oui oui je connait le gros topic de 70 page et je m'en suis meme servi il ya plusieur mois.
Je n'avais aucun probleme jusqu'a maintenant ou mon pc reboot tout seul avec ce msg :
 

 
je precise que je suis sous 2000 et donc que j'ai installer le correctif du gros topic
ca vient d'ou?

bah blaster

ben je l'ai patcher ce truc

Il ne suffit pas de patcher une seule fois pour etre tranquile, si ta machine est exposée directement sur le net il faut régulièrement mettre à jour ton PC.
 
Dans ton cas tu as "services.exe" qui est out, je chercherais de ce coté dans les alertes virus (chez Symantec ou tout autre éditeur d'AV) pour voir un si un vers / virus provoque ces symptomes.
 
Voici un bulletin concernant une autre faille de RPC, découverte après le bulletin MS03-026 :
 
-----BEGIN PGP SIGNED MESSAGE-----
 
- - -----------------------------------------------------------------
Title:     Buffer Overrun In RPCSS Service Could Allow Code  
           Execution (824146)
Date:      September 10, 2003
Software:  Microsoft Windows NT Workstation 4.0
           Microsoft Windows NT Server(r) 4.0
           Microsoft Windows NT Server 4.0, Terminal Server      
           Edition  
           Microsoft Windows 2000  
           Microsoft Windows XP  
           Microsoft Windows Server 2003  
Impact:    Run code of attacker's choice
Max Risk:  Critical
Bulletin:  MS03-039
 
Microsoft encourages customers to review the Security Bulletins  
at:
     
http://www.microsoft.com/technet/s [...] 03-039.asp  
http://www.microsoft.com/security/ [...] 03-039.asp
 
- - -----------------------------------------------------------------
 
Issue:
======
 
The fix provided by this patch supersedes the one included in  
Microsoft Security Bulletin MS03-026.
 
Remote Procedure Call (RPC) is a protocol used by the Windows  
operating system. RPC provides an inter-process communication  
mechanism that allows a program running on one computer to  
seamlessly access services on another computer. The protocol  
itself is derived from the Open Software Foundation (OSF) RPC  
protocol, but with the addition of some Microsoft specific  
extensions.  
 
There are three identified vulnerabilities in the part of RPCSS  
Service that deals with RPC messages for DCOM activation- two  
that could allow arbitrary code execution and one that could  
result in a denial of service. The flaws result from incorrect  
handling of malformed messages. These particular vulnerabilities  
affect the Distributed Component Object Model (DCOM) interface  
within the RPCSS Service. This interface handles DCOM object  
activation requests that are sent from one machine to another.
 
An attacker who successfully exploited these vulnerabilities  
could be able to run code with Local System privileges on an  
affected system, or could cause the RPCSS Service to fail. The  
attacker could then be able to take any action on the system,  
including installing programs, viewing, changing or deleting  
data, or creating new accounts with full privileges.
 
To exploit these vulnerabilities, an attacker could create a  
program to send a malformed RPC message to a vulnerable system  
targeting the RPCSS Service.
 
Microsoft has released a tool that can be used to scan a network  
for the presence of systems which have not had the MS03-039 patch  
installed. More details on this tool are available in Microsoft  
Knowledge Base article 827363. This tool supersedes the one  
provided in Microsoft Knowledge Base article 826369. If the tool  
provided in Microsoft Knowledge Base Article 826369 is used  
against a system which has installed the security patch provided  
with this bulletin, the superseded tool will incorrectly report  
that the system is missing the patch provided in MS03-026.  
Microsoft encourages customers to run the latest version of the  
tool available in Microsoft Knowledge Base article 827363 to  
determine if their systems are patched.
 
 
Mitigating Factors:
====================
 - Firewall best practices and standard default firewall  
configurations can help protect networks from remote attacks  
originating outside of the enterprise perimeter. Best practices  
recommend blocking all ports that are not actually being used.  
For this reason, most systems attached to the Internet should  
have a minimal number of the affected ports exposed.
 
Risk Rating:
============
 - Critical
 
Patch Availability:
===================
 - A patch is available to fix this vulnerability. Please read  
the Security Bulletins at
 
http://www.microsoft.com/technet/s [...] 03-039.asp  
http://www.microsoft.com/security/ [...] 03-039.asp
 
for information on obtaining this patch.
 
Acknowledgment:
===============
 - eEye Digital Security (http://www.eeye.com/html)
 - NSFOCUS Security Team (http://www.nsfocus.com)
 - Xue Yong Zhi and Renaud Deraison from Tenable Network Security  
   (http://www.tenablesecurity.com)
 
for reporting the buffer overrun vulnerabilities and working with  
us to protect customers.  
- - -----------------------------------------------------------------
 
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS  
PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT  
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING  
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR  
PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS  
BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,  
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL  
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN  
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT  
ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL  
OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.
 
 
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
 
iQEVAwUBP19PE40ZSRQxA/UrAQFL2ggAk84V2SkEsj8r0xW6JoxE9ojVFp8kQLWS
SMYMXP6iEONzJzUGcoX8OLDWG5ncSoJVOSM+84PUCOAFnIZs8eZV8MiOdjm/j2yO
Fv+0bw6foQbsyvFT9Kcckrj/DJAIEnu5EMwVcU1jlkP1rIj6JXaZdC78jpHson2y
AdxBM8altRg1aKplWYVe5vOV0Ya92KUkbKy0khv9xKgNO/PPbno4AdBzkk5s7hqy
NNnhi+lbdZBubzhQkvG+Wj3bAA/onj7SdTAKXuaLEB61c5gDsznwV+d+tHYbZjdm
3BAhoL+b34yteRa3wJrMxgz6+KJLDpUvEUW9DYU9Mlscl3+d1StbNw==
=2u0i
-----END PGP SIGNATURE-----
 
 
*******************************************************************
 
You have received this e-mail bulletin because of your subscription to the Microsoft Product Security Notification Service.  For more information on this service, please visit http://www.microsoft.com/technet/security/notify.asp.
 
To verify the digital signature on this bulletin, please download our PGP key at http://www.microsoft.com/technet/security/notify.asp.
 
To unsubscribe from the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp  
 
If you do not wish to use Microsoft Passport, you can unsubscribe from the Microsoft Security Notification Service via email as described below:
Reply to this message with the word UNSUBSCRIBE in the Subject line.
 
For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site at http://www.microsoft.com/security.