General discussion

Locked

Corrupted Profiles - and more

By aceteach2001 ·
I'm working with a site containing about 35 machines running Win2K. Since last Wednesday, day by day, about three to five machines are be ing affected by something that is corrutpting user profiles to include creating a desktop background that is totally black, a disconnect from MS Office products (Outlook - on Exchange server - errors out; sometimes Word / Excel are dropped from MS Office Products list in Program files). All machines run NAV and are up to date through live update; scans from Norton's and McAfee Stinger show no results. Most machines have small amount of spyware but nothing that is outstanding as a common problem. Am wondering if there is an unknown virus / worm being propagated or if some recent download update from MS (such as the Rollup Update for 2K SP4) might be the culprit.

Any ideas?

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Not specifically, but

by Roger99a In reply to Corrupted Profiles - and ...

We had a worm on our systems not long ago that none of the AV systems could find, and we tried NAV, CA and Trend. What we ended up doing is running Ethereal to sniff out packets and found machines on the network that were arping IP addresses that were not in use. These machines were removed from the network and formatted. We did find and submit the file that was loading and causing the problem and CA has added it to the eTrust definitions.

Collapse -

Netbrowser service?

by beads In reply to Corrupted Profiles - and ...

Sounds more like a DC going bad and feeding bad information down to clients.

Could be the netbrowser service, etc. Though I was also going to suggest Ethereal as another starting point I'd still suggest that you check out the DC and make sure everything is still the way it should look like. Then restart the browser service and test machines out. But do it from the DOS/Command line instead of the GUI which seems to be less problematic when working with these issues.

- beads

Back to Malware Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums