KB10174: Windows Shuts Down Unexpectedly with an RPC Error
(W32 Blaster)

Summary: When trying to dial in, Windows displays an error that it will restart due to a Remote Procedure Call (RPC) service termination. The system counts down for 60 seconds, then reboots. Includes information for removing the W32.Blaster Worm.

SYMPTOMS

When trying to dial in, Windows shuts down. Before shutting down, an error is displayed:

This system is shutting down. Please save all work in progress and log off. Any unsaved changes will be lost. This shutdown was initiated by NT AUTHORITY\SYSTEM

Time before shutdown: 00:00:01

Windows must now restart because the Remote Procedure Call (RPC) service terminated unexpectedly

The clock displays 60 seconds, which counts down. After this time, it then reboots the computer.

CAUSE

This error is caused by the W32.Blaster Worm. This worm is designed to attack Windows Dialup Networking (DUN) files.

Some users who have switched from another ISP, such as AOL or NetZero think that this error is caused by our service or software. Or they may think our service has infected the computer. This is not the case. Our software is free of all viruses.

Many other ISPs use their own (proprietary) software which bypasses Windows DUN files all together. In this case, a user could have the Blaster Worm, and never know it.

The LanZing.Net dialer does use the Windows DUN files, and therefore, once this dialer is used, the virus triggers the RPC error.

The virus was present all the time, sending itself to other people and potentially causing damage to the computer, but the user was simply unaware of it.

NOTE: It is important, if you are receiving this error, that you clean your system and patch it to prevent future infection. If all you do is switch back to your previous provider, your system will still be infected, and could still be damaging both your computer, and the computers of others.

RESOLUTION

1. First, you must patch your computer against being re-infected again.

   Microsoft has released an update to protect against the security flaw which the Blaster Worm utilizes. Please follow this link and install the patch:

   For Windows 2000 Users

   For Windows XP Users

    

2. Next, download and run the Blaster Removal Tool from Microsoft:

   Microsoft Blaster Removal Tool

    

3. Once your computer is free from the Blaster Worm, you should now protect your computer from future viruses and other attacks, by visiting Windows Updates. Scan your computer for all updates and install them. This will ensure your computer is patched against all known Windows security flaws.

   In addition, you may wish to consider purchasing anti-virus software from a vendor, such as Norton Anti-Virus, Trend Micro's PC-cillan, or McAfee Anti-Virus.

   Remember to keep all anti-virus definitions up to date, and visit Windows Update frequently. Your computer is only as secure as it is updated against newly discovered security flaws.

MORE INFORMATION

Microsoft's Blaster Information Page

Symantec's Blaster Information Page

Document reference number: KB10174
 

About Us | Dialup Plans | Features | Accelerator | Compare ISP | Access Numbers | Contact Us
Sign-Up! | Basic Access | Filtered Access | Static IP | ISDN | Dedicated | MultiLink | Network
Members Login | Web Space | News Groups | Community | Marketplace | Resources | Directory

How to Switch | Software | Updates | Compatibility | Questions | Glossary | Tech Support | Help!
Tell-A-Friend | Link to LanZing | Advertise Here | Affiliate Program | Resellers | Corp Rates
NewsRoom | Service Terms | Privacy Policy | Safety Center | Report Abuse | Site Map | Search!