store problemer

[Illuminant]

har netopp formatert en pc for en kamerat nå og hver gang etter litt tid kommer det en feilmelding som lyder slik.."remote prosedure protocal an error has acoured because of the generic host prosess" eller noe sånt. Så begynner den å telle ned fra 50 før den restarter. Harddisken er helt rein. er det noen som har peilig på hva dette kan være?

 

 

takker og bukker

[Syar-2003]

MSblaster viruset .

Åpne en cmd prompt og kjør kommandoen shutdown -a .

(Abort shutdown )

Fjern blaster viruset (det er enkelt).

 

 

(Kilde:www.pchell.com/virus/msblast.shtml)

Follow these steps in removing the MSBLAST or MSBLASTER worm.

 

1) Disconnect your computer from the local area network or Internet

 

2) Terminate the running program

 

Open the Windows Task Manager by either pressing CTRL+ALT+DEL, selecting the Processes tab or selecting Task Manager and then the process tab on WinNT/2000/XP machines.

Locate one of the following programs (depending on variation), click on it and End Task or End Process

MSBLAST.EXE

PENIS32.EXE

TEEKIDS.EXE

MSPATCH.EXE

MSLAUGH.EXE

ENBIEI.EXE

 

Close Task Manager

3) Install the patches for the DCOM RPC Exploit, you can download the patches from the links below before disconnecting

 

http://www.microsoft.com/downloads/details...&displaylang=en

 

4) Block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed:

 

TCP Port 135, "DCOM RPC"

UDP Port 69, "TFTP"

5) Remove the Registry entries

 

Click on Start, Run, Regedit

In the left panel go to

HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>Current Version>Run

 

In the right panel, right-click and delete the following entry

”windows auto update" = MSBLAST.EXE (variant A)

”windows auto update" = PENIS32.EXE (variant B)

”Microsoft Inet xp.." = TEEKIDS.EXE (variant C)

"Nonton Antivirus"=MSPATCH.EXE (variant E)

"Windows Automation" = "mslaugh.exe" (variant F)

"www.hidro.4t.com"="enbiei.exe" (variant G)

 

 

Close the Registry Editor

6) Delete the infected files (for Windows ME and XP remember to turn off System Restore before searching for and deleting these files to remove infected backed up files as well)

 

Click Start, point to Find or Search, and then click Files or Folders.

 

Make sure that "Look in" is set to (C:\WINDOWS).

 

In the "Named" or "Search for..." box, type, or copy and paste, the file names:

msblast*.* (or other filenames listed above)

 

Click Find Now or Search Now.

 

Delete the displayed files.

 

Empty the Recycle bin, the worm can reinfect even if the files are in the recycle bin.

7) Reboot the computer, reconnect the network, and update your antivirus software, and run a thorough virus scan using your favorite antivirus program.

 

8) Now check for the worm again, if it returns, complete these steps once more until the virus is gone. With the patch in place, the virus wont be able to exploit the system, but sometimes it is difficult to remove the files for good.

[X-Fiesta]

3) Install the patches for the DCOM RPC Exploit, you can download the patches from the links below before disconnecting

 

For å få litt bedre tid til nedlastingen,kan enn bare stille klokka(dobbeltklikke på den i systray) tilbake en time...

 

Har ikke prøvd det selv,bare lest det et sted...

[BompiTerje]

Det skal nesten ingenting til for å få Msblaster på en maskin uten fix for tiden. De første minuttene etter man har lagt inn nytt OS er man helt åpen