Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Shutdown -


  • This topic is locked This topic is locked
22 replies to this topic

#1 toshiba105

toshiba105

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 28 January 2010 - 04:13 PM

When I turn my Toshiba Satellite A 105 on...I only have 20 - 25 minutes before I see a box appear out of nowhere. It says "Generic Host Process for WIN32 Services has encountered a problem and needs to be restarted. Please tell Microsoft. click Send Error Report or Dont Send"

Then a 2nd box appears: "System Shutdown" with a timer of 55 seconds before it says my computer will be restarted. In the box it says "System is shutting down, please save all programs. NT Authoritative System. will restart due to DCOM Server Process."

sorry its doing it right now...must type fast.

Malwarebytes Anti-Malware & AVG both did not find anything.

it also restarts in Safe Mode.

Edited by toshiba105, 29 January 2010 - 12:20 PM.


BC AdBot (Login to Remove)

 


#2 barbtries

barbtries

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:32 AM

Posted 28 January 2010 - 06:53 PM

this has been happening to me today in fact i was up half the night as it happened over and over. what seems to have worked as far as my system not shutting down is the following, which i got from the windows update page:

in the run box type services.msc

this opens the services box. (actually the update page had me looking for other services not all of which i was able to fix, but this was on the list as well).

find and double click on the DCOM server process launcher to open the properties dialogue box. for startup type, select automatic.

on the recovery tab, select "restart service" for the first, second and third failures.

i did that this morning before going to work and it appears that the computer stayed on all day.

i'm still getting IE pop ups and was not able to get the automatic updates to remain enabled, so i am afraid i will need to reinstall windows on my computer. but at least it's staying on.

if you try this please let me know if it works for you. good luck.

#3 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 12:25 PM

i tried it:

1st box still appears ""Generic Host Process for WIN32 Services has encountered a problem and needs to be restarted. Please tell Microsoft. click Send Error Report or Dont Send"

2nd box doesnt: so the box that restarts my laptop doesnt appear anymore after trying what u said.

thanks!

BUT I STILL NEED TO GET RID OF THAT 1st POP UP BOX!!

How do i move this post to "Am I Infected" bc i think i am in the wrong forum??

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,552 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:32 AM

Posted 29 January 2010 - 12:40 PM

I will suggest (internally) that it be moved to Am I Infected, thank you.

Just hold tight until you hear from someone from BC staff.

Louis

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:32 AM

Posted 29 January 2010 - 01:06 PM

Hello, I am moving this to the Am I Infected forum for now..

If you do a Google search for Generic Host Process for Win32 Error, you will find this error is a common complaint by many users with no single solution. What works for one person may not work for another.

svchost.exe.mdmp is a mini dump used to send error reporting to Microsoft.
appcompat.txt is a reporting file with information used when uploading error reports to Microsoft when you get the message "report this error to Microsoft?"

Svchost.exe is the filename for Generic Host Process for Win32 Services. It is a process name for a group of services that are run from dynamic-link libraries (DLLs). This is a process that can run other services underneath itself so it may not be svchost.exe that's the issue, but rather one of the processes running underneath it. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. It is not unusual for multiple instances of Svchost.exe running at the same time in Task Manager in order to optimize the running of the various services.

There are several ways to investigate and see what services a Svchost.exe process is controlling, see:Note: Process Explorer shows two panes by default: the upper pane is always a process list and the bottom pane either shows the list of DLLs loaded into the process selected in the upper pane, or the list of operating system resource handles (files, Registry keys, synchronization objects) the process has open. In the menu at the top select View > Lower Pane View to change between DLLs and Handles.

To investigate all running processes and gather additional information to identify and resolve problems, you can also download and use:These tools will show the process CPU usage, a description and its path location. If you right-click on the file in question and select properties, you will see more details about the file.

Articles by Microsoft:The error could also be related to drivers for Hewlett-Packard printers and scanners. See here. {Courtesy of quietman7}


This may or may not be Malware related.
Have you tried using System Restore or System Restore from a command prompt in Safe Mode to return to a previous state before your problems began?



Next run MBAM (MalwareBytes):

NOTE: Before saving MBAM please rename it to zztoy.exe....now save it to your desktop.

Please download Malwarebytes Anti-Malware and save it to your desktop.

alternate download link

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 01:20 PM

1) I never did a system restore
2) I already have Malewarebutes Anti Malware...so I will run it.
3) I ran Hijack This earlier...here is the log:

C:\WINDOWS\system32\dwwin.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

EDIT Removed HJT log~~boopme

Edited by boopme, 29 January 2010 - 01:36 PM.


#7 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 01:34 PM

I performed a Quick Scan with Malwarebytes. Nothing Found. What do u want me to do next? here is the log:

Malwarebytes' Anti-Malware 1.44
Database version: 3658
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/29/2010 10:30:26 AM
mbam-log-2010-01-29 (10-30-26).txt

Scan type: Quick Scan
Objects scanned: 126693
Time elapsed: 8 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:32 AM

Posted 29 January 2010 - 01:40 PM

Hi, I do not belive this is going to be a malware issue.. Run a system restore to a date prior to the problem.

Windows XP System Restore Guide
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 02:18 PM

i tried 3 times to do a system restore to 3 different days in january...it would not restore!

whats next?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:32 AM

Posted 29 January 2010 - 02:33 PM

I am checking that you tried the DCOM as mentioned in post 2.
Or try turning off your AVG while doing the System restore.
Also you have tried in Safemode and from command prompt?

Edited by boopme, 29 January 2010 - 02:36 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 02:47 PM

for post 2: the restarter box does not appear anymore so the laptop does not restart, but the "Generic Host " box does appear.

i did not turn of AVG...my bad! how do i do this?? where is the OFF button?

did not try in safe mode. what is command prompt?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:32 AM

Posted 29 January 2010 - 02:54 PM

Most time right clicking the AVG icon by the clock pops up a menu and there is a diable or close. Do not surf the web while it is disabled or off. After the Restore.. then turn it on again.

From the link I gave you above... System Restore from a command prompt in Safe Mode

1/ Re-boot your PC

2/ As the PC is booting up keep tapping the F8 button

3/ When the Option Menu appears on screen select the Safe Mode with Command prompt option

4/ At the safe mode command prompt type: %systemroot%\System32\restore\rstrui.exe

5/ System Restore will now open and you can choose the relevant restore point
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 03:02 PM

i figured out to right click the avg by clock & turned it off...then i did a system restore, but it did not work.

im familiar with safe mode so i will try it now from there.

#14 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 03:23 PM

i went into safe mode with command prompt. did a system restore. it would NOT restore!

#15 toshiba105

toshiba105
  • Topic Starter

  • Members
  • 76 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:32 AM

Posted 29 January 2010 - 07:55 PM

so what now??




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users