WHAT DO I DO??, PLEASE HELP

  • Thread starter Thread starter M Parsley
  • Start date Start date
M

M Parsley

I came here trying to troubleshoot a problem that just
started this morning. I figured it was just an isolated
problem, but after coming upon these other posts, I am
starting to think otherwise.

Since this morning I have been getting an Error Message
that comes up with a one minute timer for shut down. It
says that Shutdown was initiated by NT Authority\System.
Then the message box says" Your computer must now restart
b/c the RPC (Remote Procedure Call)has terminated
unexpectedly.

Please help me out, I am going crazy trying to figure out
what the problem is or what I have done to cause this. If
you dont have an answer as to what is going on, but have
something else to add please do. ANY thing in addition to
what I know would be most helpful.

I AM BEGGING!! :-)
Me
 
-----Original Message-----
I came here trying to troubleshoot a problem that just
started this morning. I figured it was just an isolated
problem, but after coming upon these other posts, I am
starting to think otherwise.

Since this morning I have been getting an Error Message
that comes up with a one minute timer for shut down. It
says that Shutdown was initiated by NT Authority\System.
Then the message box says" Your computer must now restart
b/c the RPC (Remote Procedure Call)has terminated
unexpectedly.

Please help me out, I am going crazy trying to figure out
what the problem is or what I have done to cause this. If
you dont have an answer as to what is going on, but have
something else to add please do. ANY thing in addition to
what I know would be most helpful.

I AM BEGGING!! :-)
Me
.http://www.microsoft.com/technet/treeview/default.asp? url=/technet/security/bulletin/MS03-026.asp

try this link
Click to expand...
 
That is because you got partial advice. Once you are infected, it is not
enough to just patch.

This is a symptom of the RPC/DCOM exploit as described in Microsoft
security bulletin MS03-026. Go to
http://www.microsoft.com/security/security_bulletins/ms03-026.asp to
read about this vulnerability.

You need to download the Windows critical update patch 823980 and enable
or install a personal firewall to block TCP and UDP ports 135, 139, and
445. The built-in XP firewall will block these ports by default.

Once you download what you need, disconnect from the network, install
your patch, install your firewall and clean the worm from your system.
For msblast.exe removal instructions, read
http://www.bigblackglasses.com/Article.aspx?Article=342.

Once you are sure your system is clean, you can reconnect to the
Internet. It is very important to address this quickly and to disconnect
as soon as possible. Your system is very vulnerable to further exploits
while the worm is present and you do not want your system involved in
the massive denial-of-service attacks that are coming in the next few
days from the masses of compromised systems.

Download, disconnect, patch, firewall, and clean. Then inspect. When
sure, reconnect.
 
Back
Top