WinXP/RPCSS exploit disaster

[SlimPickens]

Greetings. Although I've maintained all M$ patches/updates, their flawed RPC service has left a door open on my system and I have a svchost process (RPCSS) running wild and burning up 99% of my cpu cycles. I've repatched to no avail. Is patching supposed to plug all the holes and effectively "fix" the PC? I'm trying to to isolate and kill the intruder (is there one?) but anti-trojan software will take days to run. I can always resort to dropping the bomb on the drive and re-installing but that's my LAST resort. Any of you OS maniacs/hackers have any other options I can try before I employ the "last resort"? Any help/input is appreciated. Regards.

 

[CTho9305]

get an antivirus app and USE IT.

BTW, that's not necessarily a virus.

 

[n0cmonkey]

Symantec (I think) sent out a fix for one of the RPC things. Take a look to see if you can find it. The instructions said that you should run it after patching (or before, I forget) because the patch does not get rid of something on your system.

 

[SlimPickens]

 

[SlimPickens]

Hello, All. Thanks for your input. Just to wrap this thread up: I couldn't discover/kill/or otherwise stop the bandit that stole my RPCSS service. So I re-formatted, re-installed and patched the OS (WinXPpro). I wanted to find out what was really going on but my need for the system took precidence over my curiosity. Thanks again for your responses. Til next time. Regards, Slim

 

[NogginBoink]

Gee, it might have been a buggy RPC app that you installed on the machine and had nothing to do with malicious code....

...but you can jump to any conclusion you'd like.

(In your defense, it's tough to determine what's going on inside those services without hooking up a debugger.)