The funnyest thing started happening today! I was minding my own buisness when svchost.exe crashed!!!! after the anouying little error message went away I thought nothing more of it, until my connection started boogering up as usual, so I tried to press the F1 key (used as a shortcut key to open up the ISP dialup account I created) and it wouldn't show up! I then noticed other strange things, like the control pannel menu was on the wrong side of the window and I couldn't copy files over to another directory. finding this all very strange, I rebooted with a few profaine words going out to mr. M$ -bill gateS everything worked fine, until I was connected for about 10 minutes, again svchost crashes! I now belive someone has found an exploit (Not hard to do!) and is trying to get my face red with anger. I reinstalled windows just to see if that would solve things, and it didn't....
Any resons for windows 2K pro to behave in this manner would be nice to know. any solutions, would be better!
thanks as always everyone for the help!
windows behaving funky! svchost.exe crash, then hell breaks loose!
-
knightofnee1112
- Senior Member
- Posts: 358
- Joined: Tue Jan 29, 2002 1:10 am
- Location: Red Bluff
- Contact:
windows behaving funky! svchost.exe crash, then hell breaks loose!
Heatware: knightofnee1112
AIM: poobmasta
AIM: poobmasta
-
Invisible Evil
- Posts: 1621
- Joined: Tue Oct 02, 2001 9:14 am
- Location: Louisiana
- Contact:
I think good sir your search should start and end in this thread,
http://www.pcabusers.net/forums/showthr ... adid=28960
Good ol FP has your medicine.
http://www.pcabusers.net/forums/showthr ... adid=28960
Good ol FP has your medicine.
-
knightofnee1112
- Senior Member
- Posts: 358
- Joined: Tue Jan 29, 2002 1:10 am
- Location: Red Bluff
- Contact:
-
FlyingPenguin
- Flightless Bird
- Posts: 33162
- Joined: Wed Nov 22, 2000 11:13 am
- Location: Central Florida
- Contact:
Once infected you can't use Windows Update, but you can still download the patch manually. I have a link in the main thread.
The virus is easy to disable, but you need to install the patch first to keep from being r-enfected. Also you may need to enable the XP firewall to keep your system from rebooting while online (it blocks the port 135 attacks).
To remove the virus go to taskmanager, stop the process MSBLAST and then uncheck MSBLAST.EXE from the startup tab in MSCONFIG. Find the MSBLAST.EXE file (it's in \windows\system32) and delete it.
Reboot and check MSCONFIG again to make sure it's still unchecked.
Wouldn't hurt to do a full virus scan afterwards to make sure it's all gone and that some other virus didn't piggy-back.
NOTE: On servers it seems to do a lot more damage - replacing several services.
The virus is easy to disable, but you need to install the patch first to keep from being r-enfected. Also you may need to enable the XP firewall to keep your system from rebooting while online (it blocks the port 135 attacks).
To remove the virus go to taskmanager, stop the process MSBLAST and then uncheck MSBLAST.EXE from the startup tab in MSCONFIG. Find the MSBLAST.EXE file (it's in \windows\system32) and delete it.
Reboot and check MSCONFIG again to make sure it's still unchecked.
Wouldn't hurt to do a full virus scan afterwards to make sure it's all gone and that some other virus didn't piggy-back.
NOTE: On servers it seems to do a lot more damage - replacing several services.
---
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez
“The Government of Spain will not applaud those who set the world on fire just because they show up with a bucket.” - Prime Minister of Spain, Pedro Sánchez
-
Executioner
- Life Member
- Posts: 10354
- Joined: Wed Nov 22, 2000 11:34 am
- Location: Woodland, CA USA