off of Microsofts page...

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

If you are using 2000, download 2000..if you are using XP Home or Pro...download XP 32bit.

If you are not using 2000, XP or NT 4.0, you are safe.

Any problems...please feel free to get me on yahoo at rob_riviezzo or MSN Messneger at moses96thid@hotmail.com.
"ZIM FIRST, ASK QUESTIONS LATER!!"
  • Member since
    November 2005
Posted by Anonymous on Tuesday, August 12, 2003 2:01 PM
I have Windows Me. Is my system at risk ? Itried the e-mail link - it doesn't work. Thanks for the warning and your time.
  • Member since
    February 2003
  • From: Long Island
Posted by Moses on Tuesday, August 12, 2003 2:23 PM
Pix, as it is right now...Me users are safe. The virus attacks 2000 OS's. Me is 98.
"ZIM FIRST, ASK QUESTIONS LATER!!"
  • Member since
    January 2003
  • From: NE Georgia
Posted by Keyworth on Tuesday, August 12, 2003 3:34 PM
This one's legit, folks. It hit our hospital today like a tornado. I was answering calls and cleaning up stand-alone systems all day today. - Ed
"There's no problem that can't be solved with a suitable application of high explosives"
  • Member since
    December 2002
  • From: Waukesha, WI
Posted by David Voss on Tuesday, August 12, 2003 5:17 PM
Thank you Moses for posting this.

It was only a matter of time before a major virus/worm hit using this exploit. Microsoft announced this back on July 16th. MS along with CERT and other have been sending out bulletins about this.

Affected Software:
Microsoft Windows NT® 4.0
Microsoft Windows NT 4.0 Terminal Services Edition
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server™ 2003

CERT® Advisory CA-2003-19 Exploitation of Vulnerabilities in Microsoft RPC Interface

Microsoft Security Bulletin MS03-026
Buffer Overrun In RPC Interface Could Allow Code Execution (823980)

What You Should Know About Microsoft Security Bulletin MS03-026

Although it's probably going to be slow the next couple of days due to the virus launching a DOS (Denial of Service) attack against it, another good way to update your system is to use the Windows Update Site -- http://windowsupdate.microsoft.com/ . It'll check your system for critical updates/patches that need to be applied. It's a good habit to use this site at least once a month.
David Voss Senior Web Developer Kalmbach Publishing Co. Join me on the FSM Map
  • Member since
    December 2002
  • From: Waukesha, WI
Posted by David Voss on Tuesday, August 12, 2003 6:08 PM
For more information and instructions on how to remove this, check out Symantec's website.
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
David Voss Senior Web Developer Kalmbach Publishing Co. Join me on the FSM Map
  • Member since
    November 2005
Posted by Anonymous on Wednesday, August 13, 2003 11:54 PM
Wow...
Now I am glad that I am still using windows 98.
I was just thinking about an upgrade.
Maybe I will wait till this blows over.
  • Member since
    January 2003
  • From: NE Georgia
Posted by Keyworth on Wednesday, August 13, 2003 11:59 PM
Dave, thanks for posting the update links. Several of the area businesses here got whacked by this worm virus and it was costly for them. Lost time is lost revenue, not to mention the ulcer-producing aggravation that goes with it. - Ed
"There's no problem that can't be solved with a suitable application of high explosives"
  • Member since
    November 2005
Posted by Anonymous on Friday, August 15, 2003 4:20 PM
I am a Network Tech for my local city government and so far we have been keeping it at bay. This is someone with to much time on their hands. They need to do soemthing like build models.
  • Member since
    November 2005
Posted by Anonymous on Tuesday, September 2, 2003 9:25 PM
Get a Mac Tongue [:P]
  • Member since
    December 2002
  • From: USA
Posted by ncmay on Friday, September 5, 2003 10:40 AM
The virus is for real ok. I just got over a bout with it. Terrible thing, that virus.
Butch
JOIN OUR COMMUNITY!

Our community is FREE to join. To participate you must either login or register for an account.

SEARCH FORUMS
FREE NEWSLETTER
By signing up you may also receive reader surveys and occasional special offers. We do not sell, rent or trade our email lists. View our Privacy Policy.