"Remote Procedure Call terminated" problem

[Blomberg]

Hmm, not entirely sure what it is, but I know the RPC port (135, IIRC) is often exploited by script kiddies and the likes.

And with the recent warnings about a massive attack building up, I'd take precautions in that regard, eg. install a firewall or not use Windows  :-P

[Blomberg]

Another filename to keep an eye out for is msmsgri32.exe

I just found that on my sister's computer as i was setting it up for her new adsl connection, it was causing a lot of 'red' traffic in the outgoing direction.

Didn't think it was related to this attack until Vincent here found the exact same one, i repeat: msmsgri32.exe - get rid of it  :-)

[Blomberg]

Vincent wrote:
edit: if you have Win2k, try to find someone with WinXP and copy their msconfig - it works on Win2k aswell :-)

Arr arr and a barrel of rum!  :-D

[Blomberg]

Kees wrote:
It got to me too ... grrrr

Hmm, "Senior Webmaster gets victimised by mere trojan"  :-o

Tsk tsk tsk ...


 :-D

[Blomberg]

Calen wrote:
Seems to be a very common thing of late, you can directly test if you at risk with this by clicking
here  (port 135 on your comp will be probed)

This link will instantly and easily test anyone's Internet-connected PC. "Open" is BAD, "Closed" or "Stealth" is safe.
 
Lots of other security tests can be performed at the main Shields Up page which we all had fun time? on IRC doing last night :-)

Seems to me that test isn't very reliable.
I probed my ports several times without changing any firewall settings, and still I got different results on some ports (some times closed, some times stealthed), but at least they didn't appear to be open  :-)

[Blomberg]

Vincent wrote:
.... Firewall and set it up to block port 135.

All is done, all is good :-D

.....

until the next time :-x

Cheers for the help :-)

Did you check ports 3330-3332 and 3362?