Generic host process for win32 services has encountered a problem and needs to c

[John]

My 74-year old German friend here in Florida is having a
problem with his relatively new PC. After working in any
application, a shutdown message appears "Generic host
process for win32 services has encountered a problem and
needs to close" Other screen text includes "Initiated by
NT authority system" "Remote procedure call RPC
terminated." XP (Home Edition) then begins the 60-second
shutdown clock urging him to save work or lose it.

This happens every time he works on the machine. It is
not on a network and he is using BellSouth as an ISP. The
message appears consistantly after 5 minutes of reading
mail or using IE. Updated Norton virus scanning has
detected nothing on his machine. Thoughts?

 

[Nicholas]

John --

Apparently, your friend's computer has an unwelcome visitor (VIRUS) known
as the WM32 Blaster/Lovsan WORM.

It entered the computer through the internet connection because the "firewall"
was not properly enabled and essential critical updates were not installed from
the Windows Update website. For instructions on fixing the problem, visit:

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

Remove W32.MSBlast.Worm
http://www.kellys-korner-xp.com/xp_qr.htm#rpc

Blaster Worm: Critical Security Patch for Windows XP (32-bit version)
http://microsoft.com/downloads/deta...6C-C5B6-44AC-9532-3DE40F69C074&displaylang=en

If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.

Then immediately turn-on Windows XP's built-in Firewall:

How do I turn on the Firewall?
http://www.andyrathbone.com/tips/firewall.html


**** IMPORTANT ****

Visit this web site if you experience difficulty installing
Windows XP Security Patch 823980:

How To Fix The Cryptographic Service Error
http://www.updatexp.com/cryptographic-service.html



--
Nicholas

----------------------------------------------------------------------

|
| My 74-year old German friend here in Florida is having a
| problem with his relatively new PC. After working in any
| application, a shutdown message appears "Generic host
| process for win32 services has encountered a problem and
| needs to close" Other screen text includes "Initiated by
| NT authority system" "Remote procedure call RPC
| terminated." XP (Home Edition) then begins the 60-second
| shutdown clock urging him to save work or lose it.
|
| This happens every time he works on the machine. It is
| not on a network and he is using BellSouth as an ISP. The
| message appears consistantly after 5 minutes of reading
| mail or using IE. Updated Norton virus scanning has
| detected nothing on his machine. Thoughts?

 

[babu]

hallo John
I also had the same problem & seemingly removed blaster32

Kelly advised me restart the RPC(after 1st failure);; I

restarted it;; Now again I saw a doc in symantec removal
page 2 rechange all after removing worm;; so < I again
turned RPC off;;
Now what 2 do? keep it off /on?
Kelly seems 2 be busy elsewhere ;not replying
I use winXP;;outlook6;; intel pentium4
can u help?
regards
babu

 

[KevC]

John --

Apparently, your friend's computer has an unwelcome visitor (VIRUS)
known
as the WM32 Blaster/Lovsan WORM.

It entered the computer through the internet connection because the
"firewall"
was not properly enabled and essential critical updates were not
installed from
the Windows Update website. For instructions on fixing the problem,
visit:

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

Remove W32.MSBlast.Worm
http://www.kellys-korner-xp.com/xp qr.htm#rpc

Blaster Worm: Critical Security Patch for Windows XP (32-bit version)
http://microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC
-9532-3DE40F69C074&displaylang=en

If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.

Then immediately turn-on Windows XP's built-in Firewall:

How do I turn on the Firewall?
http://www.andyrathbone.com/tips/firewall.html


**** IMPORTANT ****

Visit this web site if you experience difficulty installing
Windows XP Security Patch 823980:

How To Fix The Cryptographic Service Error
http://www.updatexp.com/cryptographic-service.html



--
Nicholas

----------------------------------------------------------------------

|
| My 74-year old German friend here in Florida is having a
| problem with his relatively new PC. After working in any
| application, a shutdown message appears "Generic host
| process for win32 services has encountered a problem and
| needs to close" Other screen text includes "Initiated by
| NT authority system" "Remote procedure call RPC
| terminated." XP (Home Edition) then begins the 60-second
| shutdown clock urging him to save work or lose it.
|
| This happens every time he works on the machine. It is
| not on a network and he is using BellSouth as an ISP. The
| message appears consistantly after 5 minutes of reading
| mail or using IE. Updated Norton virus scanning has
| detected nothing on his machine. Thoughts?

