View Full Version : auto shut down of system
Tom
December 11th 03, 07:29 AM
After about five minutes or so, I've started getting the
message that the system is shutting down automatically.
The message states: "NT Authority\system" it goes on to
explain an unexpected problem with the Remote Proceedure
Call.
What is this all about?
Rick \Nutcase\ Rogers
December 11th 03, 07:29 AM
Hi,
It's a virus called blaster or lovesan. Information:
http://www.kellys-korner-xp.com/xp_qr.htm#rpc
http://vil.nai.com/vil/content/v_100499.htm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
http://www.bigblackglasses.com/Article.aspx?Article=342
You need the patch described here to protect against it:
MS03-039: A Buffer Overrun in RPCSS Could Allow an Attacker to Run Malicious
Programs
http://support.microsoft.com/?kbid=824146
Problem is, you needed to install the patch BEFORE you got infected to avoid
it.
--
Best of Luck,
Rick Rogers aka "Nutcase" MS-MVP - Win9x
Windows isn't rocket science! That's my other hobby!
http://mvp.support.microsoft.com/
Associate Expert - WinXP - Expert Zone
www.microsoft.com/windowsxp/expertzone
Win98 Help - www.rickrogers.org
"Tom" > wrote in message
...
> After about five minutes or so, I've started getting the
> message that the system is shutting down automatically.
> The message states: "NT Authority\system" it goes on to
> explain an unexpected problem with the Remote Proceedure
> Call.
> What is this all about?
Tom
December 11th 03, 07:38 AM
Thanks for the information. I'll try the fix. Your
advise to install the patch is well taken, but I was
ambushed. I have a new computer, new XP Professional, and
new DSL. Must have happened the minute I logged on.
Never saw it coming.
Thanks, Tom
>-----Original Message-----
>Hi,
>
>It's a virus called blaster or lovesan. Information:
>
>http://www.kellys-korner-xp.com/xp_qr.htm#rpc
>http://vil.nai.com/vil/content/v_100499.htm
>http://www.symantec.com/avcenter/venc/data/w32.blaster.wor
m.html
>http://www.bigblackglasses.com/Article.aspx?Article=342
>
>You need the patch described here to protect against it:
>
>MS03-039: A Buffer Overrun in RPCSS Could Allow an
Attacker to Run Malicious
>Programs
>http://support.microsoft.com/?kbid=824146
>
>Problem is, you needed to install the patch BEFORE you
got infected to avoid
>it.
>
>--
>Best of Luck,
>
>Rick Rogers aka "Nutcase" MS-MVP - Win9x
>Windows isn't rocket science! That's my other hobby!
>http://mvp.support.microsoft.com/
>Associate Expert - WinXP - Expert Zone
>www.microsoft.com/windowsxp/expertzone
>Win98 Help - www.rickrogers.org
>
>"Tom" > wrote in
message
...
>> After about five minutes or so, I've started getting the
>> message that the system is shutting down automatically.
>> The message states: "NT Authority\system" it goes on
to
>> explain an unexpected problem with the Remote Proceedure
>> Call.
>> What is this all about?
>
>
>.
>
Rick \Nutcase\ Rogers
December 11th 03, 07:38 AM
Hi Tom,
Very few people saw it coming. My first run in was a friend up the raod
calling me in a panic to fix her machine. Last I knew she was still running
Win95 (and wouldn't have been affected at this point). I got there to find
out that she had just that afternoon received and put together her new Dell,
and was bitten within moments of connecting. I feel really bad for those new
to the 'net, as that kind of experience has got to be real discouraging.
--
Best of Luck,
Rick Rogers aka "Nutcase" MS-MVP - Win9x
Windows isn't rocket science! That's my other hobby!
http://mvp.support.microsoft.com/
Associate Expert - WinXP - Expert Zone
www.microsoft.com/windowsxp/expertzone
Win98 Help - www.rickrogers.org
"Tom" > wrote in message
...
> Thanks for the information. I'll try the fix. Your
> advise to install the patch is well taken, but I was
> ambushed. I have a new computer, new XP Professional, and
> new DSL. Must have happened the minute I logged on.
> Never saw it coming.
> Thanks, Tom
> >-----Original Message-----
> >Hi,
> >
> >It's a virus called blaster or lovesan. Information:
> >
> >http://www.kellys-korner-xp.com/xp_qr.htm#rpc
> >http://vil.nai.com/vil/content/v_100499.htm
> >http://www.symantec.com/avcenter/venc/data/w32.blaster.wor
> m.html
> >http://www.bigblackglasses.com/Article.aspx?Article=342
> >
> >You need the patch described here to protect against it:
> >
> >MS03-039: A Buffer Overrun in RPCSS Could Allow an
> Attacker to Run Malicious
> >Programs
> >http://support.microsoft.com/?kbid=824146
> >
> >Problem is, you needed to install the patch BEFORE you
> got infected to avoid
> >it.
> >
> >--
> >Best of Luck,
> >
> >Rick Rogers aka "Nutcase" MS-MVP - Win9x
> >Windows isn't rocket science! That's my other hobby!
> >http://mvp.support.microsoft.com/
> >Associate Expert - WinXP - Expert Zone
> >www.microsoft.com/windowsxp/expertzone
> >Win98 Help - www.rickrogers.org
> >
> >"Tom" > wrote in
> message
> ...
> >> After about five minutes or so, I've started getting the
> >> message that the system is shutting down automatically.
> >> The message states: "NT Authority\system" it goes on
> to
> >> explain an unexpected problem with the Remote Proceedure
> >> Call.
> >> What is this all about?
> >
> >
> >.
> >
vBulletin® v3.6.4, Copyright ©2000-2012, Jelsoft Enterprises Ltd.