With a 50 - 50 choice whether to put this under software or hardware, I went for this section - and I'll bet it's wrong!!!!
My brother is having a disaster and I'm beginning to think it's beyond my capabilities of fixing.
When he logs onto his computer, within a very short time (up to 30 seconds), he's getting a pop up telling him that NT Authority/System is shutting down his system because the RPC terminated unexpectedly.
After having done a search, everything seemed to point towards it being the W32 Blaster Worm - but that's an ancient virus. Tried running the virus removal tool for it but it didn't detect the Blaster Worm. Checked the system files for msblast.exe and it's not there. So, I'm guessing that it's not the Blaster Worm.
Been having a bloomin nightmare though. I can terminate the shutdown but I can't get onto the internet at all - apparently the internet explorer files are nowhere to be found.
But if I start up in safe mode - I can get on the internet.
Been trying to install Ad Aware (Lavasoft's website mentions this problem) but I can't get it installed - I keep getting the message that the administrator has set policies to prevent this installation. That's when I try to install in safe mode.
If I start up in normal mode (disabling the shutdown) I still can't install it because it's telling me that it can't be installed because I might be running in safe mode or windows installer isn't working properly!
It's taken me hours just to get a new antivirus on it and update it. Ran that and it came up with two detections - searched for the files to see what they were, but there are no desciptions on the internet for them - so I don't know if it's them or a false positive.
Unfortunately, I went and forgot to disable System Restore before I ran the antivirus, so it's not done anything as yet (one detection is showing up in System and the other in Recycler and I'm sure you've got to disable System Restore to be able to get rid of them out of there).
I've given up the ghost for tonight, but I'll run the antivirus again tomorrow and see if it clears them when I have disabled the System Restore.
Question is - do I quarantine these files or delete them?
And next question is - anybody got any idea what the heck to do next?
My brother is having a disaster and I'm beginning to think it's beyond my capabilities of fixing.
When he logs onto his computer, within a very short time (up to 30 seconds), he's getting a pop up telling him that NT Authority/System is shutting down his system because the RPC terminated unexpectedly.
After having done a search, everything seemed to point towards it being the W32 Blaster Worm - but that's an ancient virus. Tried running the virus removal tool for it but it didn't detect the Blaster Worm. Checked the system files for msblast.exe and it's not there. So, I'm guessing that it's not the Blaster Worm.
Been having a bloomin nightmare though. I can terminate the shutdown but I can't get onto the internet at all - apparently the internet explorer files are nowhere to be found.
But if I start up in safe mode - I can get on the internet.
Been trying to install Ad Aware (Lavasoft's website mentions this problem) but I can't get it installed - I keep getting the message that the administrator has set policies to prevent this installation. That's when I try to install in safe mode.
If I start up in normal mode (disabling the shutdown) I still can't install it because it's telling me that it can't be installed because I might be running in safe mode or windows installer isn't working properly!
It's taken me hours just to get a new antivirus on it and update it. Ran that and it came up with two detections - searched for the files to see what they were, but there are no desciptions on the internet for them - so I don't know if it's them or a false positive.
Unfortunately, I went and forgot to disable System Restore before I ran the antivirus, so it's not done anything as yet (one detection is showing up in System and the other in Recycler and I'm sure you've got to disable System Restore to be able to get rid of them out of there).
I've given up the ghost for tonight, but I'll run the antivirus again tomorrow and see if it clears them when I have disabled the System Restore.
Question is - do I quarantine these files or delete them?
And next question is - anybody got any idea what the heck to do next?
