I only have about 1 minute before my computer shuts down so this might not be very descriptive. After turning my computer on, I have about 1 minute before I get the message ' windows must now restart because the remote procedure call (rpc) service terminated unexpectedly' . What's wrong??? how can i fix it in 1 minute??

I've always just let it shut down and then restarted

edited to add: damn, I'm slow.

It does it every time it restarts

You don't have a recovery system, do you? Y'know, something that lets you revert to a previous state (hard drive, not like...uh...fetal or anything).

Hold on....I'm'a check what that error you're getting means 'cause I have no idear.

It just starting doing this today. I tried the system recovery for sometime last week and it is still restarting every minute. This is a pain because I have to wait for it to restart and come here real quick. I don't even have enough time to get help from hp help. welp, shutting down now.

Okay, according to these people (http://www.computing.net/hardware/wwwboard/forum/15396.html), you should to to "run" (under the start menu) and type in (without quotes) "services.msc". Then, find the RPC and stop it/disable it. Then, in the same window, click the "recovery" tab and change all 3 "reboot the computer"s to "take no action". If that works, click on that link and it'll link you to a possible patch to fix the problem.

Yeah, do what IPFS said.

I can't find run, help

Click on the START button.

There should be an option to select 'Run...' and a dialog box will pop up. go from there with IPFS' directions.

there is no run option.

What version of Windows are you running?

I got home and it turns out my computer was doing the same thing....yay! Anyway, all good now, so the directions work, but it's an XP fix.

I can't believe it was doing the same thing. I have XP but there isn't run on the start menu. I thought there was before. But I could be halucinating. I have the command prompt, can I use that to get to run? I'm technically stupid.

that's weird. my computer has been doing the same damn thing today. it is so frustrating.
i finally just left it off for awhile and just turned it back on again a few minutes ago. It seems to be okay for now.

Originally posted by Kittymld
I have the command prompt, can I use that to get to run? I'm technically stupid.

Yes. Type in services.msc OR go through "My computer."

Click on the My Computer icon and type "C:\windows\system32\services.msc" at the top where it says "address"

I wonder if someone has found a security vulnerability in XP? Can't be coincidence that this is happening to everyone at once. . .

Originally posted by RichmondVA

I wonder if someone has found a security vulnerability in XP? Can't be coincidence that this is happening to everyone at once. . .
this might just answer that question...virus-like internet infection spreading (http://www.washingtonpost.com/ac2/wp-dyn/A45828-2003Aug11?language=printer)

Wow. That certainly sounds like it could be the culprit.

Evidently it's not working quite as intended as it crashes the system rather than working whatever stealthy thing it was trying to do. . .

A virus-like infection that was the subject of urgent U.S. government and industry warnings spread rapidly Monday across the Internet...
Gee, if your software is THAT buggy where the US government has to get involved, I think it's time to go back to the drawing board.

Or just get a Mac. ;)

Originally posted by mattsledge
Or just get a Mac. ;)

That way your machine and OS will be so insignificant that even virus coders can't be bothered.:p

Actually, there ARE viruses/worms for the Mac, but they are so rare... at last count, there were about 60 discovered for Mac OS X... compared to 50,000 for the Windows platform.

I had the same thing on my computer last night too. The removal tool is here. (http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html)

are you guys all using a firewall (the ones who were "infected")? my computer didn't have any ill affects.

I have a dial up connection. You don't use firewalls on dial up. The reason I got hit, as with everyone else, was because I ignored the warning MS posted on this particular vulnerability a month or so ago. Since I didn't patch their "flawless" new os, this crap got into my system.

ooohhh, i see now. thx.

Originally posted by DogStarMan
I have a dial up connection. You don't use firewalls on dial up.

CR and I have a dial-up at home and we use a firewall. I counted 15 attempts to breach our firewall just last night, and I was online less than an hour.

I might just have to get one. What do you guys use?

We use Zone Alarm. Everytime someone tries to access our computer a little window flashes and tells us the IP address of the potential hacker. You'd be surprised at how many "hits" you get in an hour.

Yah, well most of that is automated hacker bots poking around to find open ports. Since our corporation is behind a third-party firewall, I don't ever have to deal with any of that stuff, so I'm not up on what's good for home firewall use. Thanks for the tip...I'll check it out.

Stage 1 symptoms: This worm attempts to download and run the Msblast.exe file. It is also recognized as: W32/Lovsan.worm [McAfee], Win32.Poza [CA], Lovsan [F-Secure], WORM_MSBLAST.A [Trend], W32/Blaster-A [Sophos], W32/Blaster [Panda]. This attack may crash the system and download an .exe program.

I think we have our answer, folks.

Hey Dogstarman,

If you just want a fairly simple firewall and no bells and whistles there is a free version of ZoneAlarm.