Associated dialog found in appcompat:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="SYSTEM INFO" FILTER="GRABMI_FILTER_SYSTEM">
<MATCHING_FILE NAME="advapi32.dll" SIZE="558080"
CHECKSUM="0x7B6E5DDA" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Advanced Windows 32 Base API"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="advapi32.dll" INTERNAL_NAME="advapi32.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9315E"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="gdi32.dll" SIZE="250368"
CHECKSUM="0x29850525" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="GDI Client DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="gdi32" INTERNAL_NAME="gdi32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x4285C" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:39" UPTO_LINK_DATE="08/29/2002 10:40:39" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="kernel32.dll" SIZE="930304"
CHECKSUM="0xCBCCF8A9" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Windows NT BASE API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE7ED3"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ntdll.dll" SIZE="654336"
CHECKSUM="0xC568C00F" BIN_FILE_VERSION="5.1.2600.1217"
BIN_PRODUCT_VERSION="5.1.2600.1217" PRODUCT_VERSION="5.1.2600.1217"
FILE_DESCRIPTION="NT Layer DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1217 (xpsp2.030429-2131)"
ORIGINAL_FILENAME="ntdll.dll" INTERNAL_NAME="ntdll.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA5841"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1217"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1217" LINK_DATE="05/01/2003
23:56:10" UPTO_LINK_DATE="05/01/2003 23:56:10" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ole32.dll" SIZE="1172992"
CHECKSUM="0x59FABDBE" BIN_FILE_VERSION="5.1.2600.1263"
BIN_PRODUCT_VERSION="5.1.2600.1263" PRODUCT_VERSION="5.1.2600.1263"
FILE_DESCRIPTION="Microsoft OLE for Windows" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1263 (xpsp2.030819-2129)"
ORIGINAL_FILENAME="OLE32.DLL" INTERNAL_NAME="OLE32.DLL"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1248AC"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1263"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1263" LINK_DATE="08/25/2003
18:53:42" UPTO_LINK_DATE="08/25/2003 18:53:42" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="oleaut32.dll" SIZE="569344"
CHECKSUM="0x276CFFB1" BIN_FILE_VERSION="3.50.5016.0"
BIN_PRODUCT_VERSION="3.50.5016.0" PRODUCT_VERSION="3.50.5016.0"
FILE_DESCRIPTION="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" FILE_VERSION="3.50.5016.0"
INTERNAL_NAME="OLEAUT32.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft
Corp. 1993-1999." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32"
PE_CHECKSUM="0x999AF" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="3.50.5016.0"
UPTO_BIN_PRODUCT_VERSION="3.50.5016.0" LINK_DATE="08/29/2002 10:40:34"
UPTO_LINK_DATE="08/29/2002 10:40:34" VER_LANGUAGE="English (United
States) [0x409]" />
<MATCHING_FILE NAME="shell32.dll" SIZE="8240640"
CHECKSUM="0x1D64017A" BIN_FILE_VERSION="6.0.2800.1233"
BIN_PRODUCT_VERSION="6.0.2800.1233" PRODUCT_VERSION="6.00.2800.1233"
FILE_DESCRIPTION="Windows Shell Common Dll" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="6.00.2800.1233 (xpsp2.030604-1804)"
ORIGINAL_FILENAME="SHELL32.DLL" INTERNAL_NAME="SHELL32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x7E4A55"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1233"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1233" LINK_DATE="06/11/2003
20:43:47" UPTO_LINK_DATE="06/11/2003 20:43:47" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="user32.dll" SIZE="528896"
CHECKSUM="0xA4520BB9" BIN_FILE_VERSION="5.1.2600.1134"
BIN_PRODUCT_VERSION="5.1.2600.1134" PRODUCT_VERSION="5.1.2600.1134"
FILE_DESCRIPTION="Windows XP USER API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1134 (xpsp2.020921-0842)"
ORIGINAL_FILENAME="user32" INTERNAL_NAME="user32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x8D044" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1134"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1134" LINK_DATE="11/01/2002
23:26:44" UPTO_LINK_DATE="11/01/2002 23:26:44" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="wininet.dll" SIZE="599040"
CHECKSUM="0xBEF20B21" BIN_FILE_VERSION="6.0.2800.1106"
BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106"
FILE_DESCRIPTION="Internet Extensions for Win32"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="6.00.2800.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="wininet.dll" INTERNAL_NAME="wininet.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x96179"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002
10:40:28" UPTO_LINK_DATE="08/29/2002 10:40:28" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="winsock.dll" SIZE="2864"
CHECKSUM="0x73AE8088" BIN_FILE_VERSION="3.10.0.103"
BIN_PRODUCT_VERSION="3.10.0.103" PRODUCT_VERSION="3.10"
FILE_DESCRIPTION="Windows Socket 16-Bit DLL" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows(TM) Operating System"
FILE_VERSION="3.10" ORIGINAL_FILENAME="WINSOCK.DLL"
INTERNAL_NAME="WINSOCK" LEGAL_COPYRIGHT="Copyright © Microsoft Corp.
1981-1996" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001"
VERFILETYPE="0x2" MODULE_TYPE="WIN16" S16BIT_DESCRIPTION="BSD Socket
API for Windows" S16BIT_MODULE_NAME="WINSOCK"
UPTO_BIN_FILE_VERSION="3.10.0.103"
UPTO_BIN_PRODUCT_VERSION="3.10.0.103" VER_LANGUAGE="English (United
States) [0x409]" />
</EXE>
</DATABASE>

