Ok guys, this is really really bad. There is this thing called the RCP worm. Its spreading all across computers in the world, and really quickly.

If your computer has been giving a popup window that says something about NT/AUTHORITY/SYSTEM and says that the RCP was terminated, your comp is infected. I dont know whos doing this. There was a leak in windowsXP and someones taking advantage.

I highly recommend getting mcafee to do a search. Man, this thing infected both my bros comp and my comp in the same day. If you think its infected just us, go check out google. Or for people who has Microsoft Outlook Express, if you subscribed to certain news forms, you're likely to get this email about the RCP worm. My bro did. Hopefully if youve been getting windows updates off of www.microsoft.com, this thing will not affect ur comp. If your comp is already infected theres no point in getting updates anymore. I still have this thing in my comp. It keeps turning off my comp...

Get a free check at McAfee (http://us.mcafee.com/root/mfs/scan.asp)...:alien:

Yikes, I think thats why theres people saying their computer keeps on restarting and such.

McAfee sucks.

http://www.grisoft.com/us/us_dwnl_free.php

download AVG, update the definitions and then do a complete system scan.

Yea Maxtr0sity, thats whats happening to my comp. And Jubba...mcafee does not suck, its the leading prog for viruses right now. I heard of avg too, i was gonna get that but mcafee is better.

"better" is subjective

Revhttp://www.aulman.com/rev.gif

Hehe, you people are so silly. I have never gotten a virus in my life or any kind of program that caused damage, I've never installed any virus protection programs. I feel so special.

very subjective. i had a virus on my computer and mcafee didn't catch it. i got norton and lo and behold, there was a virus that was slowing my new machine down.

mcafee does suck.

Whoops, my bad, i mean norton is the leading prog. **** i wish i bought norton.

One bad side to Norton is that they make you pay for virus updates.

As I said before, I work in a computer shop and thru testing, my own results show that on many trials, AVG caught viruses that were missed, not only by McAfee, but also by Norton. In terms of overall protection the professional version of AVG is by far the best Anti-virus software on the market today.

AVG just isn't marketed enough I think. I have never seen AVG on store shelfs.

Neither have I. It doesn't get much press, but grisoft is an excellent company and the program is great. lol we had this one guy come in and AVG found 875 viruses on his computer. He had the comp for 3 years and never checked for viruses.

It was just a stuipd e-mail worm that kept duplicating itself... 875... I wish I could have charged him per virus

Originally posted by Maxtr0sity
One bad side to Norton is that they make you pay for virus updates.

i've had virus updates done since i've gotten norton, and nobody has charged me anything. :-\

Originally posted by Maxtr0sity
Hehe, you people are so silly. I have never gotten a virus in my life or any kind of program that caused damage, I've never installed any virus protection programs. I feel so special.

just give it time. One will get all of your data... gone.... lost forever...

oneday it will happen. Maybe it will, even if you have anti-virus software, but it definitely will if you don't

Revhttp://www.aulman.com/rev.gif

yeah I've never heard of that either...

Rev, whats up with your server?

I think they charge you or make you pay somehow after a trial period which is usually 90 days.

As for Jubba, ahaha, how does his computer work with all those viruses?

I use Norton Corp Pro, and it goes out, gets the updates, and installs them for me... I never have to do anything but approve the files it finds to delete.

Revhttp://www.aulman.com/rev.gif

Hmmmm, I always thought they where like a trial thing.

We got the w32 Lovesan.worm at work... it sucked because we were among the first people to get it... Mcafee still didn't know what was going on when we called tech support, but later on at night they released a new version of stinger with a fix.

Microsoft had already taken care of the security hole that the worm uses two weeks ago, but some of our computers at work hadn't updated yet... it sucked

I get about 30 viruses a day, and Norton catches all of them. Max, you'll get them eventually - it's only a matter of time. Norton Virus Definition are free for a whole year, but if you were to format your computer at any time in-between, the timer resets itself back to 365 days. I find it to be one of the better programs based on a PcWorld review I read a year or so ago, but I've never used anything other program so... ;)

max,

seriously, i have no idea what you're talking about. i bought the latest version of norton antivirus and norton firewall. they've served me well, i paid $80 for both, but i haven't regretted it yet. this was a couple months ago.

Originally posted by Maxtr0sity
As for Jubba, ahaha, how does his computer work with all those viruses?

The virus itself didn't really do anything but make copies of itself. It was just nesting on his computer and clogging up his harddrive. Other than that it wasn't very malicious.