The free version doesn't block pop-ups or content and it won't let you do traceroutes or whatever but it does block your system. That's what I used when I had dial-up.

Now that I have cable, I've gotten Norton (although ZoneAlarm Pro is good as well). I can do a lot more with figuring out who is trying to get into my machine, but you're right that 99% of the time it is just port scans and not worth the effort. A window pops up telling me what happened, and I just close it without further investigation.

Originally posted by RichmondVA

Now that I have cable, I've gotten Norton (although ZoneAlarm Pro is good as well). I can do a lot more with figuring out who is trying to get into my machine, but you're right that 99% of the time it is just port scans and not worth the effort. A window pops up telling me what happened, and I just close it without further investigation.

Norton Internet Security? i'm asking b/c there's something i want to turn off on my version at home and i'm not sure how. the manual would help, if i could find it. i tend to "clean up" by making things less visible and not by actually cleaning anything. i lose a lot of stuff that way.

Yep. Norton Internet Security. And I have the manual. What do you need?

Soundblaster Audigy 2 Platinum is pretty cool. I could really use the front midi port. No really, it's pretty cool. I don't need Platinum EX or anything, but Soundblaster Audigy 2 Platinum would be pretty cool. I'm just saying is all. I wonder if anyone could hook me up.

What, was I typing aloud? oops. So yeah Norton Internet Security. Did I say I had the manual? What I meant was I could probably FIND the manual.

If I felt like looking for it.

Not that I wouldn't help out a friend, 'cause that's what friends do, right? Hook each other up. I'm just saying I'm really busy and all. If I had that a soundcard with a MIDI port I could work a lot faster and probably have more time to look for the manual. But where am I gonna get Soundblaster Audigy 2 Platinum?

:D

lol. sorry, i would if i could, but the party that stuck their neck out did so only b/c i had helped this individual write a program for an awful class we took together. however, i might be able to swing something. check yo pm's.

here's the deal w/Internet Security: sometimes when i install a game or demo, the app goes out to look for a patch that may be available. what sucks is that, while the game is trying to launch, a message pops stating that "such-and-such.exe is trying to access the Internet". ok, i understand, but i don't want that alert and i want Norton to always allow anything on this machine to go out to the internet. each and every time. if possible. it's pissing me off b/c the app i'm trying to run starts to clock and i don't need the heads up. i poked around, but can't find where to turn those alerts off.

I have Norton 2002.

If you open up the program, there's a series of tabs on the left side of the window.

Click on Personal Firewall-->Personal Firewall Settings. The default setting I think is medium. Click on "Custom Level" which brings up a new window. The top menu box should say "Personal Firewall" and the default setting is probably "high."
I would change that setting to "Medium." You could set it to "minimal" but then you would essentially have no firewall. When you need your firewall back, just set it back to the defaults.

The other way to do it is to do Personal Firewall---> Internet access. That lets you configure individual applications. Do a scan or find the program you need, then customize it. Basically you want "Permit All."

Yet another thing to do is Personal Firewall--> Internet Access, and then click Configure-->Systemwide settings. That will let you change things systemwide instead of application by application. There are systemwide rules for various inbound and outband activities. If you uncheck all the outbound block rules, you should be okay, but all the inbound rules will still be in effect.

Originally posted by RichmondVA
Yet another thing to do is Personal Firewall--> Internet Access, and then click Configure-->Systemwide settings. That will let you change things systemwide instead of application by application. There are systemwide rules for various inbound and outband activities. If you uncheck all the outbound block rules, you should be okay, but all the inbound rules will still be in effect.

awesome, that's the option i went with. there was one rule specific to outbound connections only and i allowed that. there were a few other in/out rules, but i'll leave those for now. thanks, you da man.... a man w/o free shipping? :cool:

quickie question--my sister got hit with the virus, downloaded the patch but now she has no start menu...any ideas on how to fix it?

Just no start menu?!? Or are the start button, taskbar, system tray, etc. gone?

And is the machine running correctly, other than the start menu?

well, she's not sure if she missed another patch or what--but I'm taking her at her word, no start menu at all. Don't think her computer is running perfectly but it's running better than before she downloaded the fix for the virus. her project for tonight is fixing her computer.

Same thing happened to me, H. You have to right click on the thin gray bar (the locked toolbar) and mess around with the properties. I locked it, unlocked it, clicked a few other things and then it worked. My comp is still messed up, though...when I went to get the patch and ran it, I got an error message, "Setup could not verify the integrity of the file Update.inf. Make sure the Cryptographic service is running on this computer". No idea how to fix that...

Sweet, thanks man...I'll pass it onto her, she's pretty much gonna try everything she can think of tonight to get her machine running properly again. She's getting hit with it at work too now...

She's got an HP Pavillion with XP on it, she thinks there might be some incompatability issues that require patches.

So, let me get this straight..the Norton Removal Tool hoses XP?

