Possible Virus and how to locate.

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I am suspicious my win 2k server has a virus, but two
different virus checkers are not locating it. My only
sources of evidence are a recent crashing of services and
456 bytes of memory missing (from my 768k) I completely
swapped out the memory for fresh memory and the 456 bytes
are still missing.

Any suggestions on how to proceed?

 

[Dave]

Archived from groups: microsoft.public.win2000.security (More info?)

how do you know you are missing 456 bytes?? and what has 768k??? those are
both tiny pieces of memory these days.

"Don Glover" <corwyn@kolvir.com> wrote in message
news:1fce01c47ca5$e9d05850$a401280a@phx.gbl...
> I am suspicious my win 2k server has a virus, but two
> different virus checkers are not locating it. My only
> sources of evidence are a recent crashing of services and
> 456 bytes of memory missing (from my 768k) I completely
> swapped out the memory for fresh memory and the 456 bytes
> are still missing.
>
> Any suggestions on how to proceed?

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I mistyped.

that should be 456 K Bytes and 768 Meg.

I know because at POST I get a count up to 786432KB

when I use tools (including properties on My Computer) I
am reports as having 785976 KB.

>-----Original Message-----
>how do you know you are missing 456 bytes?? and what has
768k??? those are
>both tiny pieces of memory these days.
>
>"Don Glover" <corwyn@kolvir.com> wrote in message
>news:1fce01c47ca5$e9d05850$a401280a@phx.gbl...
>> I am suspicious my win 2k server has a virus, but two
>> different virus checkers are not locating it. My only
>> sources of evidence are a recent crashing of services
and
>> 456 bytes of memory missing (from my 768k) I completely
>> swapped out the memory for fresh memory and the 456
bytes
>> are still missing.
>>
>> Any suggestions on how to proceed?
>
>
>.
>

 

[Dave]

Archived from groups: microsoft.public.win2000.security (More info?)

has this changed recently? it is common to see different totals because of
how the memory is counted. it may also be that some memory is allocated by
bios to shared video, dma, bios shaddowing, etc that windows doesn't count.

<anonymous@discussions.microsoft.com> wrote in message
news:214f01c47cc4$4e44c320$a601280a@phx.gbl...
> I mistyped.
>
> that should be 456 K Bytes and 768 Meg.
>
> I know because at POST I get a count up to 786432KB
>
> when I use tools (including properties on My Computer) I
> am reports as having 785976 KB.
>
> >-----Original Message-----
> >how do you know you are missing 456 bytes?? and what has
> 768k??? those are
> >both tiny pieces of memory these days.
> >
> >"Don Glover" <corwyn@kolvir.com> wrote in message
> >news:1fce01c47ca5$e9d05850$a401280a@phx.gbl...
> >> I am suspicious my win 2k server has a virus, but two
> >> different virus checkers are not locating it. My only
> >> sources of evidence are a recent crashing of services
> and
> >> 456 bytes of memory missing (from my 768k) I completely
> >> swapped out the memory for fresh memory and the 456
> bytes
> >> are still missing.
> >>
> >> Any suggestions on how to proceed?
> >
> >
> >.
> >

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Yes, I beleive it has changed recently.
>-----Original Message-----
>has this changed recently? it is common to see different
totals because of
>how the memory is counted. it may also be that some
memory is allocated by
>bios to shared video, dma, bios shaddowing, etc that
windows doesn't count.
>
><anonymous@discussions.microsoft.com> wrote in message
>news:214f01c47cc4$4e44c320$a601280a@phx.gbl...
>> I mistyped.
>>
>> that should be 456 K Bytes and 768 Meg.
>>
>> I know because at POST I get a count up to 786432KB
>>
>> when I use tools (including properties on My Computer) I
>> am reports as having 785976 KB.
>>
>> >-----Original Message-----
>> >how do you know you are missing 456 bytes?? and what
has
>> 768k??? those are
>> >both tiny pieces of memory these days.
>> >
>> >"Don Glover" <corwyn@kolvir.com> wrote in message
>> >news:1fce01c47ca5$e9d05850$a401280a@phx.gbl...
>> >> I am suspicious my win 2k server has a virus, but two
>> >> different virus checkers are not locating it. My only
>> >> sources of evidence are a recent crashing of services
>> and
>> >> 456 bytes of memory missing (from my 768k) I
completely
>> >> swapped out the memory for fresh memory and the 456
>> bytes
>> >> are still missing.
>> >>
>> >> Any suggestions on how to proceed?
>> >
>> >
>> >.
>> >
>
>
>.
>

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Look in Event Viewer for any clues as to why you are having problems with
services.

Also use some tools to see if you can find any unknown processes or startup
programs. SysInternals has some tools that can do that such as TCPView, Process
Explorer, and Autoruns. If you are unsure of a process, try to compare to a like
configured known clean computer and beware of processes that do not have a
publisher name associated with them and search Google for processes/files you
want more information on. Make sure to scan with the latest virus definitions
from the publishers website and there are also free online scans. If web
browsing was done on that server, it should be scanned for parasites with
something like AdAware. --- Steve

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
-- online virus scan


"Don Glover" <corwyn@kolvir.com> wrote in message
news:1fce01c47ca5$e9d05850$a401280a@phx.gbl...
> I am suspicious my win 2k server has a virus, but two
> different virus checkers are not locating it. My only
> sources of evidence are a recent crashing of services and
> 456 bytes of memory missing (from my 768k) I completely
> swapped out the memory for fresh memory and the 456 bytes
> are still missing.
>
> Any suggestions on how to proceed?