Attention: Are you looking for info about the cause of "Remote Procedure Call (RPC)", initiated by NT Authority\System error message that shuts down Windows (you might also see svchost.exe error occasionally)?
It is a virus that started spreading very quickly on August 11, 2003. It works by exploiting unpatched Windows 2000/XP computers. It's been named Lovesan (LovSan, LuvSan) or Blaster.
Use McAfee VirusScan Online to scan your PC for viruses now and prevent such future problems.
Here is additional info about the virus from McAfee: ** MEDIUM VIRUS ALERT - 'LovSan' Worm**
Here is Microsoft's security patch for Windows XP that fixes this dangerous vulnerability allowing anyone to execute any program on your computer across the Internet. Here it is for Windows 2000. If you have a slower connection, you may not be able to download it before your computer shuts down. In this case, look at other options below or use another computer to download it and then copy it over and run it on your computer. Here is more info from Microsoft. You should also regularly use Windows Update.
There are several options to avoid the system shutdown:
-
Go to Start->Control Panel->Administrative Tools->Services->Remote Procedure Call (RPC)->Recovery Tab and choosing "Take No Action" for all three choices.
-
Go to Start->Run, type in shutdown/a, and press Enter.
-
Change the system time back by several hours.
-
Disconnect from the Internet.
Symantec has made available a virus removal tool (more info here).
Another removal option for more advanced users is:
1. Delete msblast.exe (usually found at c:\windows\system32\msblast.exe).
2. Delete the Windows Registry key: "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cu
Make sure to get some sort of anti-virus software, such as McAfee VirusScan to prevent future problems. Where can I get the latest Anti-Virus software?
The remainder of this page describes how Remote Procedure Call (RPC) works, not how the Lovesan virus works.
No comments:
Post a Comment