Associated dialog found in manifest:

Server=watson.microsoft.com
UI LCID=1033
Flags=623378
Brand=WINDOWS
TitleName=Generic Host Process for Win32 Services
DigPidRegPath=HKLM\Software\Microsoft\Windows
NT\CurrentVersion\DigitalProductId
ErrorText=If you were in the middle of something, the information you
were working on might be lost.
Stage1URL=
Stage1URL=/StageOne//0_0_0_0/unknown/0_0_0_0/00000000.htm
Stage2URL=
Stage2URL=/dw/stagetwo.asp?szAppName=&szAppVer=0.0.0.0&szModName=unknown&szModVer=0.0.0.0&offset=00000000
DataFiles=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.mdmp|C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\appcompat.txt
Heap=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.hdmp
ErrorSubPath=\0.0.0.0\unknown\0.0.0.0\00000000

All I did was repair my XP installation and the issue went away. I'm
always protected by McAfee VirusScan 8.0 and did NOT install
Blaster.worm patch til AFTER my XP repairs. Blaster worm was never
found on my system. BEWARE! I received an "official looking" email
from Microsoft with an attached "patch" for viruses. Obviously, VS8
deleted this attachment without hesitation.

The problem, for me anyway, is fixed. Good luck.

 

[KevC]

John --

Apparently, your friend's computer has an unwelcome visitor (VIRUS)
known
as the WM32 Blaster/Lovsan WORM.

It entered the computer through the internet connection because the
"firewall"
was not properly enabled and essential critical updates were not
installed from
the Windows Update website. For instructions on fixing the problem,
visit:

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

Remove W32.MSBlast.Worm
http://www.kellys-korner-xp.com/xp qr.htm#rpc

Blaster Worm: Critical Security Patch for Windows XP (32-bit version)
http://microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC
-9532-3DE40F69C074&displaylang=en

If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.

