1) While disconnected, open Control Panel -> Administrative Tools -> Services.
2) Find the Remote Procedure Call process and right-click on it and select Properties. [Note: there is also a Remote Procedure Call Locator process--the one you want should be right above it.]
3) Select the Recovery tab and change each of the first three drop boxes to "Take No Action." Click OK and exit out to desktop.
4) Go Online to
http://securityresponse.symantec.com...oval.tool.html and download the FixBLast.exe BLaster worm removal tool. Follow the instructions for its use (may need to reboot and run in Safe Mode once, then reboot and run again in Normal Mode).
Do not forget to disable System Restore before running the utility--future restores may bring back the worm. (Instructions for disabling System Restore available
here.)
5) [Optional, but recommended, step]. Enable the Windows firewall (or another firewall, such as
ZoneAlarm). This should prevent any remaining worms/trojans from accessing the Internet and allow you to complete your download in (relative) peace.
6) Go to Windows Update and download any security patches/critical updates/hotfixes they have for you.
7) You may also wish to navigate to
http://grc.com/freepopular.htm and check out the DCOMbobulate and UnPNP freeware that is available there, as well as many other nifty (and tiny) progs. They tend to disable many security holes M$ left enabled for all us home-based end-Users who want to feel like corporate network administrators and computer programmers all rolled into one.
8) Oh, and once you're finished, go back and restore the original RPC service settings, or at least change it to "Restart Service."
[ January 20, 2004, 04:12: Message edited by: Krsqk ]