Gary Thorn [MVP-Windows Technologies/Xbox]
December 5th 03, 12:13 PM
>-----Original Message-----
>A friend of mine is having a problem with his comp.
>shutting down on him. He sent me this msg of what it
says,
>can anyone help?
>
>This system is shutting down. Please save all work in
>progress and log off. Any unsaved changes will be lost.
>The shutdown was iniated by NT AUTHORITY\SYSTEM
>Windows must now restart because the Remote Procedure
Call
>(RPC) service terminated unexpectedly
>.
This a virus called w32.Blaster.Worm
Patch from Microsoft:
http://tinyurl.com/h84v
More info from MS:
www.microsoft.com/security/incident/blast.asp
-------------------------------
From Symantec Security Response for the virus
w32.Blaster.Worm:
http://tinyurl.com/jozm
-------------------------------
From Kelly - MVP:
Close Windows Explorer, End Process in the Task Manager
for msblast.exe, run
the edit on line 257 then run the patch listed below it:
http://www.kellys-korner-xp.com/xp_tweaks.htm
Windows XP Security Patch: Buffer Overrun In RPC Interface
Could Allow Code
Execution: http://tinyurl.com/ir5h
More information here:
www.kellys-korner-xp.com/xp_qr.htm#rpc
-------------------------------
Install a firewall (software like or hardware like router)
to help prevent future similar issues.
Most users will be using the 32 bit edition of WinXP Home
and Pro.
Hope this helps!
Gary Thorn
MVP-Windows Technologies/Xbox
Associate Expert
More about the Windows XP Expert Zone:
www.microsoft.com/windowsxp/expertzone
More about the MS MVP Program:
http://tinyurl.com/n08
>A friend of mine is having a problem with his comp.
>shutting down on him. He sent me this msg of what it
says,
>can anyone help?
>
>This system is shutting down. Please save all work in
>progress and log off. Any unsaved changes will be lost.
>The shutdown was iniated by NT AUTHORITY\SYSTEM
>Windows must now restart because the Remote Procedure
Call
>(RPC) service terminated unexpectedly
>.
This a virus called w32.Blaster.Worm
Patch from Microsoft:
http://tinyurl.com/h84v
More info from MS:
www.microsoft.com/security/incident/blast.asp
-------------------------------
From Symantec Security Response for the virus
w32.Blaster.Worm:
http://tinyurl.com/jozm
-------------------------------
From Kelly - MVP:
Close Windows Explorer, End Process in the Task Manager
for msblast.exe, run
the edit on line 257 then run the patch listed below it:
http://www.kellys-korner-xp.com/xp_tweaks.htm
Windows XP Security Patch: Buffer Overrun In RPC Interface
Could Allow Code
Execution: http://tinyurl.com/ir5h
More information here:
www.kellys-korner-xp.com/xp_qr.htm#rpc
-------------------------------
Install a firewall (software like or hardware like router)
to help prevent future similar issues.
Most users will be using the 32 bit edition of WinXP Home
and Pro.
Hope this helps!
Gary Thorn
MVP-Windows Technologies/Xbox
Associate Expert
More about the Windows XP Expert Zone:
www.microsoft.com/windowsxp/expertzone
More about the MS MVP Program:
http://tinyurl.com/n08