|
|
|
date: Mon, 7 Jan 2008 10:47:40 -0000,
group: microsoft.public.sqlserver.fulltext
back
RE: Server running slow and MSSearch problems
"Paul King" wrote:
> Dear all,
>
> I have a 2003.net stanmdard server with SQL2000 and Exchange 2003. I have
> since contracted a nasty virus even though I had Trend AV installed.
>
> Anyways, I think I have got rid of the viruses but also did a registry
> cleanup using one of the tools on the web, this however has slowed the
> machine up.
>
> The processor is running fine (no high utilitisation) but the hard disk is
> going like the clappers. The only correlation I can make is that the one of
> the services failed to start which is Microsoft Search.
>
> When launched the error could not find the file specified is recorded, yet
> the MSSearch.exe is located in the correct directory.
>
> Any help would be appreciated.
> Regards
> Paul.
>
>
Not my area of expertise, but it is likely you are still infected with
something.
Try posting to one of the security groups, and include the following info:
1) Which virus you suspected you had, and why (if Trend did not spot it).
2) What you did to eradicate it.
3) Which registry cleanup tool and from where you downloaded it - plain
text, not URL link.
--
Regards,
Newell White
date: Mon, 7 Jan 2008 07:00:02 -0800
author: Newell White
Re: Server running slow and MSSearch problems
Hi Newell,
Thanks for the update. I will post to the security group, but seriously
thinking of converting over to Mac OS X Server!!
1) Viruses found were:
TROJ_DLOADER.TDX, TROJ_RENOS.LZ. TROJ_VUNDO.AAH, PE_VIRUT.AV,
TROJ_SMALL.ISY, PE_VIRUT.AV
2) Ran a complete scan using the Trend Micro OfficeScan product, as well as
use Vundofix.
3) Used a product called "WinUtilities" from YLSoftware as it stated that
this could be run on a Windows 2003 machine.
Still having problems starting the MSSearch service - even after
reinstalling MS SQL2000.....
Any suggestions please.....
Cheers
Paul.
"Newell White" wrote in message
news:84B27A01-9B88-409C-AC60-A3902DD85C3D@microsoft.com...
>
> "Paul King" wrote:
>
>> Dear all,
>>
>> I have a 2003.net stanmdard server with SQL2000 and Exchange 2003. I
>> have
>> since contracted a nasty virus even though I had Trend AV installed.
>>
>> Anyways, I think I have got rid of the viruses but also did a registry
>> cleanup using one of the tools on the web, this however has slowed the
>> machine up.
>>
>> The processor is running fine (no high utilitisation) but the hard disk
>> is
>> going like the clappers. The only correlation I can make is that the one
>> of
>> the services failed to start which is Microsoft Search.
>>
>> When launched the error could not find the file specified is recorded,
>> yet
>> the MSSearch.exe is located in the correct directory.
>>
>> Any help would be appreciated.
>> Regards
>> Paul.
>>
>>
> Not my area of expertise, but it is likely you are still infected with
> something.
>
> Try posting to one of the security groups, and include the following info:
> 1) Which virus you suspected you had, and why (if Trend did not spot it).
> 2) What you did to eradicate it.
> 3) Which registry cleanup tool and from where you downloaded it - plain
> text, not URL link.
> --
> Regards,
> Newell White
>
date: Wed, 9 Jan 2008 22:33:26 -0000
author: Paul King
Re: Server running slow and MSSearch problems
"Paul King" wrote in message
news:%23wudp%23wUIHA.5524@TK2MSFTNGP05.phx.gbl...
> Hi Newell,
>
> Thanks for the update. I will post to the security group, but seriously
> thinking of converting over to Mac OS X Server!!
>
> 1) Viruses found were:
>
> TROJ_DLOADER.TDX, TROJ_RENOS.LZ. TROJ_VUNDO.AAH, PE_VIRUT.AV,
> TROJ_SMALL.ISY, PE_VIRUT.AV
>
> 2) Ran a complete scan using the Trend Micro OfficeScan product, as well
> as use Vundofix.
> 3) Used a product called "WinUtilities" from YLSoftware as it stated that
> this could be run on a Windows 2003 machine.
>
> Still having problems starting the MSSearch service - even after
> reinstalling MS SQL2000.....
>
> Any suggestions please.....
>
> Cheers
> Paul.
>
> "Newell White" wrote in message
> news:84B27A01-9B88-409C-AC60-A3902DD85C3D@microsoft.com...
>>
>> "Paul King" wrote:
>>
>>> Dear all,
>>>
>>> I have a 2003.net stanmdard server with SQL2000 and Exchange 2003. I
>>> have
>>> since contracted a nasty virus even though I had Trend AV installed.
>>>
>>> Anyways, I think I have got rid of the viruses but also did a registry
>>> cleanup using one of the tools on the web, this however has slowed the
>>> machine up.
>>>
>>> The processor is running fine (no high utilitisation) but the hard disk
>>> is
>>> going like the clappers. The only correlation I can make is that the
>>> one of
>>> the services failed to start which is Microsoft Search.
>>>
>>> When launched the error could not find the file specified is recorded,
>>> yet
>>> the MSSearch.exe is located in the correct directory.
>>>
>>> Any help would be appreciated.
>>> Regards
>>> Paul.
>>>
>>>
>> Not my area of expertise, but it is likely you are still infected with
>> something.
>>
>> Try posting to one of the security groups, and include the following
>> info:
>> 1) Which virus you suspected you had, and why (if Trend did not spot it).
>> 2) What you did to eradicate it.
>> 3) Which registry cleanup tool and from where you downloaded it - plain
>> text, not URL link.
>> --
>> Regards,
>> Newell White
>>
>
>
date: Wed, 9 Jan 2008 22:53:01 -0000
author: Paul King
Re: Server running slow and MSSearch problems
From: "Paul King"
| David,
|
| I appreciate your help on this mater and we have taken adequate steps to
| address the person involved... However rebuilding this server is a last
| resort process and would like to find another way to resolve this.
|
| For the fact we had what we considered a high-end antivirus solution (Trend
| SMB Product) this did not deal with this effectivley and has waivered my
| faith in Microsoft Operating systems.
|
| Needless to say that at the moment, the Mac OSX Server looks better on
| paper!
|
I am glad that you identified the miscreant admin and took appropriate actions.
Again, this server needs to be removed from the LAN ASAP !
A server is very difficult to work with especuially if dealing with RAID arrays.
A suggested path would usually be remove the hard disk(s) and put them in a surrogate PC and
the use anti virus scanners (such as my Multi AV Scanning Tool) and scan the affected hard
disk(s).
However, this is good for plain drives, not arrays.
Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/downloads/dl/35905.asp
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.
You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
date: Wed, 9 Jan 2008 18:37:50 -0500
author: David H. Lipman DLipman~nospam~@Verizon.Net
Re: Server running slow and MSSearch problems
David,
Many thanks for your sound advice. Im going to try that method as this
Server is only using Raid1 using SATA drives.
What does Multi AV do differently?
Regards
Paul.
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eh%23nmixUIHA.1184@TK2MSFTNGP04.phx.gbl...
> From: "Paul King"
>
> | David,
> |
> | I appreciate your help on this mater and we have taken adequate steps to
> | address the person involved... However rebuilding this server is a last
> | resort process and would like to find another way to resolve this.
> |
> | For the fact we had what we considered a high-end antivirus solution
> (Trend
> | SMB Product) this did not deal with this effectivley and has waivered my
> | faith in Microsoft Operating systems.
> |
> | Needless to say that at the moment, the Mac OSX Server looks better on
> | paper!
> |
>
> I am glad that you identified the miscreant admin and took appropriate
> actions.
>
> Again, this server needs to be removed from the LAN ASAP !
>
> A server is very difficult to work with especuially if dealing with RAID
> arrays.
>
> A suggested path would usually be remove the hard disk(s) and put them in
> a surrogate PC and
> the use anti virus scanners (such as my Multi AV Scanning Tool) and scan
> the affected hard
> disk(s).
>
> However, this is good for plain drives, not arrays.
>
>
> Download MULTI_AV.EXE from the URL --
> http://www.pctipp.ch/downloads/dl/35905.asp
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to
> go through your
> FireWall to allow it to download the needed AV vendor related files.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in
> Normal Mode.
> This way all the components can be downloaded from each AV vendor's web
> site.
> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
> Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files
> or you can
> download the files and perform a scan in Normal Mode. Once you have
> downloaded the files
> needed for each scanner you want to use, you should reboot the PC into
> Safe Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want
> to run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal
> Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help
> file.
>
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
>
> * * * Please report back your results * * *
>
>
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>
date: Thu, 10 Jan 2008 01:04:28 -0000
author: Paul King
|
|
