the newer the install of windows is the longer you have before it happens? ... what does that mean?

0

Ok... maybee this is a dumb thought... try unplugging the internet when you do it.... also, does a "Send error report" box show up first? thanks

0

YES! it's this.. win32 error thing.. I'm not quite sure what it is.. and I'll try unplugging the internet and installing.

0

hey guys, i also got the same message (remote procedure call terminated unexpectedly) whenever my comp booted up as well. i freaked out and pulled the plug on my comp. now anytime my computer starts on up, theres these five options on my screen. it says -Safe Mode -Safe Mode with Networking -Safe Mode with Command Prompt -Last known Good Configuration (your most recent settings that worked) -Start Windows Normally. I've clicked on all five and after several seconds where it looked like it was gonna work, it just goes back to the same screen. What in the world do I need to do to get my computer up and running normally again? I was downloading some songs/videos from kazaa before this happened. Do you think i downloaded a naty virus? :( I have Windows XP.

0

oh and my computer is a HP Pavilion 753N 2.53GHz System with CD-RW/DVD someone please help :( i think i may of toasted my computer pretty bad.

0

thanks Andrew! I fixed it =) I hope! =) We'll see in a few hours! THANKS AGAiN! :)

0

Try running "services.msc" in run and there find the RPC(Remote procedure call) and then stop that and disable it and also go to the "recovery" tab on the same RPC window and get the three lines which says " Reboot the computer " and change that to " take no action ". If you are not intending the stop RPC then you can try going to the recovery tab and then putting up take no action in all the three options over there... That should fix it... Then try getting the patch and installing it.... Could be found on: www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

0

I was also getting an error "Generic Host Win32 services..." A Norton Scan (after unplugging internet) showed a W32.IRCBot.Gen virus on the explorer.exe. Unplugging internet allowed computer to stay on instead of cycling off atfer 1 minute

0

Hi All, Heres how I have just got around this to-night...[well so far and yes my fingers are crossed] Right click my computer>select manage>select "Services and Applications>select "Services" and scroll down to Remote Procedure Call (RPC) go to the recovery tab and select restart the sevice in all 3 options.... This should stop your pc from re-booting everytime it gets the error [fingers crossed again] Now go to this link http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp and download the patch for xp Now what I done was saved the download to my desktop....rebooted disconected from the internet and the run the download.... It has now been 1 hour and I have had no "error messages from NT Authority\System32 bla bla bla I hope this procedure works for you I will try to seek some info as to why this is happening to so many people all of a sudden and post back.. Good luck Alan56

0

Ok I found this over at Trend...its relating to the RPC DCOM BUFFER OVERFLOW They say: TrendLabs has received several infection reports of this new worm which exploits the RPC DCOM BUFFER OVERFLOW, a vulnerability in a Windows Distributed Component Object Model (DCOM) Remote Procedure Call (RPC) interface which allows an attacker to gain full access and execute any code on a target machine, leaving it compromised. Solution: Terminating the Malware Program This procedure terminates the running malware process from memory. Open Windows Task Manager. On Windows 95/98/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. In the list of running programs*, locate the process: MSBLAST.EXE Select the malware process, then press either the End Task or the End Process button, depending on the version of Windows on your system. To check if the malware process has been terminated, close Task Manager, and then open it again. Close Task Manager. Removing Autostart Entries from the Registry Removing autostart entries from the registry prevents the malware from executing during startup. Open Registry Editor. To do this, click Start>Run, type Regedit, then press Enter. In the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software>Microsoft> Windows>CurrentVersion>Run In the right panel, locate and delete the entry: ”windows auto update" = MSBLAST.exe Close Registry Editor. NOTE: If you were not able to terminate the malware process from memory as described in the previous procedure, restart your system. Hope this helps you all Alan56

0

Sorry forgot the link http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A Alan56

0

If you are still having this problem and system wont let you stay on long enough do the following: 1. Unplug or disable your network connection to the internet. 2. Go to Start Menu 3. Go to Control Panel 4. Click on Network Connections Icon 5. Right Click on Local Area Connection Icon 6. Select Properties 7. Click the Advanced Tab 8. Select the Internet Connection Firewall box. 9. Click OK 10. Plug or Enable your network connection to the internet again. You will now be able to download the patch.

0

just give in Command Propmt shutdown -a when the shutdown timer schows up and it will abport the shutdown this only temporaly soulution.

0

Symantec has just classified this as virus W32.Blaster.Worm http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html There is a fix utility on their website

0

ive had the same problem since yesterday, with your help guys it seems to be solved now thank good! i have to say i suspect that it was microsoft live update that gave me backdoor irc last wednesday, ive had to clean install since than and face with this problem. without this forum i would be nowhere! is microsoft screwing us though?

