Google Answers Logo
View Question
Q: Solving and understanding an error message - using 2000, ( Answered,   0 Comments )
Subject: Solving and understanding an error message - using 2000,
Category: Computers > Operating Systems
Asked by: barot-ga
List Price: $20.00
Posted: 08 May 2003 04:58 PDT
Expires: 07 Jun 2003 04:58 PDT
Question ID: 201080
What and how can I solve the error message 'window not found' ?
I am using windows 2000.  This causes when on the internet, the screen
to freeze and goes back to desktop requiring me to reboot.  It occurs
on random occasions.

Request for Question Clarification by sldreamer-ga on 08 May 2003 06:21 PDT
Please search your computer for a file named taskmngr.exe.  If this
file exists, then your computer has been infected with a trojan.  Do
you have Norton AntiVirus or any other anti-virus software?

Request for Question Clarification by sldreamer-ga on 08 May 2003 06:28 PDT
I have one more question for you.  When you see the "Window Not Found"
error, do you also see "HideWindow - Error"?

Clarification of Question by barot-ga on 08 May 2003 07:31 PDT
I have a the file 'taskmngr.exe'
I use Norton anti virus
I do not see hidewindow-error
Subject: Re: Solving and understanding an error message - using 2000,
Answered By: sldreamer-ga on 08 May 2003 11:43 PDT
Hi barot,

The "Window Not Found" error is most likely being caused by a trojan. 
This has been mentioned in several discussions on the Internet: taskmngr.exe discussion

Google Groups search: "window not found" (trojan OR virus)

The following article on Symantec's web site provides instructions on
how to remove the trojan using Norton AntiVirus:

Symantec Security Response - Trojan.IrcBounce

According to the article, you must do the following:

"1. Update the virus definitions.
2. Run a full system scan, and delete all files that are detected as

There are two ways to update the virus definitions:

"Run LiveUpdate, which is the easiest way to obtain virus definitions.
These virus definitions are posted to the LiveUpdate servers one time
each week (usually Wednesdays) unless there is a major virus

"Download the definitions using the Intelligent Updater. Intelligent
Updater virus definitions are posted on U.S. business days (Monday
through Friday). They must be downloaded from the Symantec Security
Response Web site and installed manually."

I recommend that you run LiveUpdate, since that is the easier of the
two methods.  However, if you want to use the Intelligent Updater,
then you will need to go to the following page:

Symantec Security Response - Virus Definitions Download Page

Here are the instructions on how to use the Intelligent Updater:

Here is how to scan and delete files:

"1. Start your Symantec antivirus program, and make sure that it is
configured to scan all files.
- Norton AntiVirus consumer products: Read the document How to
configure Norton AntiVirus to scan all files [ ].
- Symantec enterprise antivirus products: Read the document How to
verify a Symantec Corporate antivirus product is set to scan All Files
2. Run a full system scan.
3. If any files are detected as infected with Trojan.IrcBounce, click

The article also states that you may want to remove a value from the

"As noted in the Technical Description, the Trojan uses Taskmngr.exe,
which is actually a renamed copy of the legitimate program Mirc32.exe.
Because it is a legitimate program, it is not detected by Symantec
antivirus products. The Trojan may add a reference to this file to a
registry key so that mIRC starts each time that you start Windows.
This is not harmful, but can be annoying. Follow these steps to remove
the reference from the registry:

CAUTION: Symantec strongly recommends that you back up the registry
before you make any changes to it. Incorrect changes to the registry
can result in permanent data loss or corrupted files. Modify only the
keys that are specified. Read the document How to make a backup of the
Windows registry [
] for instructions.

1. Click Start, and click Run. The Run dialog box appears.
2. Type regedit and then click OK. The Registry Editor opens.
3. Navigate to the key


4. In the right pane, look for a value or value data that refers to


5. Delete the reference if you find it.
6. Exit the Registry Editor."

In addition to removing the trojan, there may also be some damage that
needs to be repaired.  The following Microsoft knowledge base article
states that the trojan can modify the security policy on computers
that act as domain controllers:

MIRC Trojan-Related Attack Detection and Repair;en-us;Q328691

"If the compromised computer is a domain controller, the security
policy is modified. Some of the possible effects of a modified
security policy are:
- Guest accounts that were previously disabled are re-enabled.
- New unauthorized accounts, possibly with administrative privileges,
are created.
- Security permissions are changed on servers or in Active Directory.
- Users cannot log on to the domain from the workstations.
- Users cannot open Active Directory snap-ins in Microsoft Management
Console (MMC).
- Error logs display multiple, failed logon attempts from legitimate
users who were locked out."

The article also states that you should engage in the following
practices to avoid being infected by the trojan again in the future:

"- Eliminating blank or weak administrator passwords.
- Disabling the guest account.
- Running current antivirus software with up-to-date virus signature
- Using firewalls to protect internal servers, including domain
- Staying up to date on all security patches."

If your computer acts as a domain controller and its security policy
was modified, you should restore the default security policy and make
changes from there.  The following article has instructions on how to
restore the default security policy (see step 5 under the 'How to
remove the Trojan' section):

mIRC (port 445) Trojan Analysis

If you still encounter the "Window Not Found" error after removing the
trojan, please request a clarification and I will investigate the
problem further.


Search strategy:

"window not found" "windows 2000"

"window not found" (trojan OR virus)

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy