- Oct 20, 2003
- 74
- 0
- 0
Yesterday one of our 2k3 server computers which is also DNS, DHCP, DC and File server just imploded on itself yesterday and disconnected from the network. Server was restarted and everything appeared normal except that it kept popping up with IIS 6.0 crashing errors related to w3wp.exe. I've checked the event logs as well and found a bunch of 'fault bucket' errors 1001. When I opened up the cmd shell, and tried to do a typical command, it gave the following:
'dir' is not recognized as an internal or external command
Samething happens with the most basic of dos functions, however here's the catch, ipconfig, ver, etc works. Even more bizzare is that the other server running DC, DNS, and Exchange is having the same cmd shell issue.
Scanning both servers now, found hidden32.exe and hideexec.A in the system vol information on the first server that originally crashed. Both servers also turned up Smitfraud.C from spyboy 1.4 and adaware is still unclear yet for both too.
Is there a path issue or something much more serious?
'dir' is not recognized as an internal or external command
Samething happens with the most basic of dos functions, however here's the catch, ipconfig, ver, etc works. Even more bizzare is that the other server running DC, DNS, and Exchange is having the same cmd shell issue.
Scanning both servers now, found hidden32.exe and hideexec.A in the system vol information on the first server that originally crashed. Both servers also turned up Smitfraud.C from spyboy 1.4 and adaware is still unclear yet for both too.
Is there a path issue or something much more serious?