Solved

Error

Posted on 2008-11-03
9
472 Views
Last Modified: 2013-11-22
Get below mentioned error, this are the details from Event Viewer Application section.
When i get this error my internet stops working.
I'm unable to disconnect also when this happens.
Only option remains is to restart the system.

What u experts think is it ISP problem or my system or OS problem?

I have broadband connection.
OS: Windows XP Corporate Edition SP2
Antivirus: AVG 8 Free Updated

Details of Error:-
Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date: 11/2/2008
Time: 9:15:07 PM
User: N/A
Computer: BLACKTHUNDER
Description:
Faulting application svchost.exe, version 5.1.2600.2180, faulting module netapi32.dll, version 5.1.2600.2952, fault address 0x00018809.

1.GIF
2.GIF
0
Comment
Question by:VINOD MORE
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 22867890
Just a quick question have you updated to the ms08-067 security patch that was just released?
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 22867965
The reason I am asking this is because this update patches this netapi32.dll and the newest version is 5.1.2600.2976

0
 
LVL 1

Author Comment

by:VINOD MORE
ID: 22868661
Downloaded, i'll patch it.
But started getting this problem from last one week.
0
 
LVL 22

Expert Comment

by:orangutang
ID: 22869261
You can also update to SP3.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 12

Expert Comment

by:jahboite
ID: 22875258
xxdcmast is quite correct, this is the MS08-067 vulnerability being exploited and, in the cases of the event log entries failing causing the svchost.exe (probably the Server Service) to crash.

What you don't see is whether there were any successful attempts to exploit this vulnerability.  I'm not completely certain, but I think it unlikely that your Anti-Virus solution would detect and prevent such exploits and so you perhaps should assume that there was a successful exploit and that you may be running malware dropped by Trojan-Spy:W32/Gimmiv.A or Exploit.Win32.MS08-067.g
http://www.f-secure.com/weblog/archives/00001526.html
http://asert.arbornetworks.com/2008/11/ms08-067-used-to-drop-ddos-bots/

As well as patching your box I'd advise you to head to an online virus scanner of one of the companies who are currently detecting these exploits, such as
http://support.f-secure.com/enu/home/ols.shtml
http://us.mcafee.com/root/mfs/default.asp
0
 
LVL 12

Expert Comment

by:jahboite
ID: 22875264
By the way, are you using a firewall?
0
 
LVL 1

Author Comment

by:VINOD MORE
ID: 22875535
Its home PC. No Firewall. jahboite
0
 
LVL 12

Accepted Solution

by:
jahboite earned 500 total points
ID: 22876084
If you are really not using a firewall and you are not behind a device that perfoms Network Address Translation (thereby preventing connections to your windows machine initiated by hosts on the internet) then you are exposing your computer to numerous threats from the internet - not just the MS08-067 worms.

I'd advise heading to https://www.grc.com/x/ne.dll?bh0bkyd2 , read the blurb before Proceeding and then perform an "All Service Ports" scan.  This will show you whether your public interface to the internet responds to connection attempts from the internet and any services that might be exposed.

For instance, if TCP port 445 is marked as Open then there's all sorts of information about your computer available to anybody that connects to that port and is also one of the ports used by the MS08-067 worms.
0
 
LVL 1

Author Closing Comment

by:VINOD MORE
ID: 31512720
Thanks
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now