Hi Steven - There's a new major worm hitting the Internet currently which
generates these "NT Authority\System" and RPC call errors. You can get more
info about the worm here:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
Complete directions for fixing this can be found here:
http://www.bigblackglasses.com/Article.aspx?Article=342 USE THESE BY
PREFERENCE
but, if you can't get there, here are some minimal fix directions courtesy
of Robear Dyer (aka PA Bear), MVP:
'If you can't stay up and running long enough to read about this exploit and
download the required patches, the following may help:
- Disconnect from the internet and close all running processes.
- Start>Run> type in "services.msc" (w/out the quotes)>OK>Scroll down to
Remote Procedure Call (RPC)>Logon>First Failure>Restart the Service [cribbed
from a post of Kelly's]
- Start>Run>msconfig>Startup> uncheck 'msblast.exe' > OK your way out and
reboot. Double-check that msblast.exe remains unchecked.'
Then/Or:
The following is courtesy of Ron Martell, MVP (modified slightly by me
) ):
This is caused by a new and rapidly spreading virus.
To clear up the "NT Authority\System" and RPC call errors:
1. Go to
http://support.microsoft.com/?kbid=823980 and download the
security patch. If at all possible do this on a clean machine and
copy the patch to a 3.5 inch diskette.
2. Boot the infected machine into Safe Mode (use the F8 key multiple times
before and during the boot menu). Insert the 3.5 inch
diskette with the patch on it and run it. Do not reboot yet.
3. Use Start - Run - MSCONFIG and go to the Startup tab. Locate the
entry for MSBLAST.EXE and clear the checkbox for it.
4. Use Start - Search and check all your hard drives for the file
MSBLAST.EXE and delete all copies of it.
5. Shut down and restart the computer normally.
6. Immediately do an update of your antivirus software and when the
updates are installed do a complete virus scan of your hard drive. So
far Symantec/Norton, Trend Micro (PC-Cillin) and Sophos seems to be
the only major companies with an update for this specific virus (4:30
p.m. PDT 11 Aug 2003) but the others will undoubtedly follow within 24
hours.
Ron Martell Duncan B.C. Canada
--
Microsoft MVP
On-Line Help Computer Service
http://onlinehelp.bc.ca
"The reason computer chips are so small is computers don't eat much."
--
Please respond in the same thread.
Regards, Jim Byrd, MS-MVP
In
