Authority download nt patch shutdown

Already a member? Close this window and log in. Join Us Close. Join Tek-Tips Forums! Join Us! By joining you are opting in to receive e-mail. Promoting, selling, recruiting, coursework and thesis posting is forbidden. Students Click Here. To all: This is a very hard one to figure out, only that there has been a flurry of these recently. I honestly believe it is a deliberate attack on port that is being launched.

If your system is continuously restarting with this error: Try early and often pounding of the F8 key. You want to use the "Last Known Good" configuration option. If that does not work, I can only guess. If yours is able to do this start there.

If no joy, do a registry replacement. Stay tuned. This is a very hot problem and other than the Hotfix other solutions should become clearer. Avoid any drastic steps for now. Workarounds From Microsoft. Are there any workarounds that can be used to block exploitation of this vulnerability while I am testing or evaluating the patch? Although Microsoft urges all customers to apply the patch at the earliest possible opportunity, there are a number of workarounds that can be applied to help prevent the vector used to exploit this vulnerability in the interim.

It should be noted that these workarounds should be considered temporary measures as they just help block paths of attack rather than correcting the underlying vulnerability. The following sections are intended to provide you with information to help protect your computer from attack. Each section describes the workarounds available depending on your required level of functionality. Block RPC interface ports at your firewall. Port is used to initiate an RPC connection with a remote computer.

In addition, there are other RPC interface ports that could be used by an attacker to remotely exploit this vulnerability. Systems administrators are strongly encouraged to examine RPC ports that are exposed to the Internet and to either block these ports at their firewall, or apply the patch immediately. Internet Connection Firewall. You can disable DCOM for a particular computer to help protect against this vulnerability, but doing so will disable all communication between objects on that computer and objects on other computers.

To reenable DCOM, you will need physical access to that computer. To manually enable or disable DCOM for a computer: 1. Run Dcomcnfg. Open the Computers sub-folder. For the local computer, right click on My Computer and choose Properties. For a remote computer, right click on the Computers folder and choose New then Computer.

Enter the computer name. Right click on that computer name and choose Properties. Choose the Default Properties tab. If you will be setting more properties for the machine, click the Apply button to enable or disable DCOM. Otherwise, click OK to apply the changes and exit Dcomcnfg. Google News has started tracking the problem.

Several articles already. Click Start, and then click Run. The Run dialog box appears. Type regedit Then click OK. The Registry Editor opens. Apply the patch, NOW! Update your virus defintions 3. Do a virus scan 4. Exit the Registry Editor. I found this out after i installed zonealarm: As soon as i started my computer 2 networks tried to connect with my pc and a program called msblast. I am not sure what msblast. I have blocked access from these 2 networks and blaocked the access from msblast to the internet and the problem with RPC are gone Hope this helps Hans.

And patch it with the MS patch. Yeah I allready downloaded it. But is it a virus? It is strange because when i had the problem i formatted my hdd and installed XP. As soon i was in Windows again there problem was there again within 1 minute or so.

Well, maybe this is the attack from Osama they all talk about. I am trying it now. If the machine can boot at all do this quick patch: Do not access the Internet yet First open task manager, find and end the process 'msblast. You can access the internet now. And of course the first thing you should do after doing the quick fix above is: 1. Download and apply the patch 2.

Update your virus definitions 3. Run a thorough virus scan You should be fine now. Note: It might be wise to view all restore points from the day you began having symptoms as suspect, and delete them. Still digging into the details of what's there, but it looks pretty aggressive. Who is Billy? Add itself to registry so the worm restarts upon a reboot. Initializes the attack vector for Windows or Windows XP based on a simple mathematical calculation.

If a vulnerable machine is found, the exploit is launched and the newly infected machine connects back to the scanning machine via TFTP to obtain the worm binary. The binary is executed and the process begins again.

Thus more local scans than remote IPs in your logs. Tnx Bcastner I have everything working here again There is a lot of info on the net now about this but as i said tnx you have been a great help Hans.

Make the registry change, very important. Isn't this was just a message via the internal windows messenger service that remotely shuts down the computer sent by a machine acting as administrator? This is nothing to do with windows messenger by the way. Hope this helps.

The same computer that had this problem files are missing and corrupted and i just wish now I would of just reformated the HDD and install windows but I didn't I want to buy windows XP Pro and reformat and install it but I cant afford it right now.

I do have win 98 SE I want to install on it for now because I cant burn a CD because Nero and I cant uninstall Nero when I try to it says error loading kernal uninstall engine or something because of corrupted DLL files and I cant open printer properties when I try to it says Operation can not be completed or it does nothing at all It's a mess.

Im going to post a new Thread in Windows OS to get some help. Similar threads P. Long ping problems? Replies 2 Views Nov 3, pigeon Issues with power supply. Replies 1 Views 1K. Jul 17, Cubeputer. Random Black Screens on Windows Floobbb Jul 8, Ask a Question. Replies 5 Views 1K. Jul 20, Cubeputer. Then update as necessary, use AV and anti-malware tools to clean up your computer. Hope this helps, Ed.

Boot into safe mode and remove with your anti virus and upgrade your computer to the latest version. How are you just getting this now? Do you not patch your PC patch has been available for ages? Safest way is to download to a USB and then install while off the net. If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem.

Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended. Please note: Do not post advertisements, offensive material, profanity, or personal attacks. Please remember to be considerate of other members. All submitted content is subject to our Terms Of Use. So now what am supposed to do? I need help. Share Flag.