Then immediately turn-on Windows XP's built-in Firewall:

How do I turn on the Firewall?
http://www.andyrathbone.com/tips/firewall.html


**** IMPORTANT ****

Visit this web site if you experience difficulty installing
Windows XP Security Patch 823980:

How To Fix The Cryptographic Service Error
http://www.updatexp.com/cryptographic-service.html



--
Nicholas

----------------------------------------------------------------------

|
| My 74-year old German friend here in Florida is having a
| problem with his relatively new PC. After working in any
| application, a shutdown message appears "Generic host
| process for win32 services has encountered a problem and
| needs to close" Other screen text includes "Initiated by
| NT authority system" "Remote procedure call RPC
| terminated." XP (Home Edition) then begins the 60-second
| shutdown clock urging him to save work or lose it.
|
| This happens every time he works on the machine. It is
| not on a network and he is using BellSouth as an ISP. The
| message appears consistantly after 5 minutes of reading
| mail or using IE. Updated Norton virus scanning has
| detected nothing on his machine. Thoughts?

Associated dialog found in appcompat:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="SYSTEM INFO" FILTER="GRABMI_FILTER_SYSTEM">
<MATCHING_FILE NAME="advapi32.dll" SIZE="558080"
CHECKSUM="0x7B6E5DDA" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Advanced Windows 32 Base API"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="advapi32.dll" INTERNAL_NAME="advapi32.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9315E"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="gdi32.dll" SIZE="250368"
CHECKSUM="0x29850525" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="GDI Client DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="gdi32" INTERNAL_NAME="gdi32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x4285C" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:39" UPTO_LINK_DATE="08/29/2002 10:40:39" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="kernel32.dll" SIZE="930304"
CHECKSUM="0xCBCCF8A9" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Windows NT BASE API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE7ED3"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ntdll.dll" SIZE="654336"
CHECKSUM="0xC568C00F" BIN_FILE_VERSION="5.1.2600.1217"
BIN_PRODUCT_VERSION="5.1.2600.1217" PRODUCT_VERSION="5.1.2600.1217"
FILE_DESCRIPTION="NT Layer DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1217 (xpsp2.030429-2131)"
ORIGINAL_FILENAME="ntdll.dll" INTERNAL_NAME="ntdll.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA5841"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1217"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1217" LINK_DATE="05/01/2003
23:56:10" UPTO_LINK_DATE="05/01/2003 23:56:10" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ole32.dll" SIZE="1172992"
CHECKSUM="0x59FABDBE" BIN_FILE_VERSION="5.1.2600.1263"
BIN_PRODUCT_VERSION="5.1.2600.1263" PRODUCT_VERSION="5.1.2600.1263"
FILE_DESCRIPTION="Microsoft OLE for Windows" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1263 (xpsp2.030819-2129)"
ORIGINAL_FILENAME="OLE32.DLL" INTERNAL_NAME="OLE32.DLL"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1248AC"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1263"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1263" LINK_DATE="08/25/2003
18:53:42" UPTO_LINK_DATE="08/25/2003 18:53:42" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="oleaut32.dll" SIZE="569344"
CHECKSUM="0x276CFFB1" BIN_FILE_VERSION="3.50.5016.0"
BIN_PRODUCT_VERSION="3.50.5016.0" PRODUCT_VERSION="3.50.5016.0"
FILE_DESCRIPTION="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" FILE_VERSION="3.50.5016.0"
INTERNAL_NAME="OLEAUT32.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft
Corp. 1993-1999." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32"
PE_CHECKSUM="0x999AF" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="3.50.5016.0"
UPTO_BIN_PRODUCT_VERSION="3.50.5016.0" LINK_DATE="08/29/2002 10:40:34"
UPTO_LINK_DATE="08/29/2002 10:40:34" VER_LANGUAGE="English (United
States) [0x409]" />
<MATCHING_FILE NAME="shell32.dll" SIZE="8240640"
CHECKSUM="0x1D64017A" BIN_FILE_VERSION="6.0.2800.1233"
BIN_PRODUCT_VERSION="6.0.2800.1233" PRODUCT_VERSION="6.00.2800.1233"
FILE_DESCRIPTION="Windows Shell Common Dll" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="6.00.2800.1233 (xpsp2.030604-1804)"
ORIGINAL_FILENAME="SHELL32.DLL" INTERNAL_NAME="SHELL32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x7E4A55"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1233"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1233" LINK_DATE="06/11/2003
20:43:47" UPTO_LINK_DATE="06/11/2003 20:43:47" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="user32.dll" SIZE="528896"
CHECKSUM="0xA4520BB9" BIN_FILE_VERSION="5.1.2600.1134"
BIN_PRODUCT_VERSION="5.1.2600.1134" PRODUCT_VERSION="5.1.2600.1134"
FILE_DESCRIPTION="Windows XP USER API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1134 (xpsp2.020921-0842)"
ORIGINAL_FILENAME="user32" INTERNAL_NAME="user32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x8D044" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1134"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1134" LINK_DATE="11/01/2002
23:26:44" UPTO_LINK_DATE="11/01/2002 23:26:44" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="wininet.dll" SIZE="599040"
CHECKSUM="0xBEF20B21" BIN_FILE_VERSION="6.0.2800.1106"
BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106"
FILE_DESCRIPTION="Internet Extensions for Win32"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="6.00.2800.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="wininet.dll" INTERNAL_NAME="wininet.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x96179"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002
10:40:28" UPTO_LINK_DATE="08/29/2002 10:40:28" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="winsock.dll" SIZE="2864"
CHECKSUM="0x73AE8088" BIN_FILE_VERSION="3.10.0.103"
BIN_PRODUCT_VERSION="3.10.0.103" PRODUCT_VERSION="3.10"
FILE_DESCRIPTION="Windows Socket 16-Bit DLL" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows(TM) Operating System"
FILE_VERSION="3.10" ORIGINAL_FILENAME="WINSOCK.DLL"
INTERNAL_NAME="WINSOCK" LEGAL_COPYRIGHT="Copyright © Microsoft Corp.
1981-1996" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001"
VERFILETYPE="0x2" MODULE_TYPE="WIN16" S16BIT_DESCRIPTION="BSD Socket
API for Windows" S16BIT_MODULE_NAME="WINSOCK"
UPTO_BIN_FILE_VERSION="3.10.0.103"
UPTO_BIN_PRODUCT_VERSION="3.10.0.103" VER_LANGUAGE="English (United
States) [0x409]" />
</EXE>
</DATABASE>