0

I tried downloading the patch by Microsoft but it doesn't install, it stops at "Creating Restore Point" for a long time. Any ideas?

0

Just wondering how many people had the RPC shut down problem but did not fine any sign of the MSBLAST.exe worm on their system. I had the RPC problem and was able to down load the patch. Did a scan for the worm and looked in reg. but found no sign of worm. Also ran the FixBlast.exe file from Symantec and it did not find the worm. Log reads "W32.Blaster.Worm has not been found on your computer."

0

all u need is a firewall. try searching 4 freezone alarm firewall. cus i got this and it stopped everything.

0

http://www.eweek.com/article2/0,3959,1217006,00.asp

0

I had this problem that started today. I even reinstalled windows XP, but this still didn’t fix it. But then thanks to the advice on this thread I was able to sort this problem out. Because I have dial up networking, my computer was disconnected from the internet at when I did this. What I did was: 1.) Remove Autostart Entries from the Registry by running Regedit, then searching for msblast.exe, then deleting all the keys that msblast.exe was in. 2.) Rebooting then searching for msblast.exe and deleting the 2 files that came up. One looked like “msblast2134875-235972.pf” and it was in the WINDOWS\Prefetch directory. The other file was called msblast.exe and was in the windows\system32 directory. 3.) Then I turned on the Load Zone Alarm at startup box, because I got the worm by forgetting to load my firewall “Zone Alarm” when I connect to the internet. 4.) Once my firewall was loaded I connected to the internet and went to the link: http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp and then downloaded the update and ran it. I also noticed that the date of the msworm.exe file was 12 August 2003, but I only started getting the RPC shutdown message today, so there seems to be a 1 day delay, before the worm starts breeding. Anyways thanks to everyone here for their help.

0

I also had this problem but because I had only just installed XP Home and had to find an xp driver i thought it was a driver problem. Like Avolikita I had stopped zone alarm whilst I ran a program and forgot to restart it before going to internet (won't do that again). Got no help at all from the microsoft sites so came to good old computing net who thanks to you all got me sorted (in particular Alan56 whose instructions were spot on.) Keep up the good work

0

Like PCAddict in message 23, I have the symptoms with the Generic Host Win32 error but cannot find the MSBLAST.exe files anywhere on my computer using both McAfee and the Symantec Win32 worm fix tool. Even did manual search for the files and cannot find them. I had already installed the patch before I read about how to find and delete them so did I screw up royally and can this still be fixed? I currently have my RPC set to 'take no action' so I can stay online but know I cannot run this way forever. Just how long is it ok to run with the RPC turned off like this?

0

I have a really bad problem going on due to the new virus msblaster. I am typing from a friends house and the thing with my computer is that I got the virus the first the first day and downloaded the patch, but it was a big mistake because downloading the patch made my problem worse. Now my system doesn't let me start and it turns off, what should I do. I guess I am the only one with this problem. If you can help me, please do so I will apreciate it. Thank You

0

just had this same dilemma two days ago. went on a dell forum and i believe one of the instructions there solved my PC problem. First, i enabled Firewall of my ISP so that i'd be able to connect to the internet and download the patch without getting my pc shut down. After i downloaded the patch successfully, i went to symantec web site and downloaded their w32.blaster.removal tool. i think it worked coz i haven't encounter any prob since.

0

Can this worm come from using windows messenger? I came home yesterday and found my computer had no sound. I reinstalled the drivers and that didn't work. So I reinstalled windows(XP Pro. I decided to get updated sound drivers off the internet. So I installed my DSL connection and went ahead and set up msn instant messenger. I was half through the download when this error popped up. This is very frustrating. I will work on this fix tomorrow. If it is caused by messenger, I will remove messenger and use ICQ.

0

Had Same RPC Problem , though no sign of the worm msblast . Check HDD Registry etc.. Firewall kept problem at bay but hindered my internet sharing capabilities. Does microsoft patch work on pirate versions of XP ? Any hints on how to use Zone alert and ICS? or can you reccommend another free firewall . Microsoft ICF seems not to be recommended for use over VPN so it looks like I have conflicting roads ?! Thanks Guys.

0

I've downloaded that patch, which most of you have recommended, from Microsoft site, but it didn't install, coz I have WinXP SP2 installed and it says no patches for this version... Antivirus from Symantec site haven't found any viruses.. And so, I still have the same problem.. Any ideas?

0

The answer for me is found! It was a welchia worm. So I highly recommend you to try CLRAV.com - it's a small utility from Kasperskiy, which finds and disarms some worms that usually implement themselves into windows processes.

0