It allows me to login but then gives me a blank desktop. When I use Task manager in an attempt to browse to my system drive I am unable to run explorer.exe. The infection has diabled system related executables on the server. I can not access the internet to run an online scan either.
So far I have tried the following:
- Cant get to a command prompt, control panel or any administrative function on the computer
- Removed the infected drives & installed another in order to install fresh copy of Windows 2000
- After the new Windows 2000 install I then applied sp4 and 79 Microsoft critical updates.
- I installed a trial version of Kaspersky Enterprise AV Software on the server
- I have unplugged the server from the network
The infection appears to have originated from a TAX program update.
At this point, I can login to the server with the new drive I created, and I can see the other drives. I am afraid I will lose my ability to perform administrative tasks over time (just like the original system drive did).
Just a note, almost all of the client computers on this network have been infected as well.
I need help disabling this virus, and getting my server back up and running.