Computer automatically shuts down with error in Remote Procedure Call (RPC) service
A vulnerability in Windows XP, NT, and 2000, in combination with the W32.Blaster.Worm that exploits this vulnerability is causing some computers to shut down automatically with the following error:
"System Shutdown
This shutdown was initiated by NT AUTHORITY/SYSTEM
Windows must now restart because the Remote Procedure Call (RPC) service terminated unexpectedly."
To solve this problem, you will need to take the following steps:
1. Download and install the patch from Microsoft that fixes the vulnerability. The following page has the patches for Windows XP, NT, and 2000:
http://support.microsoft.com/?kbid=823980
If your computer does not stay running long enough to download this patch, you will need to do the download from another computer and place it on a floppy or, if you have a Zip drive, a Zip disk. You can then take this disk to your computer to run the patch.
2. Download and run the following removal tool, which will scan your computer for the W32.Blaster.Worm:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
3. We also suggest that you update your McAfee Virus scan to the latest version for your Operating System at:
http://osusls.osu.edu
Click on "Windows", then "VirusScan".
If you use a different anti-virus software package, updates should be available at the manufacturer's web site.
Current Record: 1383
Create Date: 08-12-2003
Last Reviewed: 11-13-2008
Home