Originally posted by kirupa
I get about 30 viruses a day, and Norton catches all of them. Max, you'll get them eventually - it's only a matter of timeNuts, but I'm an avid formatter so no biggy.:P

we all get around 30 viruses a day... through email...

Originally posted by Jubba
The virus itself didn't really do anything but make copies of itself. It was just nesting on his computer and clogging up his harddrive. Other than that it wasn't very malicious. What a pointless virus. IF I make a virus, it'd fry everything inside the computer. :chinaman:

Yeah - the worst are those that look like legitimate questions, but have an attachment embedded in the page to open when simply viewed. I turned of HTML for reading mails in Outlook Express for that reason.

Originally posted by lava
we all get around 30 viruses a day... through email... :( I don't get 30 e-mails a day.

Originally posted by kirupa
Yeah - the worst are those that look like legitimate questions, but have an attachment embedded in the page to open when simply viewed. I turned of HTML for reading mails in Outlook Express for that reason. How do you do that? Wouldn't pictures and such not come out right?

The 90-day thing is if you got your Norton AV pre-installed on your comp. If you bought the retail, it's 365 days.

EDIT: Yeah - the pictures simply display as attachments. Also, most of those pictures aren't exactly worth seeing anyway.

Ooooo, for some reason, my dad bought Norton Systemworks a while back which included Antivirus, but that was only still 90 days.

I like McAfee... they're pretty good about keeping up with viruses, and you can update anytime you want.... forever.

Is Mcafree older or Norton? I knew about Mcafree first.

I think norton is older... I can remember norton from way back when I started using computers, which was 92...

Originally posted by lava
I like McAfee... they're pretty good about keeping up with viruses, and you can update anytime you want.... forever.

Its all about preference. You have to go with what you think is the best. I have done tests and my data shows AVG. If your tests show McAfee then go for it. I merely offered my views on the subject. :)

:( I don't remember anything from 92, but I remember when we first got our computer, we used Mcafree.

Originally posted by Jubba
Its all about preference. You have to go with what you think is the best. I have done tests and my data shows AVG. If your tests show McAfee then go for it. I merely offered my views on the subject. :) How do you do "tests" on this subject?

Whoo, 2 minutes, 35 replies already. Well, 36 including mine.

running different AV progs on different computers. Purposefully infecting computers with different viruses to see which program works better... how do you think I would run tests?

Norton AV that I use doesn't have an expiration date... and is almost invisible.

McAfee is on my g/f 's computer, and she has no probs. It kept shutting down on mine, so I now have Norton...

I also use ZoneAlarm to mask all of my ports, etc.

abzoid got hit with an open port a few years back, even with AV protection, and it wiped him out...

another friend got hit through email, it propagated through his home network and trashed his entire system, plus his wifes, plus his assistant's...

I don't install any prog that I don't know 100% for sure is a legit prog with Tech Support, etc...

My livelyhood depends on me keeping information securely and cheaply.

Revhttp://www.aulman.com/rev.gif

Wasn't sure how you can 'purposely' infect computers. How do you do that exactly?

save a virus to a CD and install it on a computer.... ?

viruses are just programs. Just pop it onto a computer and run it.

Hmmmmm, I gota try one of those CDs. Where can I get one?:P

Viruses scare me :(

BOOO :P

:evil:

This virus is new !!!

hmm


:smirk:

white flames scare me...

:evil:

Revhttp://www.aulman.com/rev.gif

No you don't want to try one of them. We had a new kid working with us and he accidently put a virus on a new computer before he sent it out and he didn't tell anyone about it... lady came back a few days later demanding her money back...

Cooking hats scare me.

Originally posted by Jubba
No you don't want to try one of them. We had a new kid working with us and he accidently put a virus on a new computer before he sent it out and he didn't tell anyone about it... lady came back a few days later demanding her money back... Ban him. :evil: :P

Originally posted by reverendflash
white flames scare me...

:evil: :(

Originally posted by Maxtr0sity
Cooking hats scare me.

they should... we carry very sharp knives...

:evil:

Revhttp://www.aulman.com/rev.gif

Eeeeeeeek.

Sharp objects seems to attract to me.

Why do white flames scare u lol ?

they are sweet and harmless lol :s:


I like White flames :blush:

Wait til you get set on fire and you're glowing white. See how you like it then.:P

How the hell do you get from this RCP virus to a cooking hat?

lol !

If my underware is white, then its white flames. :hair:

Welcome to Kirupaforums...

it happens here a lot...

Revhttp://www.aulman.com/rev.gif

Lol. Why would you be in your tighty-whities and catch on fire?

Isn't it an RPC (Remote Procedure Calll) issue? Where the RPC buffer gets over run and shuts the PC down? Or am I thinking of a seperate issue?

Cheers!
-Niann

To all Windows 2000, XP and NT4 users,

A new virus threat has been identified on the McAfee Site.

The virus is the LOVESAN W32/Lovsan.worm or aliases of the following: msblast.exe or tftp or W32.Blaster.Worm (Symantec) or Win32.Poza (CA) and or WORM_MSBLAST.A (Trend)

This virus will only affect PCs that are using the Windows OS (operating system) i.e., Windows 2000, Windows XP and Windows NT. It will not affect Windows 95 or 98 OS.

Symptoms
Error messages about the RPC service failing (causes system to reboot)
Presence of unusual TFTP* files
Presence of the file msblast.exe in the WINDOWS SYSTEM32 directory

Measures to Take
To prevent this virus from spreading ensure that you have the latest McAfeeVirus Definitions of 4.0.4284 and that your Scan Engine is 4.2.60

Run a full scan of the computer hard drive(s).

You will also need to Apply the MS03-026 patch to all vulnerable systems (Windows 2000, Windows XP and Windows NT).
******************
This is the official alert from we released to our employees today...the virus calls the RPC DCOM service and launches an internal command to download the required files for the virus to work - this is a particulary nasty virus in that it doesnt necessarily come in as a file, but as a call to a service...very tricky
--
Matroxity, I'm not meaning to make you feel bad, but viruses need to be taken seriously; especially ones involving network commands and services....a well programmed virus would be like the "Keymaker" from the Matrix 2 movie.
Everyone might not understand what it can do ( or why it walks funny hahahahaha) but in the right hands the exploit can do some damage.

Originally posted by Niann
Isn't it an RPC (Remote Procedure Calll) issue? Where the RPC buffer gets over run and shuts the PC down? Or am I thinking of a seperate issue?

Cheers!
-Niann

it makes some computers crash... and some not.

Originally posted by prstudio
Matroxity, I'm not meaning to make you feel bad, but viruses need to be taken seriously; especially ones involving network commands and services....a well programmed virus would be like the "Keymaker" from the Matrix 2 movie.
Everyone might not understand what it can do ( or why it walks funny hahahahaha) but in the right hands the exploit can do some damage.Sry?:cool:

Yep, prsstudio said it ALL. Its name is msblast.exe. Go into 'my computer', search, all files and folders, select from browse : local disk, windows, system32. Type in search : MSBLAST.EXE. If it has a result of that name...your comp has that virus.

RCP is REMOTE PROCEDURE CALL.

I got rid of it!!! Well, all u need is a av prog. Prefably McAfee AV if you cant get better ones. Update it and install ALL the updates. Search thoroughly through local disk. Find it and delete that b-astard.

clarify that, get rid of the virus, not RPC

:tb: :tb: :tb:

Not sure if anybody posted this, but here is the free removal tool that scans and removes the virus from your comp if found: http://securityresponse.symantec.com/avcenter/FixBlast.exe

Cheers!
Kirupa :asian:

windows xp patch for Blaster worm

http://download.microsoft.com/download/9/8/b/98bcfad8-afbc-458f-aaee-b7a52a983f01/WindowsXP-KB823980-x86-ENU.exe

windows 2000 patch for blaster worm

http://download.microsoft.com/download/0/1/f/01fdd40f-efc5-433d-8ad2-b4b9d42049d5/Windows2000-KB823980-x86-ENU.exe

these will keep you from getting the worm! EVERYONE should install it....NOW!!! :)

-teet

Question, does this loop hole exist only in Window's XP or is it in any of the Windows packages? ie.. I'm using 2000 pro.

as far as i know, it exists in windows xp, windows 2000, and windows 2000 server (i know these for sure)

i think it may also affect windows server 2003 but you would have to check that one out.

so if i were you upuaut i would download the 2000 patch listed above :)

IT DOES NOT AFFECT WINDOWS ME, 98, or 95

-teet

thanks teet, and others. I've just done a full scan and detected nothing. Now I'm patching windows. Glad I didn't have to deal with this one.

hey, here's some more info if anyone is still stuck on it

http://www.blackviper.com/AskBV/tech10.htm