Member Panel

upgrader

I have just had to recover my computer (kept my files) because of a series of error messages. One which shut down my pc every time i started (why i couldnt talk to you guys). Have a look at the shots in attachments for the errors.

I wonder if anyone can tell me what caused this?

thanks

Bugsey · 07:19 PM

Hmm sorry its taken so long for someone to reply, i'm going to try sorting each problem out ocne at a time

, so i'll start with libexpat.dll, the problem with this is it can be real or it can be spyware, i've just done a check on libexpat.dll - File Information [Is mine authentic?] and mines real just wondered if you could try checking that for me.

The next problem lsass.exe i've read on a forum and found that "Running "shutdown -a" from the run dialog suspends the countdown...
haven't had a problem since."Works but if you don't get a shutdown error i'll look into it more

.

The multimedia card error is by somthing whats plugged into your computer like a multimedia card

.

And the last error

CAUSE

This error message is due to a buffer overrun vulnerability on Windows NT 4.0, 2000, XP, and Server 2003. The RPC service that runs on these systems does not properly check message inputs under certain circumstances. For more detailed information regarding this vulnerability see Microsoft Security Bulletin MS03-010. Note: If an attacker is able to successfully exploit this vulnerability they could gain complete control over a remote computer. This would give the attacker the ability to take any action on the system that they want. For example, an attacker could change web pages, reformat the hard disk, and / or add new users to the local administrators group.
SOLUTION

To resolve this issue in Windows 2000 and XP you will need to perform the following steps:

Change the settings for the Remote Procedure Call (RPC) Service in order to connect to the internet without the computer shutting down
Note: This does not work in every case.
To change these settings you will need to perform the following:
1. Right-click the My Computer icon on the Windows desktop or in the Start menu.
2. Select Manage. The Computer Management window will open.
3. In the left pane, double-click on Services and Applications.
4. Select Services and a list of services should appear.
5. In the right pane, locate the Remote Procedure Call (RPC) service, it will have a Status of "Started". Note: This will be the first in a listing of two Remote Procedure Call (RPS) services.
6. Right-click on the first Remote Procedure Call (RPC) service listed.
7. Select Properties.
8. Select the Recovery tab.
9. Using the drop-down lists, change First failure, Second failure, and Subsequent failures from Restart the Computer to Take No Action.
10. Click on Apply and then OK.
CAUTION: Make sure that you change these settings back after completing the final step to remove the worm.
Verify which service packs have been applied as well as which version of Windows you are running. To do this:
1. Right-click My Computer on the desktop.
2. Select Properties. Operating system information will be listed in the window that comes up. This will include what version of the operating system is running as well as what service packs have been applied to it.
3. The following service packs need to be applied right away: Note: The service pack version will depend on what operating system you have on your computer.
  - If you are running Windows XP version 2002, Service Pack 1 will need to be installed. If this has not been applied to your system you can obtain it by doing one of the following:
    1. If you are on campus, are connecting through our modem pool, or are accessing the campus network through WiscVPN, this can be downloaded from the Electronic Shelf at http://shelf.doit.wisc.edu/PC/WinXP-Fix/xpsp1.
    2. If you connect through DSL, cable modem and / or another internet service provider this can be downloaded from https://www.microsoft.com/WindowsXP/pro/downloads/servicepacks/sp1. Be sure to select the Express Installation.
  - If you are running Windows 2000, you must have at the minimum, Service Pack 2 applied. Please note that Microsoft no longer supports this version and newer service packs such as service pack 3 and 4 are recommended and preferred. If this has not been applied to your system you can obtain it by doing one of the following:
    1. If you are on campus or are connecting through our modem pool service packs 3 and 4 can be downloaded from the Electronic Shelf at http://shelf/PC/W2k-Fix
    2. If you connect through DSL, cable modem and/or another internet service provider this can be downloaded from Windows 2000 Service Packs.

Hope this helped a bit

Good luck

Edit: Yeah reading about it's most likley spyware like hengis said, i would try following his advice but also try mine as well =)

Aw just beat me

upgrader

Thanks for the reply im not sure if you quite realised what i said in my first post but the problem is solved now by recovering my pc with the manufacturer tool. I was just wondering what caused the problem in the first place and how to solve it in the future if it happens again (i hope not).

Anyway i noticed that libexpat.dll is not on my system after recovering nut i do not have contentprotect installed at the moment.

Thanks bugsey

Bugsey

Aw sorry i should of read better

. but i suppose if it ever happend again it could help you

.

upgrader

yes it will help. but hopefully it will never happen again. I hope the new windows vista wont have as many flaws and problems.

Bugsey

Hmmm, i want vista but i would need a whole new system , anyway like you said lets hope you don't have this problem again

Good luck in the future

Jamie

upgrader

ye i am going to get a new pc with vista on and network it with my current pc. When vista is finally released.

Member Panel

Sponsors and Ads

Noticeboard