Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rebooting Over & Over


  • Please log in to reply
1 reply to this topic

#1 captkirk66

captkirk66

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:08 PM

Posted 30 September 2009 - 07:41 PM

As a newbie to this forum, I thank you in advance. I have been asked to work on a friend's laptop that has "died". I suspect a massive infection based on quick Google Search of the error. No definitive direction jumps out (short of a complete reload). Not exactly sure how it got to this point, but here is the information:

System: HP Pavilion dv6000 (laptop)
OS: MS WinXP SP3

Behavior: When attempting to boot in Normal mode, the Win logo appears as well as Logon prompt. After login, the following message appears:

The system is shutting down.
Please save all work in progress and log off.Any unsaved changes will be lost.
This shut down was initiated by NT\AUTHORIYSYSTEM Time before shut down(then a countdown starts at 1:00)
Message The system process 'C:\WINDOWS\SYSTEM32\services.exe' terminated unexpectedly with status code -1073741482.The system will now shut down.)

The countdown starts and the system reboots with the same results.

I am able to boot into Safe Mode. I have tried to run Malwarebyte's Anti-Malware, but am getting runtime errors. AVG also does not run with a prompt to re-install. System Restore Option fails to load/run and prompts to reboot in order to work, but to no avail.

Not sure what the next step should be. Any help or direction would be appreciated.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:08 PM

Posted 01 October 2009 - 12:30 PM

If your computer keeps shutting down on its own, follow these steps to stop the cycle:
  • Click on Posted Image > Run..., and copy and paste this command into the open box: cmd
  • Press Ok.
  • At the command prompt C:\>, type: shutdown -a
  • Press Enter.
Also see How can I quickly abort a shutdown? and Using Shutdown Command which can cancels a system shutdown already in progress.

The symptoms you describe could be symptomatic of a variety of things to include hardware/software issues, overheating caused by a failed processor fan, bad memory (RAM), failing or underpowered power supply, CPU overheating, motherboard, video card, faulty or unsigned device drivers, CMOS battery going bad, BIOS and firmware problems, dirty hardware components, programs hanging or unresponsive in the background, and even malware.

When doing a search on the net for Shutdown initiated by NT Authority\system, you will find thousands of complaints with various causes and possible solutions. What works for one person may not work for another.

Some rootkits have been found to be accompanied by BSOD's and various stop error/shutdown messages so a rootkit check should be performed. I recommend performing an anti-rootkit (ARK) scan with one of the following:Before performing an anti-rootkit (ARK) scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.
  • Disconnect from the Internet or physically unplug you Internet cable connection.
  • Clean out your temporary files.
  • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
  • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
Note: Not all hidden components detected by ARKs are malicious. It is normal for a Firewall, some Anti-virus and Anti-malware software (ProcessGuard, Prevx1, AVG AS), sandboxes, virtual machines and Host based Intrusion Prevention Systems (HIPS) to hook into the OS kernal/SSDT in order to protect your system. SSDT (System Service Descriptor Table) is a table that stores addresses of functions that are used by Windows. Both Legitimate programs and rootkits can hook into and alter this table. You should not be alarmed if you see any hidden entries created by legitimate programs after performing a scan.

Edited by quietman7, 01 October 2009 - 12:34 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users