Billy said:
My computer randomly shutsdown. A message comes up that
gives me 60 seconds to close any programs. It says it
was initiated by NT Authority\System. It also says
something about a Remote Procedure Call. How can I keep
this from happening.
You have the Blaster worm.
1st to stop the RPC error so it doesn't interupt you while your making
repairs:
Start | Run | services.msc /s
Scroll down to "Remote Proceedure Call (RPC)" NOT (RPC) Locator
Right click and select properties
Under the "Recovery" Tab change all failures from "Restart the Computer" to
"Restart the Service"
This will keep the RPC from coming up.
Disable msblast.exe in task manager.
Ctrl+Alt+Del | Processes | Right click msblast.exe and click "End Process"
Download the Blaster Security Patch at:
http://www.microsoft.com/security/incident/blast.asp
Download AdAware & Spybot S & D:
AdAware:
www.lavasoftusa.com/software/adaware/
Spybot S & D:
www.safer-networking.org/
Disconnect from the internet
Run AdAware & Spybot
Run the Security Patch you downloaed earlier.
Make sure you have a firewall and AV software enabled and updated.
As long as you downloded and ran the patch above Blaster shouldn't come back
but there are plenty of others that can find your computer in minutes.
Change the RPC back to "Restart the Computer" the same as you did above.
Reconnect to the Internet and download the rest of the Microsoft Update
Security Patches.
--
kwoyach[SPAM]53954@yahoo[SPAM].com
TO Email: Remove [SPAM]
If I can help you I will.
If you can help me thanks.
--
**Useful Links**
AdAware:
www.lavasoftusa.com/software/adaware/
Spybot S & D:
www.safer-networking.org/
Check for Parasites/Worms:
www.gemal.dk/browserspy/parasites.html
CWShredder:
http://www.spywareinfo.com/~merijn/downloads.html