When you get the shutdown message...
Go to; Start --> Run
enter; shutdown -a
This will halt the shutdown and give you a chance to Download the McAfee worm removal tool,
Stinger:
http://vil.nai.com/vil/stinger/ or the Microsoft Lovsan/Blaster and Nachi/Welchia
Removal Tool
http://www.microsoft.com/downloads/...8B-FE98-493F-AD76-BF673A38B4CF&displaylang=en
and install the following patch for the RPC/RPCSS Buffer Overflow Vulnerability that is
addressed by Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146
Please read:
http://www.microsoft.com/security/incident/blast.asp
You also need a FireWall. If you don't patch the PC and not use a FireWall then you will
just be re-infected.
I also suggest the installation of *ALL* MS Critical Updates ASAP.
In addition:
If you post to UseNet with your TRUE, not a munged, email address then you have invited the
Swen Internet worm [aka; W32/Gibe-F] to visit you.
The Swen is news spelled backwards. The reason it is called this is because the Swen worm
harvests email addresses from UseNet News Groups. It has an engine that allows it to post
itself to UseNet News Groups as well as it has its own email engine. From the list of
email addresses that it has harvested, it will then email itself to those addresses.
Dave
| When I am working on the internet on my home PC, i am frequently
| closed down via an error message in a window in the centre of the
| screen with a !
|
| The message states 'shutdown initiated by NT Authority/System' and
| 'Remote Procedure Call Service Terminated Unexpectedly'.
|
| Any help would be most welcome
|
| Thanks