Shut-Down Error (RPC)

S

Sharon

I will appreciate any help with this problem.

I am running XP Home SP2. After it gets booted up I get an error box that
says:

"Remote Procedure Call (RPC) Service terminated expectedly, initiated by NT
Authority/System and will close"

I have been able to run all the spyware, etc. throughout, as well as the
defrag. and clean-up tools/registry. Other error boxes (all different) pop up
on top of that one which
delays the shutdown allowing maintenance to be run.

Thanks for your help.
 
L

LVTravel

This still sounds like you have a worm on the system. Run all the properly
updated antivirus and other malware checking programs from Safe mode. Some
of the worms that cause this "hide" from the programs when run in normal
mode.
 
D

David H. Lipman

From: "LVTravel" <[email protected]>

| This still sounds like you have a worm on the system. Run all the properly
| updated antivirus and other malware checking programs from Safe mode. Some
| of the worms that cause this "hide" from the programs when run in normal
| mode.


No, it does not.

The OP indicated SP2. SP2 totally mitigates the Lovsan/Blaster or BOT worm using TCP port
135 in a buffer overflow exploit of a vulnerability in the RPC/RPCSS DCOM module of the OS.
The fact is, this worm attack comes form OUTSIDE the PC, not from within. It is only when
the exploit of the vulnerability will the Lovsan/Blaster or BOT worm install itself, with
elevated privileges, on the affected PC.

The fact is a RPC termination causing a shutdown can occur without being based upon a worm
attack on TCP port 135.
 
L

LVTravel

David H. Lipman said:
From: "LVTravel" <[email protected]>

| This still sounds like you have a worm on the system. Run all the
properly
| updated antivirus and other malware checking programs from Safe mode.
Some
| of the worms that cause this "hide" from the programs when run in normal
| mode.


No, it does not.

The OP indicated SP2. SP2 totally mitigates the Lovsan/Blaster or BOT
worm using TCP port
135 in a buffer overflow exploit of a vulnerability in the RPC/RPCSS DCOM
module of the OS.
The fact is, this worm attack comes form OUTSIDE the PC, not from within.
It is only when
the exploit of the vulnerability will the Lovsan/Blaster or BOT worm
install itself, with
elevated privileges, on the affected PC.

The fact is a RPC termination causing a shutdown can occur without being
based upon a worm
attack on TCP port 135.
OK, my suggestion has proven incorrect, what's yours to fix the problem!
 
D

David H. Lipman

From: "LVTravel" <[email protected]>


| OK, my suggestion has proven incorrect, what's yours to fix the problem!
|

Don't have one Sorry!

The OP will have to look up the error on TechNet or the Knowledgebase for other causitive
factors.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top