got this message yesterday for the first time,

Remote Procedure Call (RPC) has failed system will reboot in 60 seconds.

So im confused as to what has caused this as i haven't opened anything yet, so the system reboots comes back into windows XP pro, no more problems (or so i think)

I used the pc for most of last night, without the error reproducing,

When i arrive home from work today i start pc play NC for about 30 mintes go for dinner then return to pc and get this message just as i try to open a CD with some Photo's on from a family party.

The RPC has caused the system to reboot about 5-8 times now, i managed to diable it in services and now it has stopped doing it.

However i am slightly worried as to what is does and how important it is to have this enabled.

If anyone could shead some light on this i would be very grateful.

Andy

You are being haxx0red.

Read this http://neocron.jafc.de/showthread.php?s=&threadid=70862

:D

Yeah, this happened to me last night. Had a complete panic attack and went through everything on my PC - turns out apart from any other consideration, some fucker had turned my firewall off. :mad:

Go to windows update and make sure you have all the patches ASAP. Been harping about this for a couple weeks now :p

yeah noticed it before but was abit reluctant to update window er...not exactly retail copy of it if you know what i mean :p

well i got the patches now and all the rest of it.

a question about the rpc shit

when ever that opened did that mean someone was tryig to get into my system ?

Andy

Originally posted by stigmata
yeah noticed it before but was abit reluctant to update window er...not exactly retail copy of it if you know what i mean :p

well i got the patches now and all the rest of it.

a question about the rpc shit

when ever that opened did that mean someone was tryig to get into my system ?

Andy Yep.
Or was just deliberately trying to shut your system down.

There a few attack scanners around now that do nothing except scan entire netblocks looking for machines to kill.

Holy shit... this just happened to me about 3 times in the last 20 minutes...

I'm scared 8|



Edit: Seems to be fixed now...

yea I reloaded windows a few night ago as i was getting it like every 5 minutes and it kepts me from backing up all my files since like halfway thrueach transfer to my extrenal drive windows would shutdown so i lost everything basically...and it didnt do it for a few days...now its doing it again..I got all the correct patches and it seems to have stopped but i did notice my computer seemed as if it was restarted cause all the programs i usually shut off in taskbar as soon as i boot up were back in there again so Im not sure if that did the trick...I dont have anything but windows and NC on this comp now so if they want to hack..feck it hack away ive already lost all the data i needed anyways =P

Originally posted by extract
..feck it hack away ive already lost all the data i needed anyways =P You *did* remember to change any passwords from the old install, hrmmm ? :D

nah but my account is currently exppired feel free to hack and activate it for me so i can play again =P just dont steal my weapon part 1

This stuff sux, its happening all over the world, even in the mohaa community (another game I play) :(

We lost plays in matches becuase of it, and it opened up and me twice today, then stopped :eek:

Also check your computer for something called MSBLAST.EXE its normally residing in the system32 folder as it's related to the errors.

Maybe if you bought all your software like a GOOD little boy, this wouldn't happen.

I HAVE THE MORAL HIGH GROUND! GO HUGE MULTINATIONAL CORPORATIONS!

As leader of this moral high ground, I order you ALL to fall into vats of boiling oil! Do it! Oh, and dance while you're at it. But... but not you. You can sing.

Originally posted by stigmata
yeah noticed it before but was abit reluctant to update window er...not exactly retail copy of it if you know what i mean :p

well i got the patches now and all the rest of it.


I got every single patch going (bar SP1) on a... not quite 100% legal... *cough*... version of XP and nothin has happened to me *yet*! It says that it's not sending any personal info to MS when it does the update and foolish me has believed them so far.


Originally posted by Mumblyfish
As leader of this moral high ground, I order you ALL to fall into vats of boiling oil! Do it! Oh, and dance while you're at it. But... but not you. You can sing.

Yes mahssah! Ah dance fur yoo reel prittie! :)

If I had the spare cash, I'd buy Win XP... I am most impressed with my free trial version (seriously!). Maybe after I pay off my credit card...

-Krll

I found that when installing the patch, searching for and destroying the criminal files, I could only do it when I was not connected to the internet. It's a real bitch to take care of, but once you get going its easy to fix.

Originally posted by Arcadius
omg iv'e started getting this problem too.


plz help me. What do I do exactly? Can you walk me through it like i'm a 2 yr old?

