(maybe not so) strange problems - Win2000 Server

[ML]

Hi all,

I noticed strange erroronous behavious of one of our domain controllers:
Windows 2000 Server PL SP4, Exchange 2000 Server.
Since yesterday I noticed:
1. A user cannot logout from Terminal Services session, after the
explorer.exe terminates
the session "freezes" and can only be killed from TS Manager from level of
another session.
2. IE does not open any page, however network connectivity is correct, by IP
or name.
3. I cannot open "Network and Dial-up connections" window. It just does not
show up.
4. ntbackup.exe cannot contact Removable Storage service. I am unable to
restart
the service (buttons are greyed out), although it seems to be running.
5. The server hung twice, in one week interval, 1-2 minutes before midnight
on saturdays.
Only hard reboot helped.
What is worse, I can not see any strange error messages in any server log,
despite unclean
shutdown. I cannot see any suspicious processes in Task Manager, nothing
"new" is
added to HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run.

Is it a troyan horse or a kind of rootkit?

I cannot reboot the machine now or reinstall SP - users are working.

Any hot advice?

Regards, thank you in advance
Michal Leder

 

[Kevin McNiel [MSFT]]

One thing to check is the Startup type for the Logical Disk Manager
Administrative service. Make sure it is set to Manual and not Automatic. See
Knowledge Base article 307309 The Logical Disk Manager Administrative
Service Hangs While It Is (http://support.microsoft.com/?id=307309) for
additional details.

Kevin McNiel, MCSE/MCSA
Platform Server Setup Group

This posting is provided "AS IS" with no warranties, and confers no rights.
Please reply to the Group only, This address cannot receive incoming
messages.