Associated dialog found in manifest:

Server=watson.microsoft.com
UI LCID=1033
Flags=623378
Brand=WINDOWS
TitleName=Generic Host Process for Win32 Services
DigPidRegPath=HKLM\Software\Microsoft\Windows
NT\CurrentVersion\DigitalProductId
ErrorText=If you were in the middle of something, the information you
were working on might be lost.
Stage1URL=
Stage1URL=/StageOne//0_0_0_0/unknown/0_0_0_0/00000000.htm
Stage2URL=
Stage2URL=/dw/stagetwo.asp?szAppName=&szAppVer=0.0.0.0&szModName=unknown&szModVer=0.0.0.0&offset=00000000
DataFiles=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.mdmp|C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\appcompat.txt
Heap=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.hdmp
ErrorSubPath=\0.0.0.0\unknown\0.0.0.0\00000000

All I did was repair my XP installation and the issue went away. I'm
always protected by McAfee VirusScan 8.0 and did NOT install
Blaster.worm patch til AFTER my XP repairs. Blaster worm was never
found on my system. BEWARE! I received an "official looking" email
from Microsoft with an attached "patch" for viruses. Obviously, VS8
deleted this attachment without hesitation.

The problem, for me anyway, is fixed. Good luck.

HAHAHAHA...This DID NOT fix the problem. Nobody here seems to want to
answer this question. XP Home worked fine for a while now this.
Microsoft really makes me angry. When this issue occurs my sound card
goes dead and options disappear from the control panel applet. This
really is not good. ANY TAKERS ON THIS???? I've read thread after
thread and am not getting anywhere. All my info is posted above. Do
I need an engineering degree to figure this out? Am I missing
something here? Sheeeeesh......