Originally posted by Arcadius
Quoted stuff

Not everyone is computer literate... even internet level computer users can be clueless.

I get people using e-bay and ICQ and stuff who have no idea of the difference between RAM and hard disk space! :(

User: "My memory is full, what should I do?"
Tech support: "What type of memroy? RAM or hard disk?"
User: "Memory you foolish clueless paid computer support engineer type guy! God, you are soooo noobish!"
Tech support: "...?"

-Krll

in reference to those who are having trouble with it still, here is a way to stop it so you sort it out.

(win XP pro)
Open control panel
open administritive tools
open services
find rpc (there is 2 in mine)
click disable on one of them
open the second and go to the 3rd tab and change 1st 2nd and 3rd response to "do nothing"

this will stop it shutting down and allow you to update windows and sort your firewall/virus software out.

Hope this helps

Andy

Thanks for the info Andy... always handy in my line of work (i.e. fixing the type of problem you've got for people :) ).

-Krll

It keeps happening it's driving me nuts. Where do I go to update whatever the ehll it is I have to update.

I hate being comp illeterate.


:(


8 seconds................:(

Originally posted by Arcadius
It keeps happening it's driving me nuts. Where do I go to update whatever the ehll it is I have to update.

I hate being comp illeterate.


:(


8 seconds................:(

Oh shit... you were being serious?

Check out Stigmata's post above... should help.

For those on XP Home Edition, go to the run option on the start menu and type "services.msc". Without the quotes.

-Krll

Originally posted by Arcadius
It keeps happening it's driving me nuts. Where do I go to update whatever the ehll it is I have to update.

I hate being comp illeterate.


:(


8 seconds................:(

Get windows patches and updates.

http://neocron.jafc.de/showthread.php?s=&threadid=70538

That thread has links to them (Odin's post, and others). :)

Arcadious, go to windows update site from start menu and get all critical updates.. should do the trick...

Had this about a week ago and my machine just shut down, causing the active users account to be truncated and converted into .chk files (very fucking annoying).... tho Odin did post a warning about the same time as I read it on www.theregister.co.uk ...

anyone get the feeling that the frequency of the hacks seems more like a worm than a hacker targeting your comp?

Originally posted by Xian
Get windows patches and updates.

http://neocron.jafc.de/showthread.php?s=&threadid=70538

That thread has links to them (Odin's post, and others). :)

Yeah, I think it's happening too quickly for him to use updates though, so Stigmata's and my addition are his only hope for getting the patches.


Originally posted by Skinman
anyone get the feeling that the frequency of the hacks seems more like a worm than a hacker targeting your comp?

A mailing list I'm on started getting help messages about this at about the same time this thread appeared, so it does look more like an automated "IP sweep" (sound cool, appropriate and techy :D ) type thing rather than manually done.

-Krll

Stig I PMed you.



Btw I did what Stig said and the stupid thing still shuts down by the time I finish searching for updates.


Grr this is pissing me off.

Originally posted by Arcadius
Stig I PMed you.



Btw I did what Stig said and the stupid thing still shuts down by the time I finish searching for updates.


Grr this is pissing me off.

Can you download and setup zone alarm (a firewall) from:
www.zonelabs.com

on maximum scurity? Apparently this will keep the problem at bay long enough for you to get the updates.

Or can you maybe even stop your PC connecting to the internet, which seems to be the root of them problem?

Someone jsut posted this:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

I haven't read it yet, but will do now.

Hmmm.... doesn't say it specifically causes the problems listed, but could be related. Let me know please people... I'm liable to have some calls about this soon so would appreciate knowing in advance.

-Krll

how can i install the update if I'm not connected.


i was 4 inutes into the install when the fucking error came up again and shut my comp down. THIS IS PISSING ME OFF

Originally posted by Arcadius
how can i install the update if I'm not connected.


You can maybe install a firewall or get the update from a friend to install while not connected? Or even a virus scanner... according to the link I posted above, it is a virus.

-Krll

wtf wtf

I just took a "security" test at mcafee.com or whatever.

And my cd-rom drive opened, and it said if it did that that I failed the test. I'm trying to look for anti-virus software.

Bah.


:(

Originally posted by Arcadius
wtf wtf

I just took a "security" test at mcafee.com or whatever.

