I Think I Might Have a Virus. Any Ideas on what it is?

[VBD]

Well, I was viewing the website "Computer Stupidities", and suddenly a little box came up that said: "The RPC Service has exited. your machine will reboot in 60 seconds", Then the seconds part counts down and restarts my computer at zero. So, the second time, and third time i'm viewing this website, it does that. I know the reboot part is part of Windows XP, but the RPC Service Exiting could be a virus. Next, After about 3 of these reboots, and I stop using that website. The reboots stop. Then, on start up, it says: "Windows does not know what program to load TFTP98 with". I never installed anything new, so I have no idea how that even got there. I disable it with MSConfig, reboot, and when the computer starts up again, TFTP98 tries to load again. This time, I try to run msconfig. As sxoon as msconfig comes up, it dissapears as if somethihng is trying to shut it down. The same with Ctrl+Alt+Delete, or any other file that controls proccesses. I tried Avast 32(my virus scanner) and it didn't pick up anything. Does anybody have any idea what could be wrong and how to fix it?

[DiGiTaIErRoR]

There was a bug in IE and RPC that let a malicious webpage or even a remote user get Admin privleges on your box.

I'd go get the windows updates.

Then scan your start-ups for trojans.

[DiGiTaIErRoR]

Check out this thread:

http://www.vbforums.com/showthread.p...hreadid=255977

Another user had a similar problem.

Near the bottom is a list of start-up locations.

[VBD]

I'll check it out.

[VBD]

I'm gonna test out safe mode...

[Kasracer]

Originally posted by DiGiTaIErRoR
There was a bug in IE and RPC that let a malicious webpage or even a remote user get Admin privleges on your box.

I'd go get the windows updates.

Then scan your start-ups for trojans.

There is NO BUG in IE that allows this to be done, it is a bug in the RPC service itself.

[DiGiTaIErRoR]

Originally posted by kasracer
There is NO BUG in IE that allows this to be done, it is a bug in the RPC service itself.

There was a bug, which a patch fixes, which would allow a malicious website to execute code on your machine. There is also an exploit to make you download a file, which then can be executed.

[BodwadUK]

You can download a fix from antivirus places

[parksie]

The RPC bug is remotely exploitable.

[Kasracer]

Originally posted by DiGiTaIErRoR
There was a bug, which a patch fixes, which would allow a malicious website to execute code on your machine. There is also an exploit to make you download a file, which then can be executed.

The RPC exploit and anything with IE are NOT related.

[Radames]

Sounds like you have the blaster worm friend. Go to
http://www.microsoft.com/technet/tre.../msblaster.asp

[VBD]

Yup thats exactly what it was.

[wrack]

If you have a good antivirus and firewall then this would have never happened.

[parksie]

Even without them, just patching with the patch that was released at least a week in advance would have saved you.

[VBD]

I'd just formatted my PC cause I hadn't since 2001 when I bought it. I got it before I had time to downlaod all the updates. I probably should have download the Virus patches before SP1...

[Kasracer]

Originally posted by parksie
Even without them, just patching with the patch that was released at least a week in advance would have saved you.

That makes me laugh. A week in advanced? Try 2 months ago. The patch for the RPC exploit was released over 2 months ago