Well, you can say one good thing will come of this virus. At least it's forcing people (including me) to truck their asses over to the MS Update site and update all 30 some patches and updates that have been released since XP first came out. :rolleyes:

that's what it's looking like...from what my sis has said the update site is next on the list of targets for the virus...whee!

Yeah, I don't have a source or anything, but word is that the virus has this saturday marked as the time for infected and connected computers to attack the MS servers. Woo! I was tempted to leave the computer alone and let it do it's job, but dammit, I couldn't use eBay until I fixed it...

Microsoft Braces as Web Worm Prepares to Attack

By Bernhard Warner, European Internet Correspondent

LONDON (Reuters) - Like sharp-shooters armed and ready to fire, hundreds of thousands of computers are poised to let fly a potentially crippling data attack on a lone Web site belonging to software giant Microsoft Corp.

Starting on Saturday, August 16, each computer infected by the "Blaster" Internet worm will begin sending packets of data several times per second to the Microsoft site in an attempt to knock it offline.

The targeted Web site is http://www.windowsupdate.com, the site Microsoft uses to distribute updates of its Windows operating system that runs an overwhelming majority of the world's computers.

Blaster has been spreading across the Internet since Monday. On Wednesday, security experts in Europe reported that the worm, which targets computers running on Windows XP (news - web sites), Windows 2000 (news - web sites), Windows NT and Server 2003 software, was still infecting machines, though at a slower rate.

But the clean-up is far from over.

"Most (IT technicians) today are trying to determine what will be the impact to their systems when this attack is scheduled to go off," said Mikko Hypponen, manager of anti-virus research for Finnish computer security firm F-Secure.

HOME AND CORPORATE USERS HIT

Blaster has hit both home and corporate users, making an accurate toll of infected computers difficult to measure. But computer experts following the worm's progress estimated it had infiltrated hundreds of thousands of machines around the world. The worm, which spreads via an ordinary Internet connection, was described by various network security specialists as a "ticking bomb," though there was much debate over whether it would be a boomer or a dud.

With such a coordinated volley of data timed to deluge a single site, it leaves the overall Internet susceptible to slowdowns, though many security professionals were playing down that scenario on Wednesday.

A shutdown of the Windows "update" site, the only place to fortify a computer against Blaster, is more likely, they said.

"It's a game of beat the clock," said Raimund Genes, European president of security firm Trend Micro. "People will be working overtime to patch their systems before Saturday to get rid of Blaster."

The worm can be eradicated by downloading the patch off www.windowsupdate.com and re-booting the machine. Microsoft said the worm may cause systems to crash at first, but did not damage the victim's computer.

Gussipekka Pispa, director of information technology at Finland's Tampere University of Technology, told Reuters he and his team were working around the clock to check hundreds of computer servers for signs of a Blaster infestation.

Should the computers start firing data requests at the Microsoft site on Saturday, it could bog down the university's network. "It's a big job," Pispa said.

Originally posted by cuddlyevil
On Wednesday, security experts in Europe reported that the worm, which targets computers running on Windows XP (news - web sites), Windows 2000 (news - web sites), Windows NT and Server 2003 software, was still infecting machines, though at a slower rate.

Heh. ME crashes so much on its own, this virus couldn't be bothered to try to infect it. Makes me safe, so I guess I can't complain. Much.

Hey, I'm still running Windows98, so am I cleared from getting this dreadful worm or not?

Originally posted by MissKitty
Hey, I'm still running Windows98, so am I cleared from getting this dreadful worm or not?
Yes... it does not affect Win 98 or lower machines.

Okay, so my sister has downloaded the patch, removed the virus, got her taskbar up and running but now she can't re-enable the RPC--anyone else have trouble with this or has any idea how to fix this?

Can't get mine up, either...

Heh...he can't get it up :p

Okay, so far the only solutions my sister's been able to come up with fall under the "risky" catagory...the most painful being potentially having to rewrite windows...any simpler suggestions?

Check the Microsoft site for a fix first. I heard that there were some issues with the patch they put out and computers running RAS. Maybe this also affect the RPC.

Can't you just go to services.msc and turn it back on?

Looks like it could happen all over again:

http://www.kasperskylabs.com/news.html?id=985370

Originally posted by mattsledge
Looks like it could happen all over again[/url]
But if your systems are updataed and protected against the initial worm, then they should also be protected against the variant, since they use the same exploit to get in....right?

Originally posted by RichmondVA
Can't you just go to services.msc and turn it back on?

She's tried that and it's impossible to turn it back on b/c the menu for the RPC won't come back up...and she couldn't find a patch, so she's stuck...

Originally posted by DogStarMan

But if your systems are updataed and protected against the initial worm, then they should also be protected against the variant, since they use the same exploit to get in....right?
That's the way I am reading it.