And my cd-rom drive opened, and it said if it did that that I failed the test. I'm trying to look for anti-virus software.

Bah.

Go here:
http://www.grisoft.com/us/us_dwnl_free.php

AVG anti-virus... free... good... you'll need to update it first though.

-Krll

FUCK

Someone fucking help me it keeps shutting down I acn't even stay connected for 5 minutes. Goddamnit.


I did what stig said and it still shuts down.

same here fuck, Krll please check your PM ASAP

Originally posted by Krll
Can you download and setup zone alarm (a firewall) from:
www.zonelabs.com

-Krll

For a good fire wall I'd recomend Kerio Personal firewall over Zonealarm anyday.. try it and make your own mind up..

http://www.kerio.com/kpf_home.html

Originally posted by Arcadius
FUCK

Someone fucking help me it keeps shutting down I acn't even stay connected for 5 minutes. Goddamnit.


I did what stig said and it still shuts down.

If you have a friend with an internet connection, get them to download either the firewall or the virus scanner I linked to (or the one linked to above by another user), put it on CD and install it on your PC. If it's a virus scanner, then try to update before running a full scan. If you don't update, then chances are it won't detect the virus. If using the firewall, then say NO if it asks if some weird program wants to access the internet (you may need to allow "Generic Host Process" in order for your XP to work properly).

-Krll

Originally posted by Skinman
For a good fire wall I'd recomend Kerio Personal firewall over Zonealarm anyday.. try it and make your own mind up..

http://www.kerio.com/kpf_home.html


What he said basically


Kerio > ZA

Or you can try the removal tool here (thanks to Ithaqua for this link):
http://www.trendmicro.com/download/tsc.asp
(people who don't use trend micro need the second file listed)

Let me know if it works please!!!

And I'm going to bed now.

Edit: Or failing that, let us know which patches you need and we might be able to supply alternate downloads for you. I don't thon the virus blocks actual istalls, just the MS involved download.

-Krll

Originally posted by Arcadius
FUCK

Someone fucking help me it keeps shutting down I acn't even stay connected for 5 minutes. Goddamnit.


I did what stig said and it still shuts down.

http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

install that patch, and get a firewall up ASAP, then:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A

i had installed XP 15mins before i was hit, seems ok now tho

i cannot install the patch it says,
"WEUpdate cannot retrive information needed for setup from database
Setup cannot continue."
wtf:( :( :(
also i have installed zone alarm and RIGHT AWAY it blocked 2 acces attempts WTF?

I'd like to give a big pat on the back to everyone here. I would have been dumfounded when my machine began a shutting down if I hadn't been reading these forums. (Although, I really should have been keeping my security up to date . . . :rolleyes: ) Now I just have to sit here thrugh this 16 meg download watching ZA block msblast.exe every 2 seconds . . .

Originally posted by OpTi
http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

install that patch, and get a firewall up ASAP, then:



Thank you so much. It hasn't happened since installing the patch, hopefully it will stay that way.


Thank you so much opti.

Originally posted by Arcadius
Thank you so much. It hasn't happened since installing the patch, hopefully it will stay that way.


Thank you so much opti.

a little apu to apu help ;)

ok so trendmicro thingy aint working and MS patch doesnt want to install, great im fucked =)

Yeah this happened to me a few days ago...well not me, my mom actually. Was great, after the reboot she happened to be missing ntoskernl.exe (doh!). Also after each reboot another system file just randomly "dissapeared". Reinstalled windows on her machine, but forgot to do the update....doing that tonight, as well as changing the router password and account passwords.

Oddly enough they didn't get into my machine which has no updates on em as I had issues with sp1.....but I think to be safe im gonna update.

http://msn.com.com/4520-6600_16-5062407.html?part=msn&subj=ns&tag=msn_home

151 intrusions have been blocked since install..wtf is this?

It's surprising how many people operate on the Net without a Firewall of any sort. Even if you're on 56k these days, you really need one.

I highly recommend Norton for advanced and efficient protection, it's fairly affordable too.

Ive got the same problems, windows update wont complete. Ive got AVS viris checker, but it comes up with no viris's.

@ Virtual, theres a few instructions on this page, which did you follow ?

I need to complete the Windows update then install a good (free) firewall & find a good (free) viris checker as AVS dosent seen to be cutting it. :confused:

Originally posted by Drexel
Ive got the same problems, windows update wont complete. Ive got AVS viris checker, but it comes up with no viris's.

@ Virtual, theres a few instructions on this page, which did you follow ?

I need to complete the Windows update then install a good (free) firewall & find a good (free) viris checker as AVS dosent seen to be cutting it. :confused:


patch, near the middle of page.


http://msn.com.com/4520-6600_16-5062407.html?part=msn&subj=ns&tag=msn_home

Hmmm yes, I have *cough* not exactly legal copy of windows and I've _never_ updated. And I haven't been attacked by this virus yet ^_^. Maybe the hole was opened in a patch recently, so anyone who's never updated isn't in danger? Hehe.

Just woke up and am abouit to set off to work.

After reading these pages it seems my instructions for XP pro may not have been clear enough or precise enough so here goes again

If like me the RPC was starting to shutdown within seconds of starting up you can hopefully get it done in 2 or 3 tries.

Open control panel and right click administrative tools, make a short cut on desktop.
Open admin tools
Then if you still have time make a shortcut to services on desktop.
Open services
Down near the bottom of the list there are 2 services called

"remote procedure call (RPC)" and
"remote procedure call (RPC) locater"

open the first one and click on the recovery tab, in here you should see "first second and third failure"
set all to "take no action"
If the system reboots just use your shortcuts to get their quicker next time.

Open the second one, on the general tab you should see "startup type"
set it to disabled, then your system should not reboot next time.

Download the Service pack 1 from microsoft and get all critical updates, also get the secuity vulnerabilities patch posted above.

Hope this helps.

Andy

Originally posted by OpTi
http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp


Book marked for future reference and is going on my "Useful stuff" CD for work. :)


Originally posted by VirtualReGen
151 intrusions have been blocked since install..wtf is this?

It means that 151 attempts have been made by outside sources to access your PC. They're not necessarily all hackers though. I've found that certain types of banners ads and pop ups will give hack warnings.

There is an option to stop the warning dialogue popping up by the way.

Also, if you haven't done it already, you need to set Zonealarm so that it doesn't let mblaster.exe (or anything that you don't know what it is) access the internet.

-Krll

I dont run any firewalls or Viryus Scanners. This bitch never got near me. I RULE!!! :p
Sorry, just rubbing it in :D

Originally posted by Elric
I dont run any firewalls or Viryus Scanners. This bitch never got near me. I RULE!!! :p
Sorry, just rubbing it in :D

I've never caught a virus yet except for a trojan before I got a firewall (was being installed via hack).

Either you're lucky, or you know how to avoid getting virii, or both. :)

-Krll

Originally posted by Krll
I've never caught a virus yet except for a trojan before I got a firewall (was being installed via hack).

Either you're lucky, or you know how to avoid getting virii, or both. :)

-Krll

that would be both :)

Originally posted by Krll
I've never caught a virus yet except for a trojan before I got a firewall (was being installed via hack).

Either you're lucky, or you know how to avoid getting virii, or both. :)

-Krll It's not rocket science for the most part.

Foremost - regularly check for patches - applies to *nix as well as Windows people.
Oh - and you can ignore Mac zealots who crow they never get virii/trojans. Mac security isn't any great shakes - it's simply that there aren't enough Macs in the world for anyone to bother purposely attacking them.

Run a virus scanner.

Set your mail app & browser app with appropriate security settings - leaving it at default settigs is rarely good enough.

Don't accept/run executables and other files sent to you.

Don't run uneccessary services/servers.

Run a firewall - even a really rudimentary one is better than nothing - block common attack ports.

Chances are an awful lot of people will have no idea what's *really* going on in the engine room behind the pretty GUI,
(perfectly understandable - not everyone wants to be a security wizard, they just want to do some work, and use the PC as a tool, nothing more) so just use some common sense to avoid the most common pitfalls.

It's a percentages game - some people will run a machine wide open for ever, and never get hit. Some will get totally fucked over within an hour of plugging it in.

You'll never stop *everything* - someday, somewhere, some annoying fuck will come up with a new way of screwing your machine that no security person ever considered (or simply made a mistake, making something vulnerable).

Just try and decrease the odds wherever you can.

Originally posted by kurai
It's not rocket science for the most part.

