Endpoint Protection

Hi
I am facing a strange problem as in one of our machine when I click shutdown button nothing happens .restart also doesn’t work. Is any one facing this type of problem. I did formatted the pc one month ago for this problem after that it was running well but now the same problem happening . also the floppy drive led glows constantly and making some noise like it is trying read a floppy while there is no floppy inside the FDD.

Process explorer shows nothing. Checked startup objects also .

Please help me as I don’t wnt to format the pc again.

Hi, it could be that your rundll32.exe is courrepted, can you do sfc /scannow?

or

replace it from the winxp cd?

Hi,

in the affected machine you can try to run process monitor to check if there are some "access denied" events for example due to a registry key tampered by a virus.

Regards,

try shuting down from safe mode.

You can try to shutdown using command prompt.

On local machine

Start-.run ->shutdown /s

From a remote machine:

start->run->shutdown /s /m \\machinename

Let us know if this works.

Cheers,
Aniket

What are the events in the event viewer ? Any system errors or warnings?
Also you can try runnig Rootkit revealer from Sysinternals and see if there is any kind of rootkit blocking it.
There can be other reason for this as well its not always virus.. Try emoving the FDD and see if your computer is working fine...

Even in SEP there is check for Floppy Disk ( Check floppies when computer shuts down---it is in File System Auto-Protect Advanced -Floppies )...Disable that feature and check it again.