 

[purplehaz]

(e-mail address removed) (KevC) wrote in message

"Nicholas" <[email protected]> wrote in message

John --

Apparently, your friend's computer has an unwelcome visitor (VIRUS)
known
as the WM32 Blaster/Lovsan WORM.

It entered the computer through the internet connection because the
"firewall"
was not properly enabled and essential critical updates were not
installed from
the Windows Update website. For instructions on fixing the problem,
visit:

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

Remove W32.MSBlast.Worm
http://www.kellys-korner-xp.com/xp qr.htm#rpc

Blaster Worm: Critical Security Patch for Windows XP (32-bit version)
http://microsoft.com/downloads/details.aspx?FamilyId=2354406C-C5B6-44AC
-9532-3DE40F69C074&displaylang=en

If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.

Then immediately turn-on Windows XP's built-in Firewall:

How do I turn on the Firewall?
http://www.andyrathbone.com/tips/firewall.html


**** IMPORTANT ****

Visit this web site if you experience difficulty installing
Windows XP Security Patch 823980:

How To Fix The Cryptographic Service Error
http://www.updatexp.com/cryptographic-service.html



--
Nicholas

----------------------------------------------------------------------

|
| My 74-year old German friend here in Florida is having a
| problem with his relatively new PC. After working in any
| application, a shutdown message appears "Generic host
| process for win32 services has encountered a problem and
| needs to close" Other screen text includes "Initiated by
| NT authority system" "Remote procedure call RPC
| terminated." XP (Home Edition) then begins the 60-second
| shutdown clock urging him to save work or lose it.
|
| This happens every time he works on the machine. It is
| not on a network and he is using BellSouth as an ISP. The
| message appears consistantly after 5 minutes of reading
| mail or using IE. Updated Norton virus scanning has
| detected nothing on his machine. Thoughts?

