?
Solved

Windows restarts because "DCOM Server Process Launcher service terminated unexpectedly"

Posted on 2007-03-28
7
Medium Priority
?
48,407 Views
Last Modified: 2013-11-22
Dell Precision 340 running XP Pro and Norton Anti-Virus Corporate Edition.  Installed PCTools SpyDoctor (full version) two days ago.  Got rid of my spyware problems (I think) but now whenever I turn on the machine about a minute or so after windows loads i get a timed shutdown message that says:

"Windows must now restart because DCOM Server Process Launcher service terminated unexpectedly. " The shutdown is initiated by NT AUTHORITY\SYSTEM

This occurs in safe mode as well.  If I can manage to log in to windows quick enough, I can stop the shutdown by issuing "shutdown /a" from the command line.  Once that is done I don't seem to have any problems. . .

Thanks in advance for your help. . .
0
Comment
Question by:a2hIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 39

Expert Comment

by:PUNKY
ID: 18813641
Run msconfig and stop SpyDoctor see if it stops error.
0
 
LVL 4

Expert Comment

by:Soutie
ID: 18814267
that sounds like a sasser/blaster variant.
when you scanned your machine for malware did you find anything? if so and it was removed did you disable system restore?  Not disabling system restore first could lead to reinfection.
What version of corporate are you running.  Versions before 9 (I think it was) wern't very good at removing malware.  Upgrade to 10.1 if possible.
0
 

Author Comment

by:a2hIT
ID: 18815640
PUNKY: "Run msconfig and stop SpyDoctor see if it stops error"
Unchecked everything in msconfig that listed Spyware Doctor.  No result.  Uninstalled SpyDoctor Completely -- still no change.

Southie: "when you scanned your machine for malware did you find anything? if so and it was removed did you disable system restore?"  -- YES
"What version of corporate are you running."  -- Older than 9  :-(  Upgrade is not really "in the budget"

Thank you both for your responses.
0
Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

 
LVL 4

Accepted Solution

by:
Soutie earned 1500 total points
ID: 18815741
@ a2hIT
you definitly have some form of malware.  Maybe try running stinger and see if it picks anything up.

vil.nai.com/vil/stinger/

you are going to need to clear the offending virus off the machine and uptate to the latest microsoft patches. If i recall correctly there was a patch a while ago to stop the DCOM exploitation, but i could be down to correction.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 18819995
Steve Gibson has produced a tool to disable DCOM:

http://www.grc.com/freeware/dcom.htm

This may help...

0
 

Author Comment

by:a2hIT
ID: 18820027
Thanks all.  Stopping Monitoring of this issue.  Thanks again.
0
 

Expert Comment

by:emoor
ID: 26503646
I get the error message that states that the system shutdown is being initiated by NT Authority/System and that Windows must now restart because the DCOM service process launch service terminated (which means I either have to use shutdown -a or reboot) BUT a McAfee scan picks up no virus, the stinger application picked up no virus and when I used Steve Gibson's tool I was told I have no DCOM service becausse I am running XP service pack 2.

Help?
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question