"Remote Procedure Call interruption?"

  • Thread starter Thread starter Paul S.
  • Start date Start date
P

Paul S.

I just loaded XP Pro to a new hard drive. Worked
beautifully for a couple hours, but since then, I get a
system shutdown message saying that the remote procedure
call service has been unexpectedly interrupted. I was
online at the time. Did I pick up a virus or what?
 
Thanks. Was afraid of that -- just unsure of which
virus/worm it would be. We came off ME and upgraded to XP
Pro. ME didn't have this issue. Now, if I can only stay on
line long enough to visit the links....
 
I just loaded XP Pro to a new hard drive. Worked
beautifully for a couple hours, but since then, I get a
system shutdown message saying that the remote procedure
call service has been unexpectedly interrupted. I was
online at the time. Did I pick up a virus or what?
Click to expand...

A worm. Unfortunately, it's not safe to go online with a fresh,
unpatched install of Windows XP, and online (Windows Update) is the
way to get the patches you need.

If you want to clean up the mess, Will's posted good links. With an
installation that's only a few hours old, I'd just do a clean install
but before going online set up a third-party firewall as well as run
Steve Gibson's three little utilities, the first of which disbles the
service that was exploited on your machine.

<<http://www3.telus.net/dandemar/firewall.htm>

<http://www.grc.com/dcom/>
<http://www.grc.com/stm/shootthemessenger.htm>
<http://www.grc.com/unpnp/unpnp.htm>

Installing an antivirus before first connection to the net is a good
idea also. After going online, the first two things to do would be
to go to Windows Update and get all critical updates and to get the
latest update for the antivirus program from its vendor.
 
To stay on-line long enough to get the necessary updates,
patches,
and removal tools, click Start > Run, and
enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut
down. Also, make
sure you've enabled a firewall before starting, to
preclude any more
intrusions while getting the updates/patches/tools.

-----Original Message-----
Thanks. Was afraid of that -- just unsure of which
virus/worm it would be. We came off ME and upgraded to XP
Pro. ME didn't have this issue. Now, if I can only stay on
line long enough to visit the links....

-----Original Message-----
Hi

Your system has been infected by the Blaster Worm.
Click to expand...
Have
a look at the
Click to expand...
 
Your computer is now infected with the W32.Blaster.Worm or
one of its variants. This happened because you have not
been using an internet connection firewall and have
apparently neglected to install the critical updates
available at the Windows Update website.
-----------------------------------------------------------
If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.
-----------------------------------------------------------
-------
Then immediately turn-on Windows XP's built-in Firewall:
http://www.microsoft.com/security/protect/
(To enable the built-in firewall, go to:
Control Panel, double-click Networking and Internet
Connections, then click Network Connections. Right-click
your connection, then
Click Properties, and on the Advanced tab, click the option
"Protect my computer and network..." Note: the built in
firewall only monitors incoming traffic not outgoing (ie
spyware, trojans, etc.. you may have on your system).)

Special note if you use AOL:
America Online installs its own connection settings that
override
the ones that come with Windows XP. America Online's
connection settings don't include a way to turn on Windows
XP's
built-in firewall.


What You Should Know About the Blaster Worm and Its
Variants
http://www.microsoft.com/security/incident/blast.asp

A tool is available to remove Blaster worm and Nachi worm
infections from computers
that are running Windows 2000 or Windows XP
http://support.microsoft.com/?kbid=833330

A security issue has been identified that could allow an
attacker to
remotely compromise a computer running Microsoft Windows
and
gain complete control over it. You can help protect your
computer
by installing this update from Microsoft.
http://www.microsoft.com/downloads/details.aspx?
FamilyId=2354406C-C5B6-44AC-9532-
3DE40F69C074&displaylang=en

Above courtesy of MVP Carey
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

***Install a good firewall. ZoneAlarm is a free one you
can install.
Install a good anti-virus program making sure you keep
it's definitions up to date! ***
- - - - - - - - - - - - -
Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm
..html

W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm
..removal.tool.html

W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32
..welchia.worm.html

W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm
..removal.tool.html
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remote Procedure Call (RPC) service is terminated Unexpectedly 8
Interrupts? 16
Remote Procedure Call creates shutdown 5
Interrupted connection 4
Remote procedure call error 3
Remote Procedure Call Service Terminated 3
Remote Procedure Call 4
Remote Procedure Call 1

Back
Top