Solved

Windows Server 2003 svchost.exe error

Posted on 2007-03-30
13
442 Views
Last Modified: 2012-05-05
I am running into a login/service issue with my Windows Server 2003/Exchange box. This morning I tried to log in at startup using my normal process (ctrl - alt - delete) and never got a username and password page. I was able to get in to safe mode, but had little success there. After uninstalling Novell Client for Windows, I was able to get to the windows login and access the machine successfully. At that time I ran a Symantec scan, used Hijack this, and one other spyware tool. No luck finding anything wrong. Exchange services started up and ran fine, so email was working, but nobody could access their data in the D: drive from our network and as administrator I couldn't make any changes, open exe files. Initial error I got this morning was a winlogon error, but that has since been replaced by a svchost.exe error. Then a Windows reporting box pops up with "Generic Host Process for Win32 Services" report to send to microsoft.
The server is back up and running now - we have email, but no access to any shared drives.
Event viewer errors don't seem to show any consistent pattern.
I can troubleshoot, but need some direction - the data on this server is important to my folks, so accessing it is a must!
0
Comment
Question by:ridgeang
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 5
13 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 18832971
Did you install SP2?

There is a known issue with Receive Side Scaling.  Simply disable it on each NIC on the server.

Or

Uninstall SP2.

0
 

Author Comment

by:ridgeang
ID: 18833392
Netman66

This is a Windows Server 2003 box, no SP2 installed.
0
 

Author Comment

by:ridgeang
ID: 18836500
An interesting development. As I mentioned before, I can log in to the machine, but if I do it directly into the machine right after the ctl-alt-del screen the svchost.exe error comes up and from then on I may as well restart. But, this weekend I found that if I remote in and work with the server that way It will function relatively normally with no svchost.exe errors. I still cannot use .exe files - gives me a permissions error even with the admin account. Seems that we are limping along here - HELP!!!
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:ridgeang
ID: 18839210
Here is an error message that has come up just in the past 3 days - since the problems have started:

Event Type:      Warning
Event Source:      MSDTC
Event Category:      SVC
Event ID:      53258
Date:            3/30/2007
Time:            6:38:57 AM
User:            N/A
Computer:      ESMAIL
Description:
MS DTC could not correctly process a DC Promotion/Demotion event. MS DTC will continue to function and will use the existing security settings. Error Specifics: %1

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Am I right in reading this that a DC (domain Controller) event occured. Is there a way to tell what exactly happened to get this message?
0
 

Author Comment

by:ridgeang
ID: 18839266
OK, I traced the event viewer post a little further, and found that this error started 3/1. Here is an initial event viewer incident:

Event Type:      Error
Event Source:      MSDTC
Event Category:      Tracing Infrastructure
Event ID:      4404
Date:            3/1/2007
Time:            2:43:11 PM
User:            N/A
Computer:      ESMAIL
Description:
MS DTC Tracing infrastructure : the initialization of the tracing infrastructure failed. Internal Information : msdtc_trace : File: d:\nt\com\complus\dtc\dtc\trace\src\tracelib.cpp, Line: 1107, StartTrace Failed, hr=0x80070070

.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Any help?
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 18840798
Here's how to fix that:

1. Open the Component Services console.
2. Click on Computers.
3. Right click on My Computer and select Properties.
4. Select the MSDTC tab and click on Tracing Options.
5. Click in sequence: Stop Session, New Session, Flush Data, OK, and OK.
6. Restart the DTC service".

Reference: http://www.eventid.net/display.asp?eventid=4404&eventno=2844&source=MSDTC&phase=1
0
 

Author Comment

by:ridgeang
ID: 18905125
Netman66,

Ok, did the suggested steps and cleared out the error. Another problem has arisen which might lead to a new post? ASR won't kick the server into restart mode, and the trigger seems to be something to do with Backup Exec. I am trouble shooting with them, but the server freezes up nightly during the window of the backup. I have suspended backups for the time being to see if this impacts it.

Am I to the point that I need to do a repair/fresh install?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 500 total points
ID: 18905170
It wouldn't surprise me to hear BEX is causing some grief.  It isn't the first I've heard of issues with this product.

0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 500 total points
ID: 18905177
I wouldn't assume you need a fresh install - it may not solve this problem with BEX.

Keep working with their techs until you're satisfied.  You paid for this product and it should be working properly.

0
 

Author Comment

by:ridgeang
ID: 18934086
Worked with the techs at Symantec, looks like we need to go back to the Windows Server Side of things. This box has not been functioning for more than a day or two without freezing up. Then it won't go into ASR. I checked the settings and things are set to reboot, but it isn't. Another issue I have run into is when I log as administrator I can't run any .exe files that are not downloaded to the desktop. Tried to install some software from the D: drive and got a permissions error and was not able to. But the same software downloaded to the desktop works fine.
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 500 total points
ID: 18936174
Uninstall IE Enhanced Security from Add/Remove Programs>Windows Components

0
 

Author Comment

by:ridgeang
ID: 18939581
OK, got it cleared off.
0
 

Author Comment

by:ridgeang
ID: 18947946
Netman66,

thanks for your assistance and patience with my many posts on this issue. The original issue is resolved, but a new one now exists. The server keeps freezing and takes a manual restart to get running again. Look for a new post soon.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
how to add IIS SMTP to handle application/Scanner relays into office 365.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question