Re: RPC security error is restarting my comp
From: michelle (michroper_at_yahoo.com)
Date: Thu, 14 Aug 2003 19:42:04 -0700
Karl, this is the problem which i have encountered, but a
further problem has now arisen - that is:
Yesterday while having looked at the microsoft support
website, a similar RPC error was shown as having an
start dcomcnfg.exe, uncheck the "enable distributed COM on
this computer" check box, download a security update
(823980) and so on.
This was obviously the wrong solution, because almost as
soon as i started downloading the update, the error
message re-appeared and the countdown began.
Now the problem that I have is that when it starts to
reboot, it makes it past the checkdisk command, but when
it gets to the next stage, it asks you to select the way
its going to run (as in Safe mode, last known good config
etc) then reboots itself and so on. (thank you if you're
still reading this)
Is there a way to bypass this so that I can continue to
solve the other problems?
Is the original problem actually the worm which I have
noticed from this newsgroup?
Please let me know if you have any advice.
>As I understand, you have received the following error
messages when using
>"This system is shutting down. Please save all work in
progress and log off.
>This shutdown was initiated by NT
>"Windows must restart because the Remote Procedure Call
>This is a known security issue which was first found on
July 15. There is
>currently an Internet Worm that is taking
>advantage of this security issue. Microsoft published
the patch to fix this
>issue on July 16 for all of the affected systems
>on our web site. For more information, please refer to
the following page:
>The resolution to this issue is to clean the worm from
your system and
>install the patch mentioned above. You can find a
>link below to install the patch for Windows XP.
>It is suggested that you first download the patch to your
system so you can
>install the patch immediately after cleaning the
>system and before you reconnect to the Internet or
>In some cases this Worm can cause your system to reboot
and you may have
>difficulties downloading the patch. In those cases
>you need to turn off some ports that the virus uses by
blocking them with
>Firewall software. The ports that may need to be
>blocked are as follows:
>TCP/UDP Port 135
>TCP/UDP Port 139
>TCP/UDP Port 445
>*Note: Port 69 (TFTP) and TCP port 4444 are also in use
by this worm and
>should be blocked.
>The Internet Connection Firewall that comes with Windows
XP will block these
>by default once it is enabled. To enable the
>Internet Connection Firewall that comes with XP do the
>1. In Control Panel, double-click "Networking and
>and then click Network Connections.
>2. Right-click the connection (your internet connection)
on which you would
>like to enable ICF, and then click Properties.
>3. On the Advanced tab, click the box to select the
option to "Protect my co
>mputer or network".
>4. If you want to enable the use of some applications and
>through the firewall, you need to enable them by
>clicking the Settings button, and then selecting the
>and services to be enabled for the ICF
>To Download the patch and remove the Worm do the
>1. Download the patch for your system from the link shown
below these steps.
>Clean the worm from your system you should do one of the
>2. Run your Antivirus software with an updated
>Customers should use some of the online removal tools
>Install the patch:
>3. Run the patch from the location you downloaded it to
in step 1.
>At the same time, we suggest you often go to
>http://www.microsoft.com/security/ and install all
critical updates and
>packs from the Windows Update website:
>In this way, your system is always protected from
>the potential security issues.
>Once again I would like to thank you for contacting
Microsoft Online Support
>Service. I am going to go ahead and close this
>Again, thank you for choosing Microsoft.
>This posting is provided "AS IS" with no warranties, and
confers no rights
>Please note I cannot respond to e-mailed questions.
>Please use these newsgroups to let me know if the
suggestions resolved the
>"silviu" <email@example.com> wrote in message