Author Topic: "the AAVM subsystem detected a RPC error"  (Read 41870 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re:"the AAVM subsystem detected a RPC error"
« Reply #15 on: November 25, 2004, 08:57:34 PM »
If that doesn't solve it, use the search function on this board. In several places is a util mentioned with which you can select how Windows should load things and in what sequence. (Sorry, can't remember the name of it)

Startup Delayer: http://www.r2.com.au/downloads/files
The best things in life are free.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48512
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:"the AAVM subsystem detected a RPC error"
« Reply #16 on: November 26, 2004, 03:35:30 PM »
If that doesn't solve it, use the search function on this board. In several places is a util mentioned with which you can select how Windows should load things and in what sequence. (Sorry, can't remember the name of it)

Startup Delayer: http://www.r2.com.au/downloads/files
Technical
Any hints on it's propper use? Also how do you remove a program from it if you change your mind???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re:"the AAVM subsystem detected a RPC error"
« Reply #17 on: November 26, 2004, 07:20:06 PM »
Any hints on it's propper use?

I posted two pictures of my order of programs in startup... I can't take one more  ;D

Also how do you remove a program from it if you change your mind???

You should change it back to its origin while in Safe Mode.
The best things in life are free.

lithi0m

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #18 on: December 15, 2004, 09:04:07 PM »
this reply might be a bit delayed,unsure if the issue was resolved. but the avast "AAVM....RPC Error" also occurs when you change the administrative password on your computer/server. if this applies to your situation, route to "administrative tools\services", under the "avast! Antivirus" service right click, "properties" "Log On" tab and change the log on account to match your recent change, or just choose the "local system account" option. If this helps then great. if not, then that's 30 secconds that you will never get back....
« Last Edit: December 15, 2004, 09:08:04 PM by lithi0m »

klonk

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #19 on: December 17, 2004, 05:39:38 PM »

I have the exact same problem running XP SP2 on an amd64 with DEP enabled.

Running the ashServ.exe with filemon gives me the following results (see attached screenshot). Seems there is buffer overflow ('intercepted' by DEP).

Is this normal behavior ? Will this be fixed ?

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re:"the AAVM subsystem detected a RPC error"
« Reply #20 on: December 17, 2004, 07:27:49 PM »
I have the exact same problem running XP SP2 on an amd64 with DEP enabled.

Exactly the same error?? What does it have to do with the thread topic?

Running the ashServ.exe with filemon gives me the following results (see attached screenshot). Seems there is buffer overflow ('intercepted' by DEP).

I'm not sure if it's an error at all - it may be just a return code saying that the application should use a bigger buffer for the request. Anyway, as you can see, the access is done from services.exe - i.e. from a system component, not from avast!.

klonk

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #21 on: December 17, 2004, 11:26:34 PM »
By exactly the same error I mean "RPC subsystem failed" when trying to get the memory resident protection from the systray icon.

I tried reinstalling/repairing/whatevering and nothing. Still the same error.

And yes I'm running the same error.

I got a bunch of other Buffer Overflow errors as well in filemonb. Give it a try for yourself.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re:"the AAVM subsystem detected a RPC error"
« Reply #22 on: December 17, 2004, 11:54:15 PM »
OK, I was just trying to say that this "buffer overflow" may be completely unrelated, and possibly not even an error at all.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re:"the AAVM subsystem detected a RPC error"
« Reply #23 on: December 18, 2004, 01:00:38 AM »
By exactly the same error I mean "RPC subsystem failed" when trying to get the memory resident protection from the systray icon.

Do you have any other antivirus installed in your computer?
Did you have in the past? Which one?
RPC error is generally related to other antivirus present or, at least, firewall blocking. Do you use a firewall? Which one?

Anyway, RPC error is most likely correct by this procedure:
Go to Control Panel > Add/Remove programs > avast! antivirus > Remove
Then choose Repair function in the pop up window (Repair).
Unfortunatelly, it does not help in your case  :'(

If this does not help, can you uninstall / boot / install / boot again?


OK, I was just trying to say that this "buffer overflow" may be completely unrelated, and possibly not even an error at all.

And what is it then?  ???
What does it mean?
The best things in life are free.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:"the AAVM subsystem detected a RPC error"
« Reply #24 on: December 18, 2004, 04:45:24 PM »
:)

This is a wonderful example of how BIG WEAPONS (Filemon in this case) should only be handled by those who know HOW TO OPERATE THEM. First, let me say "no offense" - I certainly don't want to sound offensive.

