reMarkable
asked on
"RPC Terminated" Causes Continuous Re-Boot - Even in Safe Mode !
Hardware/Software:
Dell OptiPlex GX110, P-III, 512MB RAM, CD-R, WinXP Pro, NIC
Situation:
Client reports and I witnessed first hand - PC boots - very, very slowly (~5-7 minutes) - Windows Desktop begins to appear - before much of anything else loads - Message window appears and says (approximately:) "Must restart now - Remote Procedure Call (RPC) Service Terminated Unexpectedly." The PC then slowly re-boots and does the same thing over again.
Client reports that this occurred directly after installing Google Desktop Search tool. Also reports he installed the same Google software on a home PC - and the home PC is also getting RPC related errors.
Actions Taken to Date:
Booted into Safe Mode - it took almost as long to boot into Safe Mode (~5 Minutes) as it did to do an ordinary boot! I never have seen this before!?!?! (Tried this multiple times.) SAME ERROR comes up in Safe Mode - obviously the issue is on a pretty fundamental level.
Obtained a WinXP Pro (Upgrade) disk - attempted to get to Recovery Mode - but stops after password at C: prompt. Somehow I recall Recovery mode replacing files, etc - without C: prompt involvement - no?
Has anyone seen this before - and more importantly - what suggestions do you have for repair?
Thanks in Advance,
Mark
Dell OptiPlex GX110, P-III, 512MB RAM, CD-R, WinXP Pro, NIC
Situation:
Client reports and I witnessed first hand - PC boots - very, very slowly (~5-7 minutes) - Windows Desktop begins to appear - before much of anything else loads - Message window appears and says (approximately:) "Must restart now - Remote Procedure Call (RPC) Service Terminated Unexpectedly." The PC then slowly re-boots and does the same thing over again.
Client reports that this occurred directly after installing Google Desktop Search tool. Also reports he installed the same Google software on a home PC - and the home PC is also getting RPC related errors.
Actions Taken to Date:
Booted into Safe Mode - it took almost as long to boot into Safe Mode (~5 Minutes) as it did to do an ordinary boot! I never have seen this before!?!?! (Tried this multiple times.) SAME ERROR comes up in Safe Mode - obviously the issue is on a pretty fundamental level.
Obtained a WinXP Pro (Upgrade) disk - attempted to get to Recovery Mode - but stops after password at C: prompt. Somehow I recall Recovery mode replacing files, etc - without C: prompt involvement - no?
Has anyone seen this before - and more importantly - what suggestions do you have for repair?
Thanks in Advance,
Mark
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I mean to say take this pc to a network and then connect this pc to hub and access the registry (This is called Accessing Network Registry).
If you have a Cross Over cable then you can connect two PC directly means NIC to NIC.
If you have a Cross Over cable then you can connect two PC directly means NIC to NIC.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
mdiiglio..
His pc reboots as soon as he logs on..then when he will issue Shutdown command.?
His pc reboots as soon as he logs on..then when he will issue Shutdown command.?
Hey Buddy,
Yea, like I said I couldn't tell if he can get to the desktop or not.
If he can he'll have 30 seconds to click start >> run >> cmd
shutdown -a
If he can't then I said to just ignore my instructions.
Yea, like I said I couldn't tell if he can get to the desktop or not.
If he can he'll have 30 seconds to click start >> run >> cmd
shutdown -a
If he can't then I said to just ignore my instructions.
ASKER
I can't seem to take any action on the desktop - or try gaining control when it boots - machine is either responding so slowly it apprears to be locked or it actually is "locked." Remember this PC is taking more than 5 minutes to get to the desktop - even in Safe Mode.
Also - it's a solo desktop PC in a single person office - so there is not abilty to network it with another PC.
Best I seem to be able to do is get into Recovery Mode with the WinXP Pro CD were I reach a DOS prompt - so potentially I could run something under DOS.
Is there any way to check the registry under DOS?
I've also prepared a Boot Disk with the DOS version of F_Secure on it (w/the latest virus defs on it.)
Any further thoughts on how to retake this PC.
Also - it's a solo desktop PC in a single person office - so there is not abilty to network it with another PC.
Best I seem to be able to do is get into Recovery Mode with the WinXP Pro CD were I reach a DOS prompt - so potentially I could run something under DOS.
Is there any way to check the registry under DOS?
I've also prepared a Boot Disk with the DOS version of F_Secure on it (w/the latest virus defs on it.)
Any further thoughts on how to retake this PC.
>>>Is there any way to check the registry under DOS?
That's what i was thining and could not find..so i posted the soluton using Network Registry.
That's what i was thining and could not find..so i posted the soluton using Network Registry.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is probably a script virus (msblaster related) that keeps shutting the rcp process.
Go to symantec and download the removal tool.
Go to symantec and download the removal tool.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks all for the suggestions. Here's the long story of how this was resolved - on both PCs:
The first part of the puzzle was solved by taking mdiglio's suggestion of using "shutdown -a" - which originally I didn't think I couldn't do - for two reasons:
One was I didn't think the PC allowed time before it shut down to get the command in there and the second was I couldn't get the Task Bar to come up. BUT I WAS WRONG ON THE FIRST ASSUMPTION - it turned out that I had a very short window (maybe 20 seconds) when I could gain control over the PC - but I still had the second problem - there was no access to a Task Bar - hence Start Button etc. A quick call to a buddy reminded me that Windows-Key + R opens the command prompt - so after a 5+ minute boot-up, at just the right moment I could hit that key combination - then type "shutdown -a" - and stop the system shut down. It turns out that a minute or two later it came up with the same shut down message all over again. What I learned to do was keep the command prompt window open - with the "shutdown -a" already typed in - and as soon as the message would reappear - which it did every couple of minutes - then I'd toggle to the window and hit enter.