Yeah it's not, but it's like some arcane black magic to non-computer literate/newbie/non-techy-minded users. Imagine how lost you were when you first started playing Neocron, and transfer that feeling to using computers in general.

If I get a job to get rid of a virus these days, I always install a virus scanner and firewall combo. Not that the customer usually bothers to keep the virus scanner up to date though, despite my giving them a printed set of fool proof instructions. :rolleyes:

-Krll

Originally posted by stigmata
Just woke up and am abouit to set off to work.

After reading these pages it seems my instructions for XP pro may not have been clear enough or precise enough so here goes again

If like me the RPC was starting to shutdown within seconds of starting up you can hopefully get it done in 2 or 3 tries.

Open control panel and right click administrative tools, make a short cut on desktop.
Open admin tools
Then if you still have time make a shortcut to services on desktop.
Open services
Down near the bottom of the list there are 2 services called

"remote procedure call (RPC)" and
"remote procedure call (RPC) locater"

open the first one and click on the recovery tab, in here you should see "first second and third failure"
set all to "take no action"
If the system reboots just use your shortcuts to get their quicker next time.

Open the second one, on the general tab you should see "startup type"
set it to disabled, then your system should not reboot next time.

Download the Service pack 1 from microsoft and get all critical updates, also get the secuity vulnerabilities patch posted above.

Hope this helps.

Andy

Im getting some customers reporting that this method has absolutely shagged their explorer on XP home and ended up needing an install....

Funny Story for you:

I don't have a TV License, I don't need one, I only watch videos on my TV, it's not even tuned in.

So today the TV License man comes round to confirm this.
He's sitting checking the TV, I mention I'm always on my PC anyway.

"Did you get that Virus that shuts your PC down?"
"No, but I know how to fix it.."
"Could you?"
"Eeeeeeeey, no bother......"

:D

I vanquished the TV License man and fixed his PC!! WOOO!

Im getting some customers reporting that this method has absolutely shagged their explorer on XP home and ended up needing an install....

Hmm not sure about XP home, its POS anyway, like most microsoft stuff, make software half way through making relase it, release further patches for 2 years, release next in-complete software. REPEAT

Andy

Well, since this is just after day TWO of taking 40 or 50 calls and saying "ok, click start, click control panel, blah, blah,blah, windowsupdate, blah blah blah removal tool, blah blah blah" more times than i care to even think of...

here's what we've been telling everyone to do on both XP home and Pro.

1.Start your computer. It is important to remember that these instructions must be followed very quickly and you may have only 60 seconds in which to complete them up to point 6.
2.Immediately when Windows has loaded, click on Start and Control Panel.
3.Double click on Administrative Tools and double click on Services.
Note: Some people may find it quicker to start the Services tool by clicking on Start > Run. Typing services.msc and pressing Enter.
4.Double click on the service called Remote Procedure Call (RPC) and click on the Recovery tab. NOTE: some people will ust see "Remote Procedure" twice, you want the first one :D
5.Within the recovery tab is three sections, these will all say 'Restart the computer' Each one of these must be changed using the drop down box to say 'Take No Action'.
6. Once done, immediately click on Apply followed by OK. Your computer may restart anyway at this point. Once it has completed restarting, continue with the rest of these instructions.
7.Disable System Restore. To do this click Start followed by right clicking on My Computer. Choose Properties, then the System Restore tab. Put a tick into the box 'Turn off System Restore'.
8.Open Internet Explorer and connect to the Internet in your normal manner.
9.Download and run the W32.Blaster.Worm removal tool from here (http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html)
10.Once the tool has been run, restart your computer and run the tool a second time.
11.Re-enable System Restore by removing the tick from the box as in point 7.
12.Update your anti virus definitions.
13.Run Windows Update (start>all programs>windows update) and ensure all critical updates are downloaded and installed.

That should kill the little sod, and keep it out in the future.
Please note you must have an
ADMINISTRATOR ACCOUNT to do this!

hope it helps. :D all thanks go to the peeps at PC Service Call (http://www.pcservicecall.co.uk)

btw, anyone notice how this is a REALLY badly written virus? what's the point in creating something to install itself all over the place and DDOS windowsupdate.com if it crashes the infected system and announces itself before it can deliver the payload? oh, and incase anyone was interested, SAN is S.A.N.S the SySAdmin, Network, Audit, Security institute, they send out critical vulnerability advisories from http://www.sans.org/