Author: lizam1977, Posted: Tue Mar 23, 2010 8:26 am Post subject: Problem with AD ---- Hi,
I have 3 domain controllers and I have noticed suspicious activity in the Services console.
In 1st Server:
Service Name: dlwnimsy
Display Name: Boot Helper
Description: Coordinates transactions that are distributed across two or more databases, message queues, file systems, or other transaction protected resource managers.
Path to executable: C:\WINNT\system32\svchost.exe -k netsvcs
Startup Type: Automatic
Service status: starting.
In 2nd server:
Service Name: efgmvc
Display Name: Center System
Description: Allows Backup Exec job engine to discover to discover .....
Path to executable: C:\WINNT\system32\svchost.exe -k netsvcs
Startup Type: Automatic
Service status: starting.
In the above cases, these services did not exist before. I suspect it is new virus or something. For these AD servers, I cannot run AD consoles (Active Directory Users and COmputers, Active Directory Sites and Services, etc.) as I get this error:
Naming information cannot be located because:
The server is not operational. Contact your system administrator to verify that your domain is properly configured and is currently online.
However, when I use my Exchange server and use MMC, I can connect to the above servers, which means the AD services are running.
I tried to boot up the domain controller server in safe mode but when I try to disable the service, I get this error: Access Denied. How do I stop this service (set startup type to Disable)?