Next I tried SystmProg's suggestion of scouring the PC's Registry and Startup areas etc, etc - but I came up empty. Then I decided to uninstall the Google Desktop Search - which is what the client had reported installing just before the problem started. For good measure, I also uninstalled GoToMyPC - as I figured that it might also be involved with the RPC error - being I believe an app that uses that - and poof - the RPC shutdown message had stopped!! I can’t say if it was the removal of which application or both that seemed to stop the message. Next I went to System Restore - and restored the PC to the day before install - just for good measure - and the machine returned to it's normal happy self! Once completed that - my client said – “Great, now let's go do the same thing on my PC at home” - and that's exactly what we did - and that machine (which was physically identical to the office PC - and had virtually identical software too) was completely cured as well.
For those of you who accuse a virus/worm – both PCs were running SP2, completely up-to-date on all OS patches and had properly updated and active antivirus programs running – further making the case for a problem somewhere else – although given the original symptoms – I did join in and diagnosed it (as I did to the client) as a probably virus/worm. This was also based on the fact I couldn’t find anything on the web relating the Google Desktop with installation problems or PC lock ups – still can’t. However…
Here in the New York City area, I was listening to WCBS 880AM which has a brief PC segment a couple of times a day – and the guy who does it mentioned that he had previously touted the Google Desktop app - but had gotten feedback from a number of listeners that it clobbered their PCs. That’s as much as he said – but I really think that somehow the Google Desktop screws up something – maybe something related to GoToMyPC – I don’t know. I do know that I have a very happy client now
As to distributing points – that ‘s a bit tricky – but many of you had valid points:
180 for SystmProg for a quick & logical response - and some measure of persistence, even though in this case it didn't solve the problem.
200 for mdiglio for giving me the key method that helped me turn things around - that "shutdown -a" I'll keep that in my mental bag of WinXP tricks.
80 for cmegson for providing a great link on Registry Restoration - even though it turned out not to be my solution this time.
40 for senad for providing a logical link about worm removal - even though it wasn't part of the mix this time either.
Thanks again - one and all who helped me get though this challenge.
-Mark
The first part of the puzzle was solved by taking mdiglio's suggestion of using "shutdown -a" - which originally I didn't think I couldn't do - for two reasons:
One was I didn't think the PC allowed time before it shut down to get the command in there and the second was I couldn't get the Task Bar to come up. BUT I WAS WRONG ON THE FIRST ASSUMPTION - it turned out that I had a very short window (maybe 20 seconds) when I could gain control over the PC - but I still had the second problem - there was no access to a Task Bar - hence Start Button etc. A quick call to a buddy reminded me that Windows-Key + R opens the command prompt - so after a 5+ minute boot-up, at just the right moment I could hit that key combination - then type "shutdown -a" - and stop the system shut down. It turns out that a minute or two later it came up with the same shut down message all over again. What I learned to do was keep the command prompt window open - with the "shutdown -a" already typed in - and as soon as the message would reappear - which it did every couple of minutes - then I'd toggle to the window and hit enter.
Next I tried SystmProg's suggestion of scouring the PC's Registry and Startup areas etc, etc - but I came up empty. Then I decided to uninstall the Google Desktop Search - which is what the client had reported installing just before the problem started. For good measure, I also uninstalled GoToMyPC - as I figured that it might also be involved with the RPC error - being I believe an app that uses that - and poof - the RPC shutdown message had stopped!! I can’t say if it was the removal of which application or both that seemed to stop the message. Next I went to System Restore - and restored the PC to the day before install - just for good measure - and the machine returned to it's normal happy self! Once completed that - my client said – “Great, now let's go do the same thing on my PC at home” - and that's exactly what we did - and that machine (which was physically identical to the office PC - and had virtually identical software too) was completely cured as well.
For those of you who accuse a virus/worm – both PCs were running SP2, completely up-to-date on all OS patches and had properly updated and active antivirus programs running – further making the case for a problem somewhere else – although given the original symptoms – I did join in and diagnosed it (as I did to the client) as a probably virus/worm. This was also based on the fact I couldn’t find anything on the web relating the Google Desktop with installation problems or PC lock ups – still can’t. However…
Here in the New York City area, I was listening to WCBS 880AM which has a brief PC segment a couple of times a day – and the guy who does it mentioned that he had previously touted the Google Desktop app - but had gotten feedback from a number of listeners that it clobbered their PCs. That’s as much as he said – but I really think that somehow the Google Desktop screws up something – maybe something related to GoToMyPC – I don’t know. I do know that I have a very happy client now
As to distributing points – that ‘s a bit tricky – but many of you had valid points:
180 for SystmProg for a quick & logical response - and some measure of persistence, even though in this case it didn't solve the problem.
200 for mdiglio for giving me the key method that helped me turn things around - that "shutdown -a" I'll keep that in my mental bag of WinXP tricks.
80 for cmegson for providing a great link on Registry Restoration - even though it turned out not to be my solution this time.
40 for senad for providing a logical link about worm removal - even though it wasn't part of the mix this time either.
Thanks again - one and all who helped me get though this challenge.
-Mark
Hey...good job fixing this Mark.
Thanks for letting us know how you did it and thanks for the points
Thanks for letting us know how you did it and thanks for the points
Thanks!
ASKER
Thanks for the speedy response - but I'm a bit confused by some of your instructions:
>>Let the screen come upto Login screen...
I can't get to a Login screen - execpt a prompt for the Administrative password in Recovery mode, where it then leaves me at the DOS prompt at c:\Windows - is that what you mean?
>>goto another computer user Registry Editor...
I don't have another computer on-site.
Can you clarify these two steps please? Beyond that I have no problem searching /editing the registry if given instructions on what to look for/change.
Thanks,
Mark