Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows restarts because "DCOM Server Process Launcher service terminated unexpectedly"

Posted on 2007-03-28
7
48,079 Views
Last Modified: 2013-11-22
Dell Precision 340 running XP Pro and Norton Anti-Virus Corporate Edition.  Installed PCTools SpyDoctor (full version) two days ago.  Got rid of my spyware problems (I think) but now whenever I turn on the machine about a minute or so after windows loads i get a timed shutdown message that says:

"Windows must now restart because DCOM Server Process Launcher service terminated unexpectedly. " The shutdown is initiated by NT AUTHORITY\SYSTEM

This occurs in safe mode as well.  If I can manage to log in to windows quick enough, I can stop the shutdown by issuing "shutdown /a" from the command line.  Once that is done I don't seem to have any problems. . .

Thanks in advance for your help. . .
0
Comment
Question by:a2hIT
7 Comments
 
LVL 39

Expert Comment

by:PUNKY
ID: 18813641
Run msconfig and stop SpyDoctor see if it stops error.
0
 
LVL 4

Expert Comment

by:Soutie
ID: 18814267
that sounds like a sasser/blaster variant.
when you scanned your machine for malware did you find anything? if so and it was removed did you disable system restore?  Not disabling system restore first could lead to reinfection.
What version of corporate are you running.  Versions before 9 (I think it was) wern't very good at removing malware.  Upgrade to 10.1 if possible.
0
 

Author Comment

by:a2hIT
ID: 18815640
PUNKY: "Run msconfig and stop SpyDoctor see if it stops error"
Unchecked everything in msconfig that listed Spyware Doctor.  No result.  Uninstalled SpyDoctor Completely -- still no change.

Southie: "when you scanned your machine for malware did you find anything? if so and it was removed did you disable system restore?"  -- YES
"What version of corporate are you running."  -- Older than 9  :-(  Upgrade is not really "in the budget"

Thank you both for your responses.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 4

Accepted Solution

by:
Soutie earned 500 total points
ID: 18815741
@ a2hIT
you definitly have some form of malware.  Maybe try running stinger and see if it picks anything up.

vil.nai.com/vil/stinger/

you are going to need to clear the offending virus off the machine and uptate to the latest microsoft patches. If i recall correctly there was a patch a while ago to stop the DCOM exploitation, but i could be down to correction.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 18819995
Steve Gibson has produced a tool to disable DCOM:

http://www.grc.com/freeware/dcom.htm

This may help...

0
 

Author Comment

by:a2hIT
ID: 18820027
Thanks all.  Stopping Monitoring of this issue.  Thanks again.
0
 

Expert Comment

by:emoor
ID: 26503646
I get the error message that states that the system shutdown is being initiated by NT Authority/System and that Windows must now restart because the DCOM service process launch service terminated (which means I either have to use shutdown -a or reboot) BUT a McAfee scan picks up no virus, the stinger application picked up no virus and when I used Steve Gibson's tool I was told I have no DCOM service becausse I am running XP service pack 2.

Help?
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to remove Odin ransomware ? 11 203
GPO for weekly scan with Microsoft Security Essentials 1 88
Sophos Enterprise migration to Cloud? 2 80
Virus that hides folders 6 45
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question