NT Authority System forces XP shutdown after svchost error

  • Thread starter Thread starter Alvaro de la Ossa
  • Start date Start date
A

Alvaro de la Ossa

I have a desktop with NT Professional 2002. I just got a
dial-up service at home. When connecting to the service,
after a while (sometimes short, sometimes long) the
system stops responding, and an error message appears:

Generic Host Process for Win32 services
FZAppName: svchost.exe
szAppVer: 5.1.2600.0

After that, another message says in Spanish (I have the
spanish version of XP Pro) something like "The system is
shutting down. Save all your work and close the session.
Any unsaved work will be lost. Shutdown has been
initiated by the NT Authority System."

Then a countdown of 1:00 min shows up and the system
shuts down when it reaches 0:00. The system does not
respond to the mouse or keyboard, and won't allow me to
save my unsaved work.

After that, the message "the RPC connection finished
unexpectedly", which I assume refers to the dial-up
connection.

I have searched microsoft's technical support
documentation including their knowledge base and technet,
but can't find anything that will lead me to a
resolution. I have also checked for device/driver
conflicts and nothing seems to be wrong there.

Any ideas or hints on where to look for help on this? I
will appreciate any hint!

Thanks!
 
Greetings --

If you connected the PC to the Internet without having first
installed the KB824146 Hotfix, without having first installed an
antivirus application with current virus definition files, and before
enabling a firewall, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms. It only takes a few seconds of
exposure.

To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.

Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html

W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html

W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html

McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NT Authority\System shutdown 3
NT Authority/RPC termination, TFTP files added in startup 6
LSA shell 3
NT AUTHORITY/SYSTEM 5
Error - System Shutdown 2
NT AUTHORITY QUESTION 2
NT AUTHORITY SYSTEM 3
NT authority /system 4

Back
Top