Associated dialog found in appcompat:
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="SYSTEM INFO" FILTER="GRABMI_FILTER_SYSTEM">
<MATCHING_FILE NAME="advapi32.dll" SIZE="558080"
CHECKSUM="0x7B6E5DDA" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Advanced Windows 32 Base API"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="advapi32.dll" INTERNAL_NAME="advapi32.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9315E"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="gdi32.dll" SIZE="250368"
CHECKSUM="0x29850525" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="GDI Client DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="gdi32" INTERNAL_NAME="gdi32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x4285C" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:39" UPTO_LINK_DATE="08/29/2002 10:40:39" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="kernel32.dll" SIZE="930304"
CHECKSUM="0xCBCCF8A9" BIN_FILE_VERSION="5.1.2600.1106"
BIN_PRODUCT_VERSION="5.1.2600.1106" PRODUCT_VERSION="5.1.2600.1106"
FILE_DESCRIPTION="Windows NT BASE API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xE7ED3"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1106"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1106" LINK_DATE="08/29/2002
10:40:40" UPTO_LINK_DATE="08/29/2002 10:40:40" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ntdll.dll" SIZE="654336"
CHECKSUM="0xC568C00F" BIN_FILE_VERSION="5.1.2600.1217"
BIN_PRODUCT_VERSION="5.1.2600.1217" PRODUCT_VERSION="5.1.2600.1217"
FILE_DESCRIPTION="NT Layer DLL" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1217 (xpsp2.030429-2131)"
ORIGINAL_FILENAME="ntdll.dll" INTERNAL_NAME="ntdll.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xA5841"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1217"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1217" LINK_DATE="05/01/2003
23:56:10" UPTO_LINK_DATE="05/01/2003 23:56:10" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="ole32.dll" SIZE="1172992"
CHECKSUM="0x59FABDBE" BIN_FILE_VERSION="5.1.2600.1263"
BIN_PRODUCT_VERSION="5.1.2600.1263" PRODUCT_VERSION="5.1.2600.1263"
FILE_DESCRIPTION="Microsoft OLE for Windows" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="5.1.2600.1263 (xpsp2.030819-2129)"
ORIGINAL_FILENAME="OLE32.DLL" INTERNAL_NAME="OLE32.DLL"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1248AC"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.1263"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1263" LINK_DATE="08/25/2003
18:53:42" UPTO_LINK_DATE="08/25/2003 18:53:42" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="oleaut32.dll" SIZE="569344"
CHECKSUM="0x276CFFB1" BIN_FILE_VERSION="3.50.5016.0"
BIN_PRODUCT_VERSION="3.50.5016.0" PRODUCT_VERSION="3.50.5016.0"
FILE_DESCRIPTION="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" COMPANY_NAME="Microsoft Corporation"
PRODUCT_NAME="Microsoft OLE 3.50 for Windows NT(TM) and Windows
95(TM) Operating Systems" FILE_VERSION="3.50.5016.0"
INTERNAL_NAME="OLEAUT32.DLL" LEGAL_COPYRIGHT="Copyright © Microsoft
Corp. 1993-1999." VERFILEDATEHI="0x0" VERFILEDATELO="0x0"
VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32"
PE_CHECKSUM="0x999AF" LINKER_VERSION="0x0"
UPTO_BIN_FILE_VERSION="3.50.5016.0"
UPTO_BIN_PRODUCT_VERSION="3.50.5016.0" LINK_DATE="08/29/2002 10:40:34"
UPTO_LINK_DATE="08/29/2002 10:40:34" VER_LANGUAGE="English (United
States) [0x409]" />
<MATCHING_FILE NAME="shell32.dll" SIZE="8240640"
CHECKSUM="0x1D64017A" BIN_FILE_VERSION="6.0.2800.1233"
BIN_PRODUCT_VERSION="6.0.2800.1233" PRODUCT_VERSION="6.00.2800.1233"
FILE_DESCRIPTION="Windows Shell Common Dll" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows® Operating System"
FILE_VERSION="6.00.2800.1233 (xpsp2.030604-1804)"
ORIGINAL_FILENAME="SHELL32.DLL" INTERNAL_NAME="SHELL32"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x7E4A55"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1233"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1233" LINK_DATE="06/11/2003
20:43:47" UPTO_LINK_DATE="06/11/2003 20:43:47" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="user32.dll" SIZE="528896"
CHECKSUM="0xA4520BB9" BIN_FILE_VERSION="5.1.2600.1134"
BIN_PRODUCT_VERSION="5.1.2600.1134" PRODUCT_VERSION="5.1.2600.1134"
FILE_DESCRIPTION="Windows XP USER API Client DLL"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="5.1.2600.1134 (xpsp2.020921-0842)"
ORIGINAL_FILENAME="user32" INTERNAL_NAME="user32" LEGAL_COPYRIGHT="©
Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0"
VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2"
MODULE_TYPE="WIN32" PE_CHECKSUM="0x8D044" LINKER_VERSION="0x50001"
UPTO_BIN_FILE_VERSION="5.1.2600.1134"
UPTO_BIN_PRODUCT_VERSION="5.1.2600.1134" LINK_DATE="11/01/2002
23:26:44" UPTO_LINK_DATE="11/01/2002 23:26:44" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="wininet.dll" SIZE="599040"
CHECKSUM="0xBEF20B21" BIN_FILE_VERSION="6.0.2800.1106"
BIN_PRODUCT_VERSION="6.0.2800.1106" PRODUCT_VERSION="6.00.2800.1106"
FILE_DESCRIPTION="Internet Extensions for Win32"
COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Windows®
Operating System" FILE_VERSION="6.00.2800.1106 (xpsp1.020828-1920)"
ORIGINAL_FILENAME="wininet.dll" INTERNAL_NAME="wininet.dll"
LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved."
VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004"
VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x96179"
LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="6.0.2800.1106"
UPTO_BIN_PRODUCT_VERSION="6.0.2800.1106" LINK_DATE="08/29/2002
10:40:28" UPTO_LINK_DATE="08/29/2002 10:40:28" VER_LANGUAGE="English
(United States) [0x409]" />
<MATCHING_FILE NAME="winsock.dll" SIZE="2864"
CHECKSUM="0x73AE8088" BIN_FILE_VERSION="3.10.0.103"
BIN_PRODUCT_VERSION="3.10.0.103" PRODUCT_VERSION="3.10"
FILE_DESCRIPTION="Windows Socket 16-Bit DLL" COMPANY_NAME="Microsoft
Corporation" PRODUCT_NAME="Microsoft® Windows(TM) Operating System"
FILE_VERSION="3.10" ORIGINAL_FILENAME="WINSOCK.DLL"
INTERNAL_NAME="WINSOCK" LEGAL_COPYRIGHT="Copyright © Microsoft Corp.
1981-1996" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x10001"
VERFILETYPE="0x2" MODULE_TYPE="WIN16" S16BIT_DESCRIPTION="BSD Socket
API for Windows" S16BIT_MODULE_NAME="WINSOCK"
UPTO_BIN_FILE_VERSION="3.10.0.103"
UPTO_BIN_PRODUCT_VERSION="3.10.0.103" VER_LANGUAGE="English (United
States) [0x409]" />
</EXE>
</DATABASE>

