Win2K Infected??

  • Thread starter Thread starter A Riaz
  • Start date Start date
A

A Riaz

Hello everyone,

I'm a tech support at a school. Recently I have come across
couple of Win2k Pro machines that are behaving in a weird
but identical manner. I'll just go ahead and write down the
symptoms in here:

- Internet explorer doesn't open up a new window if a
hyperlink requires a new popup window.

- Control panel displays its content on the left part of
the window where Microsoft Windows logo is suppose to show up.

- Add/Remove Programs applet doesn't open up correctly

- MS word gives an error saying something like can't link
to the document or something similar.

- We use MacAfee Antivirus at school. It stops responding.
If you run the update, it says that update service cannot
be initialized.

- All the above problems go away if the computer is
restarted. And they come back again after a day or so.

Above mentioned symptoms/problems are the one that I
detected while trying to rescue the computer. After
restarting the computer if I run the antivirus, no
infections are revealed. I have been searching around on
the web and have also discussed the problem with couple of
people but can't find a solution. I would really appreciate
if someone could help me out or point me in the right
direction.

Thanks,

Riaz
 
It sounds like some sort of infection or corruption though I tend to think an
infection may have been involved if more than one computer exhibits the behavior. I
would look in Event Viewer to see if any clues are found there and try running System
File Checker on them as in sfc /scannow.

http://support.microsoft.com/default.aspx?scid=kb;en-us;222471

It always helps to get a second opinion on viruses and also try a parasite removal
tool such as AdAware or SpyBot Search and Destroy [both free]. McAfee also has a free
Stinger download tools that scans for and removes many of the common viruses. In
addition it may be helpful to use some free tools from SysInternals such as Process
Explorer and Autoruns to see if you can find any rogue processes or start up programs
that may relate to the problem. It is often easiest to use those utilities to compare
results to a like know clean similar configured computer, though they give detailed
information. If nothing turns up, the best solution may be to format and reinstall
after backing up any needed data first of course which may include the user profiles
in the documents and settings folder. --- Steve

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/
http://security2.norton.com/sscv6/default.asp?langid=ie&venid=sym --- free online
scan. You may want to add the site to your trusted web content zone to do the scan.
 
You need to reinstall or do a repair on IE.

-----Original Message-----
It sounds like some sort of infection or corruption though I tend to think an
infection may have been involved if more than one
Click to expand...
computer exhibits the behavior. I
would look in Event Viewer to see if any clues are found there and try running System
File Checker on them as in sfc /scannow.

http://support.microsoft.com/default.aspx?scid=kb;en- us;222471

It always helps to get a second opinion on viruses and also try a parasite removal
tool such as AdAware or SpyBot Search and Destroy [both free]. McAfee also has a free
Stinger download tools that scans for and removes many of the common viruses. In
addition it may be helpful to use some free tools from SysInternals such as Process
Explorer and Autoruns to see if you can find any rogue processes or start up programs
that may relate to the problem. It is often easiest to use those utilities to compare
results to a like know clean similar configured computer, though they give detailed
information. If nothing turns up, the best solution may be to format and reinstall
after backing up any needed data first of course which may include the user profiles
in the documents and settings folder. --- Steve

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/
http://security2.norton.com/sscv6/default.asp?
Click to expand...
langid=ie&venid=sym --- free online
 
Thanks Steve.. I used Ad-aware to remove many malicious
programs from those computers. and I hope that will fix the
problem. I find your reply very informative. Thanks you again.

Riaz
-----Original Message-----
It sounds like some sort of infection or corruption though I tend to think an
infection may have been involved if more than one computer exhibits the behavior. I
would look in Event Viewer to see if any clues are found there and try running System
File Checker on them as in sfc /scannow.

http://support.microsoft.com/default.aspx?scid=kb;en-us;222471

It always helps to get a second opinion on viruses and also try a parasite removal
tool such as AdAware or SpyBot Search and Destroy [both free]. McAfee also has a free
Stinger download tools that scans for and removes many of the common viruses. In
addition it may be helpful to use some free tools from SysInternals such as Process
Explorer and Autoruns to see if you can find any rogue processes or start up programs
that may relate to the problem. It is often easiest to use those utilities to compare
results to a like know clean similar configured computer, though they give detailed
information. If nothing turns up, the best solution may be to format and reinstall
after backing up any needed data first of course which may include the user profiles
in the documents and settings folder. --- Steve

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
http://www.sysinternals.com/ntw2k/freeware/autoruns.shtml
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/
http://security2.norton.com/sscv6/default.asp?langid=ie&venid=sym --- free online
scan. You may want to add the site to your trusted web content zone to do the scan.

Hello everyone,

I'm a tech support at a school. Recently I have come across
couple of Win2k Pro machines that are behaving in a weird
but identical manner. I'll just go ahead and write down the
symptoms in here:

- Internet explorer doesn't open up a new window if a
hyperlink requires a new popup window.

- Control panel displays its content on the left part of
the window where Microsoft Windows logo is suppose to show up.

- Add/Remove Programs applet doesn't open up correctly

- MS word gives an error saying something like can't link
to the document or something similar.

- We use MacAfee Antivirus at school. It stops responding.
If you run the update, it says that update service cannot
be initialized.

- All the above problems go away if the computer is
restarted. And they come back again after a day or so.

Above mentioned symptoms/problems are the one that I
detected while trying to rescue the computer. After
restarting the computer if I run the antivirus, no
infections are revealed. I have been searching around on
the web and have also discussed the problem with couple of
people but can't find a solution. I would really appreciate
if someone could help me out or point me in the right
direction.

Thanks,

Riaz
Click to expand...


.
Click to expand...
 
Back
Top