Windows XP restarts randomly

  • Thread starter Thread starter Jaideep Deodhar
  • Start date Start date
J

Jaideep Deodhar

Hello,

I installed Windows XP on a new self assembed PC last
week. Since then, it is giving trouble with Internet
Explorer. A message appears saying that "This system is
being restarted by NT Authority/System because of a
failed remote procedure call".

I have tried to disable the Internet Connection
Firewall. I have also tried to change the system
settings in the control panel (Disable the option to
restart the system). Nothing seems to work.

Would really appreciate any help on this one.....

Best regards,
Jaideep Deodhar
New Delhi
India
 
You have the Blaster Worm. You need to remove it. There
are hundreds of posts on this forum that will tell you
where to find the removal tools.
 
On Fri, 9 Apr 2004 06:45:01 -0700,
You have the Blaster Worm. You need to remove it. There
are hundreds of posts on this forum that will tell you
where to find the removal tools.
Click to expand...

That's a 66% acurate answer.

Yes, it's the RPC crisis, of which Blaster (MSBlast, MSBlaster,
Lovesan) is one exploiter.

No, the PC isn't necessarily infected by Blaster, or anything else.

Yes, you do need to remove any active malware you are likely to have
been infected by, merely by connecting your vulnerable PC to the
Internet (which is the mother of all infected networks).

No, cleaning up the PC is not enough to fix the problem, even if you
do run an av that is always up to date. Your primary protections are
enabling the firewall, and patching the defective RPC code.

No, the constant restarting of the PC whenever you are online is not
caused by Blaster or anything else. The cause is *failed* attempts to
enter the system via the defective RPC service, causing the RPC
service to fail. From there on, the problem escalates to restarting
the whole PC only because the MS duhfault settings are to restart the
PC whenever RPC service fails, and on all system errors.

Out the box, XP is unroadworthy for the Information Highway - you have
to patch it to at least fix the RPC defects. Chronology:
- defect present from at least as far back as NT 4.0 original
- defect persists all the way through to XP
- July 2003: Documented and patched by MS
- August 2003: Widespread malware attacks via the defect
- September 2003: New holes found in patch; updated patch released
- to date; ongoing RPC attack traffic from infected user base

Attack packets crafted for Win2000 will crash XP, and vice versa, if
the original defective RPC code is exposed to attack. So the RPC
failures and reboots are caused by *failed* attempts to infect the PC
before any malware code is present on the system.

That's why antivirus software can't help you with this DoS effect,
whereas a firewall can (by blocking exposure of the defective RPC).


-------------------- ----- ---- --- -- - - - -
Click to expand...
Running Windows-based av to kill active malware is like striking
a match to see if what you are standing in is water or petrol.
 
Back
Top