Associated dialog found in manifest:

Server=watson.microsoft.com
UI LCID=1033
Flags=623378
Brand=WINDOWS
TitleName=Generic Host Process for Win32 Services
DigPidRegPath=HKLM\Software\Microsoft\Windows
NT\CurrentVersion\DigitalProductId
ErrorText=If you were in the middle of something, the information you
were working on might be lost.
Stage1URL=
Stage1URL=/StageOne//0_0_0_0/unknown/0_0_0_0/00000000.htm
Stage2URL=

Stage2URL=/dw/stagetwo.asp?szAppName=&szAppVer=0.0.0.0&szModName=unknown&szM
odVer=0.0.0.0&offset=00000000DataFiles=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.mdmp
|C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\appcompat.txt

Heap=C:\DOCUME~1\KEVINC~1\LOCALS~1\Temp\WER5.tmp.dir00\svchost.exe.hdmp
ErrorSubPath=\0.0.0.0\unknown\0.0.0.0\00000000

All I did was repair my XP installation and the issue went away. I'm
always protected by McAfee VirusScan 8.0 and did NOT install
Blaster.worm patch til AFTER my XP repairs. Blaster worm was never
found on my system. BEWARE! I received an "official looking" email
from Microsoft with an attached "patch" for viruses. Obviously, VS8
deleted this attachment without hesitation.

The problem, for me anyway, is fixed. Good luck.

HAHAHAHA...This DID NOT fix the problem. Nobody here seems to want to
answer this question. XP Home worked fine for a while now this.
Microsoft really makes me angry. When this issue occurs my sound card
goes dead and options disappear from the control panel applet. This
really is not good. ANY TAKERS ON THIS???? I've read thread after
thread and am not getting anywhere. All my info is posted above. Do
I need an engineering degree to figure this out? Am I missing
something here? Sheeeeesh......

This was answered. If your geeting the nt authority shutdown in 60 seconds
message then you have the blaster virus.
You are most likely infected with the Blaster worm virus.



To stop the rebooting/shutdowns, right click on the task bar, choose task
manager, processes tab, look for msblast.exe. Highlight it and click end
process. Then turn on the xp firewall.

To turn on the firewall: control panel, network and internet connections,
network connections, right click your connection, properties, advanced tab,
check the protect my computer box. Do this as quickly as you can once the
desktop comes up. Then visit the sites below for the removal and patch info.

Symantec: removal info and removal tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Also make sure to follow the links to the Microsoft pages for the patch or
visit windows update for the patch after you remove it.

http://support.microsoft.com/?kbid=823980

http://www.microsoft.com/security/incident/blast.asp