Win32 Services Error

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Technical Support

Bump Topic Topic Closed RSS Feed

Outline · [ Standard ] · Linear+

Win32 Services Error, Win32 Services Encountered A Problem

views

sUBs	Aug 16 2006, 01:17 PM Return to original view \| Post #1
RIP VIP 3,941 posts Joined: Jan 2005	This is not a solution but a query... I'm trying to figure out why so many people are affected recently 1) When was the last time your machines visited Windows Updates? 2) Is auto-updates switched on? 3) Is the Windows Firewall enabled? 4) Does this happen to anyone who has installed 3rd party firewalls like Zone Alarm? 5) Does this happen to anyone who has one of the more powerful antivirus programs onboard? Eg Kaspersky, NOD32 or BitDefender? This post has been edited by sUBs: Aug 16 2006, 01:22 PM
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 01:23 PM Return to original view \| Post #2
RIP VIP 3,941 posts Joined: Jan 2005	For those who havent done it yet, go download the solution profferred by waifaq on post #53 http://forum.lowyat.net/index.php?showtopi...dpost&p=8125519
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 01:32 PM Return to original view \| Post #3
RIP VIP 3,941 posts Joined: Jan 2005	I believe it's a new worm making it's rounds. It's probably exploiting unpatched machines & causing these buffer overruns. You're unaffected because ZA is preventing the worm from getting in. The shutdowns should be more prevalent during the day when more infected machines are on the network. Hehe..try disabling ZA for a few hours & see what happens This post has been edited by sUBs: Aug 16 2006, 01:34 PM
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 01:50 PM Return to original view \| Post #4
RIP VIP 3,941 posts Joined: Jan 2005	QUOTE(blackamikaze) by the way, mine was fix after repair my winxp with cd It's not fixed. It just hasn't manifested itself yet QUOTE(Grimwrath) Yes, i have zone alarm But is it configured properly? The best locks are only good if you use them properly. Most fellas end up opening multiple ports for online games, BT or whatever. Can you pass this test? http://www.grc.com/x/ne.dll?rh1dkyd2 This post has been edited by sUBs: Aug 16 2006, 01:51 PM
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 02:12 PM Return to original view \| Post #5
RIP VIP 3,941 posts Joined: Jan 2005	Patch your machines with the latest updates. That should stop it. Re-enable autoupdates. It's that easy
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 03:29 PM Return to original view \| Post #6
RIP VIP 3,941 posts Joined: Jan 2005	Just for a lark. I have had my firewall down on my machine since yesterday evening. It's a fully patched machine. Havent got attacked by the worm but I suppose it couldnt make it's way through the router's hardware firewall. Can't lower that or the other machines in my network will be affected. This post has been edited by sUBs: Aug 16 2006, 03:31 PM
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 03:32 PM Return to original view \| Post #7
RIP VIP 3,941 posts Joined: Jan 2005	QUOTE(goodforlife) i already updated with patches.. but it still dun work Are you fully patched?
Card PM	Report Top Like Quote Reply

sUBs	Aug 16 2006, 07:41 PM Return to original view \| Post #8
RIP VIP 3,941 posts Joined: Jan 2005	Interesting report here.. but I dont think it's related http://news.zdnet.com/2100-1009_22-6106039...=feed&subj=zdnn
Card PM	Report Top Like Quote Reply

sUBs	Aug 17 2006, 03:26 PM Return to original view \| Post #9
RIP VIP 3,941 posts Joined: Jan 2005	QUOTE sUBs, is the solution in post #53 the final definite solution? A fully patched system is mandatory if you plan to use the internet. Who knows when some other worm with a new exploit will come along? Stay safe & patch your systems. The updates are free. It's that easy
Card PM	Report Top Like Quote Reply

sUBs	Aug 18 2006, 05:53 PM Return to original view \| Post #10
RIP VIP 3,941 posts Joined: Jan 2005	Read these... MS06-040 exploit in the wild - http://isc.sans.org/diary.php?storyid=1592 Mocbot/MS06-040 IRC Bot Analysis - http://www.lurhq.com/mocbot-ms06040.html * http://msmvps.com/blogs/harrywaldron/archi.../13/107522.aspx QUOTE A generic IRCbot called MocBot by some AV vendors has been adpated to use a recently developed MS06-040 exploit. The Windows MS06-040 patch fixes critical security issues for a recently discovered "Server" service vulnerability. This protective patch was issued on August 8th by Microsoft. Now five days later, this new IRC-MocBot attack is now in the wild. It will automatically affect unpatched W/2000 systems (unless firewall controls to block ports 139 and 445 are in place). This IRCbot can also potentially spread through AOL Instant messaging traffic. On infected systems, it hides as a Windows Genuine Advantage (WGA) Registration service and instability will result with improper removal. Finally, Trend is reporting a 2nd variant so this new malware model may be adaptable to creating new variants to bypass AV detection as it emerges. Please install all available Microsoft security updates (esp. MS06-040) for the best level of protection. Get the patch - http://www.microsoft.com/technet/security/...n/MS06-040.mspx This post has been edited by sUBs: Aug 18 2006, 06:06 PM
Card PM	Report Top Like Quote Reply

sUBs	Aug 21 2006, 09:48 PM Return to original view \| Post #11
RIP VIP 3,941 posts Joined: Jan 2005	QUOTE sUBs, i think this topic shall be temporarily pinned up due to it is not affecting one user but a batch of users..... Thread pinned
Card PM	Report Top Like Quote Reply

« Next Oldest · Technical Support · Next Newest »

Topic ClosedOptions

Change to:

0.0176sec

0.42

7 queries

GZIP Disabled
Time is now: 12th December 2025 - 11:31 AM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.