Windows XP Pro client won't shut down

[Mike Webb]

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today, nor
did it on Friday. I went down to check it and she'e right. It just "sits"
there.
I've not put out any new Group Policies, and she's got so little knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

 

[Guest]

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today, nor
did it on Friday. I went down to check it and she'e right. It just "sits"
there.
I've not put out any new Group Policies, and she's got so little knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for error.

=Check for malwares/Viruses infection, since she isn't computer savey she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

Will do, thanks.

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for error.

=Check for malwares/Viruses infection, since she isn't computer savey she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Guest]

Good luck.
Please let us know your findings.
Best regards,
nass

Will do, thanks.

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for error.

=Check for malwares/Viruses infection, since she isn't computer savey she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

Running a scan now. Checked the Event Viewer logs - nothing remarkable,
except lots of virus's picked up by Symantec (she seems to get a few every
week by email, that my Exchange IMF and Symantec haven't succeeded in
blocking out.)

Good luck.
Please let us know your findings.
Best regards,
nass

Will do, thanks.

:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

Did a full scan with Symantec - no results. I just did a shut down and it
is sitting there with the desktop showing. I'll let it go awhile to see if
anything happens.

Good luck.
Please let us know your findings.
Best regards,
nass

Will do, thanks.

:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Guest]

Running a scan now. Checked the Event Viewer logs - nothing remarkable,
except lots of virus's picked up by Symantec (she seems to get a few every
week by email, that my Exchange IMF and Symantec haven't succeeded in
blocking out.)

Good luck.
Please let us know your findings.
Best regards,
nass

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

=Well Mike that depends on the Network settings/Design rather, you can
configure Her E-mail client to scan the Messages first, you mentioned that
there aren't any Group policy in place?.
I know it is costly but if it is a big Orgnization, why not putting the
E-mail server in DMZ (De-militrized Zone):
http://support.microsoft.com/kb/191146
http://www.dslreports.com/faq/4545

= What the Virus name is it W32.bugbear@MM or SWEN, if the Symantec didn't
remove it or Quranteen it then you should get the Removal tool from Symantec
website to get rid of the infection and entries by the Virus and clear the
folders and files on the TEMP files.
=It is recommended to turn the Network OFF and Desinfect the machines first
and the Server then apply the patches and the security ploicy.
HTH.
Please report back.
Regs,
nass

 

[Mike Webb]

Thanks for the ideas. I'll follow them and report back.

Running a scan now. Checked the Event Viewer logs - nothing remarkable,
except lots of virus's picked up by Symantec (she seems to get a few
every
week by email, that my Exchange IMF and Symantec haven't succeeded in
blocking out.)

Good luck.
Please let us know your findings.
Best regards,
nass

:

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It
just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it
is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer
savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan
all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

=Well Mike that depends on the Network settings/Design rather, you can
configure Her E-mail client to scan the Messages first, you mentioned that
there aren't any Group policy in place?.
I know it is costly but if it is a big Orgnization, why not putting the
E-mail server in DMZ (De-militrized Zone):
http://support.microsoft.com/kb/191146
http://www.dslreports.com/faq/4545

= What the Virus name is it W32.bugbear@MM or SWEN, if the Symantec didn't
remove it or Quranteen it then you should get the Removal tool from
Symantec
website to get rid of the infection and entries by the Virus and clear the
folders and files on the TEMP files.
=It is recommended to turn the Network OFF and Desinfect the machines
first
and the Server then apply the patches and the security ploicy.
HTH.
Please report back.
Regs,
nass

 

[Jim]

Get David Lippman's Multi_AV tool. Your computer has malware of some kind.

In addition, you should be running Adaware and Spybot.

Jim

Did a full scan with Symantec - no results. I just did a shut down and it
is sitting there with the desktop showing. I'll let it go awhile to see
if anything happens.

Good luck.
Please let us know your findings.
Best regards,
nass

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

I'll do that, thanks.

Get David Lippman's Multi_AV tool. Your computer has malware of some
kind.

In addition, you should be running Adaware and Spybot.

Jim

Did a full scan with Symantec - no results. I just did a shut down and
it is sitting there with the desktop showing. I'll let it go awhile to
see if anything happens.

Good luck.
Please let us know your findings.
Best regards,
nass

:

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it
is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

Got it and ran McAfee just now. Caught a few suspicious files. Will run
the others tomorrow. Also downloaded and installed Microsoft's Windows
Defender. Rand a Quick Scan and it came up clean. Have it set to do a Full
Scan daily at 8 AM CST. Will post results tomorrow.

Mike

Get David Lippman's Multi_AV tool. Your computer has malware of some
kind.

In addition, you should be running Adaware and Spybot.

Jim

Did a full scan with Symantec - no results. I just did a shut down and
it is sitting there with the desktop showing. I'll let it go awhile to
see if anything happens.

Good luck.
Please let us know your findings.
Best regards,
nass

:

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it
is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Guest]

It will be helpful if you mentioned the Virus type to tell if you need
further help and more guidence Mike.
Regards,
nass

Got it and ran McAfee just now. Caught a few suspicious files. Will run
the others tomorrow. Also downloaded and installed Microsoft's Windows
Defender. Rand a Quick Scan and it came up clean. Have it set to do a Full
Scan daily at 8 AM CST. Will post results tomorrow.

Mike

Get David Lippman's Multi_AV tool. Your computer has malware of some
kind.

In addition, you should be running Adaware and Spybot.

Jim

Did a full scan with Symantec - no results. I just did a shut down and
it is sitting there with the desktop showing. I'll let it go awhile to
see if anything happens.


Good luck.
Please let us know your findings.
Best regards,
nass

:

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if it
is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass

 

[Mike Webb]

Sorry about that. I'll dig into it this afternoon when the Office Manager
leaves so I am free to work on her computer.

It will be helpful if you mentioned the Virus type to tell if you need
further help and more guidence Mike.
Regards,
nass

Got it and ran McAfee just now. Caught a few suspicious files. Will run
the others tomorrow. Also downloaded and installed Microsoft's Windows
Defender. Rand a Quick Scan and it came up clean. Have it set to do a
Full
Scan daily at 8 AM CST. Will post results tomorrow.

Mike

Get David Lippman's Multi_AV tool. Your computer has malware of some
kind.

In addition, you should be running Adaware and Spybot.

Jim
Did a full scan with Symantec - no results. I just did a shut down
and
it is sitting there with the desktop showing. I'll let it go awhile
to
see if anything happens.


Good luck.
Please let us know your findings.
Best regards,
nass

:

Will do, thanks.



:

Running in a SBS 2003 Premium LAN.
============================
Our Office Manager told me that her computer wouldn't shut down
today,
nor
did it on Friday. I went down to check it and she'e right. It
just
"sits"
there.
I've not put out any new Group Policies, and she's got so little
knowledge
of computers I seriously doubt she did anything.

I've never run across this before. What can I/should I check?

--
Mike Webb
Platte River Whooping Crane Maintenance Trust, Inc.
a 501 (c)(3) conservation non-profit organization

First thing is to check for Error in the Event Viewer and see if
it
is
Hardware or Software issue, by doing this:
Open a Run Command and type: eventvwr click [OK] and look for
error.

=Check for malwares/Viruses infection, since she isn't computer
savey
she
can get into this by false or infected e-mails.
If she is on a local network, I will take a serious step and scan
all
machines and the server for infection.
But start with her machine first.
HTH.
Regs,
nass