Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Error in Remote Procedure call - no blaster found? [RESOLVED]


  • This topic is locked This topic is locked

#1
gust0208

gust0208

    Member

  • Member
  • PipPipPip
  • 311 posts
Hello everyone,

I have always figured myself a fairly advanced and safe internet user and am puzzled by this error. For the last few weeks, maybe 2-3 times a week, I get an error in the Remote Procedure call that is forcing a shutdown. I googled this and found the information on the Symantec Security site about the the W32.Blaster.Worm that seems to have been around 2003 causing this issue. I downloaded their scanner, disabled System Restore, ran it and found nothing. Not a huge surprise since I run an updated Symantec antivirus and Sygate personal firewall for protection. I then did a full virus scan with Symantec and latest virus definitions with nothing found, ran spyware/adaware and removed a few cookies, but otherwise nothing. Again tonight, I got the same error in Remote Procedure Call that is forcing a shutdown.

Any ideas of where to look or what to try to fix this problem? It doesn't seem like the Blaster worm since it is only happening a couple of times a week and I run my computer pretty much 24/7.

Information about my setup: Time Warner cable modem access, Sygate personal firewall, Symantec Antivirus, Spybot/AdAware, Win XP SP1 with all updates, Firefox 1.0.4, accessing internet through USB wireless adapter.

Cheers and thanks for any help,
Tom Gustafson
  • 0

Advertisements


#2
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Hi Gust0280 and welcome to Geeks To Go :tazz:

We have been very busy as of late, do you still need our help?

Please download a copy of hijack this and post a log.

Hijack This

*Important* : HijackThis! needs to be installed in its own folder, as it creates backups that you may need later (create a folder in "My Documents", for example...). This tool can be dangerous when handled improperly, so, PLEASE DON'T FIX ANYTHING WITH IT YET !! and wait for instructions. Run HijackThis!, then click on "Do a system scan and save a logfile". Save the log, then copy/paste it here so we can have a look.
  • 0

#3
gust0208

gust0208

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts

Hi Gust0280 and welcome to Geeks To Go :tazz:

We have been very busy as of late, do you still need our help?

Please download a copy of hijack this and post a log.

Hijack This

*Important* : HijackThis! needs to be installed in its own folder, as it creates backups that you may need later (create a folder in "My Documents", for example...). This tool can be dangerous when handled improperly, so, PLEASE DON'T FIX ANYTHING WITH IT YET !! and wait for instructions. Run HijackThis!, then click on "Do a system scan and save a logfile".  Save the log, then copy/paste it here so we can have a look.

View Post


Hello and thanks for the help! Here is the contents of my scan log file:
-----
Logfile of HijackThis v1.99.1
Scan saved at 11:31:55 PM, on 7/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Stanley Schemkpepper\Desktop\Recent Downloads\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120788423218
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
----

I am running Edonkey on a closed network with no other outside connections for use with the DAP Central project (to get my MST3K fix).

Thanks for your help, as an update since last time, I have upgraded the drivers for my wireless USB adapter to the latest/greatest since I noticed that the error seem to occur with a change in internet connectivity (aka the DAP Central server going down).

Cheers,
Tom
  • 0

#4
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Well gust i can see absolutley nothing in that log that is causing you problems ;)

One or two things did catch my eye, and that being.

You Need to Update Windows and IE to get all the Latest Security Patches that Protects Your Computer.

This can be accessed by going to Windows Updates and following the prompts.

And for your own protection, get rid of e-donkey, those p2p applications are darn virus farms.

Catch ya later :tazz:
  • 0

#5
gust0208

gust0208

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 311 posts

Well gust i can see absolutley nothing in that log that is causing you problems ;)

One or two things did catch my eye, and that being.

You Need to Update Windows and IE to get all the Latest Security Patches that Protects Your Computer.

This can be accessed by going to Windows Updates and following the prompts.

And for your own protection, get rid of e-donkey, those p2p applications are darn virus farms.

Catch ya later :tazz:

View Post


Thanks for the reply. I am up to date on the Microsoft patches as of 2-3 days ago, I am running SP1 since I have a few apps that I like which have difficulties under SP2. Edonkey is not really a problem since I run it solely to connect to the DAP Central server and it has been "overkilled" so it won't connect to any other server and they nicely run a whitelist server so the downloads are squeeky clean and approved.

I am waiting to see if the updated USB wireless drivers clean up the issue. The problem seem to crop up after I re-installed the adapter and used the stock drivers from the install CD.

Cheers,
Tom
  • 0

#6
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Your welcome Tom ;)

Perhaps stop by the hardware section, maybe them fellows can help you out.

Here's a link.

http://www.geekstogo...pherals-f9.html

Good luck :tazz:
  • 0

#7
John_L

John_L

    Visiting Staff

  • Member
  • PipPipPipPip
  • 1,398 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :tazz:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP