My computer keeps kicking off with message, NT Authority System

Remote Procede Call (RPC)
Does anyone have a club what this means?

Thanks

What version of Windows are you running?

http://www.ciac.org/ciac/bulletins/l-126.shtml

L-126: Microsoft Remote Procedure Call (RPC) Server Vulnerability

July 30, 2001 17:00 GMT
--------------------------------------------------------------------------------

PROBLEM: A malformed RPC request can cause a denial of service.
PLATFORM: Those running any of the following products:
Microsoft Exchange Server 5.5
Microsoft Exchange Server 2000
Microsoft SQL Server 7.0
Microsoft SQL Server 2000
Microsoft Windows NT 4.0
Microsoft Windows 2000

DAMAGE: The level of damage could range from minor (e.g., the service temporarily hanging) to major (e.g., the service failing in a way that would require the entire system to be restarted).
SOLUTION: Apply the patches and proper firewalling as indicated in the bulletin.

--------------------------------------------------------------------------------

VULNERABILITY
ASSESSMENT: The risk is LOW. Proper firewalling would help minimize the possibility of attacks by Internet-based users.

Did you get Yahoo Messenger going again? The other day, you said you "upgraded" to a non-working version of the software.

I never got it to work.

Somewhere around here (archived on CDROM) is a full installation .exe of a previous version of Yahoo Messenger. (Not the "call" program that merely downloads on demand... but the actuall FULL installation. Yay.)

As soon as I find it, I'll reinstall.

-- Allen

P.S. ALSO... I discovered that the NEW "improved" version of Yahoo Messenger is just LOADED with ad screens all over the place. Kind of like the NAG WARE screens that you must view for 10 full seconds before the program will start...

Yahoo had nag-ads that you can't close or avoid (pending a crack/mod/patch) and you must allow them to remain on the screen before the chat rooms will appear.

Improvement? I think not. (Oh my! Do I sound angry?... I need to calm down. )

@.

can be spead via cable modem as well as telephone modem?

I thought differently?

"major (e.g., the service failing in a way that would require the entire system to be restarted)."

I have to start (reboot) when the message appears, more frequently each day when I'm online...gives me about 60 seconds to reboot on my own & close programs, or it will reboot on it's own in sixty seconds.

regardless of what type of modem you're using, you can get the blasterworm, if you haven't gotten the windows patch or have a firewall up. On edit: XP is vulnerable to the worm. You can get a worm removal tool here
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

You'll also need to get the patch from microsoft ASAP.
http://v4.windowsupdate.microsoft.com/en/default.asp

Try this to keep your computer from shutting down while you're trying to get the worm out:
4) Change the options for "Remote Procedure Call" to attempt to prevent your computer from automatically restarting.
To change the options:
Click on "Start"
Click on "Settings"
Click on "Control Panel," then "Administrative Tools," then "Services"
In the "Services" window, under the "Name" list, locate "Remote Procedure Call (RPC)"
Right click on "Remote Procedure Call (RPC)"
Select "Properties"
The "Remote Procedure Call (RPC)" box will appear.
At the top of this box, locate and click on the tab labeled "Recovery"
You will see three boxes labeled "First failure" "Second failure" "Subsequent failures"
Each box has a drop down selection.
For each box, change the action to "Take No Action"
Make sure that the option is not the default "Reboot the Computer" These are the instructions my ISP sent to me.


Aside: My ISP has just now blocked several ports to ward off the blasterworm. Nothing like closing the barn door...

Go to norton.com - they did have a fix tool and link to patch.

There are manual removal instr. somewhere on this board (they were at norton as well back then (last week).

Best advice I got is to go to start to run, type "cmd" then ok, type "shutdown>a" at command cursor hit enter- this stops auto shutdown and it allowed me to get fix tool and patch - since i'm on dial-up it really saved me.

click on run

cmd and enter

and that gives you a dos command line

then override the 60's by entering

shutdown -a and enter

the -a is abort as in do not shutdown.

then hit control=alt-delete and in the processes that are running highlight mbalast.exe and delete it (you will not be allowed on microsofts windows update until you do this)

then go to windows update and install the "critical" updates

then get three a fire wall - Tiny firewall or Zone alarm or whatever

get Avast 4 (or any virus software - or use Trends micro's free online virus run)

Get Spybot and Lavasoft's adaware 6.0 - run them

run virus full system - make some tea and return in 20 minutes

Shutdown

now wash up and go to bed.

:-)