OK, here's what's going on here: the magic phrase Buffer Overrun has become very popular among the computer people, both pros and BFU's, in the last couple of years. It almost sounds like some sort of ancient cause of all problems computers are having. Very few people realize that a buffer overrun by itself is not something bad - it really just means that a something does not fit to a piece of memory which was allocated for it. Not necessarily a problem, especially taking into account that many Windows functions accept buffer size of zero bytes, which is taken as an indication that the REAL size of the buffer is requested, instead of the actual data to be filled to the buffer.

Well, thinking about it a bit more - it's probably hard to explain this to a non-programmer, but the moral is: interpret filemon's output only if you know what it means. Filemon dumps (especially the parts in the last columns) are intemately related to how the system works and IMHO cannot be correctly understood by someone who really doesn't know how the system API's are called and what their arguments really mean.


Anyway, to get back to the original topic: are you saying that ashServ.exe IS running, but clicking on the tray icon still yields the "AAVM RPC Error"? What if you wait for a couple of minutes? Still the same?



Thanks
Vlk
If at first you don't succeed, then skydiving's not for you.

klonk

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #25 on: December 19, 2004, 12:17:36 AM »
Yes after a couple of minutes or a couple of hour still the same.

I currently have no firewall on this machine (the XP2 firewall is disabled). I had Kaspersky Personal installed once, but it has been desinstalled.

shinji

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #26 on: December 26, 2004, 05:21:17 PM »
Hi!

I have excactly the same problem with the latest Avast-Home version on my old system (Windows 2000/SP4). Yesterday I have completely reinstalled W2k together with:

MS Office 2003 (with all updates)
HP OfficeJet 5500 Suite

- no other virus scanner or firewall is installed !!

Then I installed Avast-Home in standard mode and restarted the system.
But when I login the ashserv.exe is not starting properly. The status of the service is "starting". This takes about 5 minutes. In the meantime I cannot work with my system because the network and a lot of other components are blocked.

But when I set the starting method of ashserv to "manual" and start the service manually ashserv starts immediately without any problems!!!

I thought that ashserv is started to early but it depends on RPCSs and I think it won't try to start before RPC is started. Nevertheless I added some more services (spooler....) to the dependencies of ashserv to delay the start. But it didn't work. :-(


And there is no "repair" available. When I follow

Control Panel > Add/Remove programs > avast! antivirus > Remove

Avast ist removed immediately without an option to select "repair"!

My system:

MSI MS-6119 mainboard (Intel BX)
Pentium-III 500MHz
128MB RAM
SoundBlaster AWE64gold
Realtek 8029A 10/100MBit NIC
Riva128 graphics board

  Shinji
« Last Edit: December 26, 2004, 05:29:59 PM by shinji »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re:"the AAVM subsystem detected a RPC error"
« Reply #27 on: December 27, 2004, 01:33:12 AM »
shinji, are you using the last avast version setup (4.5.549)?
The absence of the repair function is very odd ::)

Without RPC even Windows will work... It's an essencial service.
avast must run only after RPC is loaded... I can't figure out the contrary...  ::) :-\
The best things in life are free.

shinji

  • Guest
Re:"the AAVM subsystem detected a RPC error"
« Reply #28 on: December 27, 2004, 02:45:54 PM »
shinji, are you using the last avast version setup (4.5.549)?

Hi!
Yes, I am using 4.5.549

Quote
Without RPC even Windows will work... It's an essencial service.
avast must run only after RPC is loaded... I can't figure out the contrary...  ::) :-\

Yes, I know. But if ashserv is started automatically a lot of Windows functions are not working until ashserv is running.  The network is unavailable and if I try to open the hardware manager (don't know the correct labelling in English) it hangs till ashserv is running. The system event log is filled with a lot warning messages that services cannot be started. But it all works perfect when I disable the autostart of the ashserv service or start it manually as administrator after the login.

It's very frustrating.
I know that it worked before I reinstalled windows.
The only differences between the old and the new installation are:

Old:
Asus P2L97-S mainboard (Intel LX)
Pentium-II 300
Office XP / SP3

"New":
MSI MS-6119 mainboard (Intel BX)
Pentium-III 500
Office 2003

  Shinji

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67197
Re:"the AAVM subsystem detected a RPC error"
« Reply #29 on: December 27, 2004, 03:21:47 PM »
Yes, I know. But if ashserv is started automatically a lot of Windows functions are not working until ashserv is running.

Sure, this is for your protection.
SP2 deeply increased the security while lauching and shutting down Windows. Some of them are about antivirus and firewall applications.
Did you try Startup Delayer (http://www.r2.com.au/downloads/files) like I posted before?
The best things in life are free.