We have a piece of software running on the server which generates labels
for emailing. (Just a VB6 program which has been running fine up until now.
No updates have been made to this software).
When we run the software now though we receive a debugger message:
New instance of Visual Studio 2005. After cancelling out of that
we receive the following message: An unhandled win32 exception (9640).
Machine has also intermittently been running slow.
We have run an antivirus scan on the server which removed 126 items of spyware.
We have run hijack this and found the following. Points will be awarded to anyone offering
genuine fixes to any of the items below...
Logfile of HijackThis v1.99.1
Scan saved at 13:28:20, on 03/10/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Running processes:
C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\smss.e
xe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\servic
es.exe
C:\WINDOWS\system32\lsass.
exe
C:\WINDOWS\system32\svchos
t.exe
C:\WINDOWS\System32\svchos
t.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spools
v.exe
C:\WINDOWS\system32\dllhos
t.exe
C:\Program Files\Common Files\Acronis\Schedule2\sc
hedul2.exe
C:\PROGRA~1\APC\POWERC~1\a
gent\pbeag
ent.exe
C:\PROGRA~1\APC\POWERC~1\s
erver\PBES
ER~1.EXE
C:\WINDOWS\system32\cisvc.
exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\Dfssvc
.exe
C:\WINDOWS\System32\dns.ex
e
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\inetsr
v\inetinfo
.exe
C:\WINDOWS\System32\ismser
v.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
sqlservr.e
xe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\ntfrs.
exe
C:\WINDOWS\System32\svchos
t.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\
ReportingS
ervicesSer
vice.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\lserve
r.exe
C:\Program Files\RealVNC\VNC4\WinVNC4
.exe
C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
rk.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\cmd.ex
e
C:\Program Files\RAID Web Console 2\JRE\bin\javaw.exe
C:\WINDOWS\System32\svchos
t.exe
C:\WINDOWS\system32\dllhos
t.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
oServer\Tr
ueImageMon
itor.exe
C:\Program Files\Acronis\TrueImageEch
oServer\Ti
mounterMon
itor.exe
C:\Program Files\Common Files\Acronis\Schedule2\sc
hedhlp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTra
y.exe
C:\WINDOWS\system32\ctfmon
.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\cidaem
on.exe
C:\WINDOWS\system32\tsadmi
n.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\logon.
scr
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\rdpcli
p.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
oServer\Tr
ueImageMon
itor.exe
C:\Program Files\Acronis\TrueImageEch
oServer\Ti
mounterMon
itor.exe
C:\Program Files\Common Files\Acronis\Schedule2\sc
hedhlp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
.exe
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\mmc.ex
e
C:\WINDOWS\system32\NOTEPA
D.EXE
C:\utils\hijackthis\Hijack
This.exe
C:\WINDOWS\system32\NOTEPA
D.EXE
C:\WINDOWS\system32\winlog
on.exe
C:\WINDOWS\system32\userin
it.exe
C:\WINDOWS\system32\rdpcli
p.exe
C:\WINDOWS\system32\userin
it.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
oServer\Tr
ueImageMon
itor.exe
C:\Program Files\Acronis\TrueImageEch
oServer\Ti
mounterMon
itor.exe
C:\Program Files\Common Files\Acronis\Schedule2\sc
hedhlp.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
.exe
C:\utils\hijackthis\Hijack
This.exe
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Default_Page
_URL = res://shdoclc.dll/softAdmi
n.htm
R1 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Start Page = res://shdoclc.dll/softAdmi
n.htm
R0 - HKCU\Software\Microsoft\In
ternet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.
htm
R1 - HKCU\Software\Microsoft\In
ternet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=7202F2 - REG:system.ini: UserInit=C:\WINDOWS\system
32\userini
t.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
84B7D6BE0B
3} - C:\Program Files\Common Files\Adobe\Acrobat\Active
X\AcroIEHe
lper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
445EE16191
0} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
819E2EAAC9
3} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEch
oServer\Tr
ueImageMon
itor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEch
oServer\Ti
mounterMon
itor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\sc
hedhlp.exe
"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra
y.exe
O4 - HKLM\..\Run: [Seagull Drivers] ssdal_nc.exe startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IEAppend.h
tml
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IECapture.
html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IEAppend.h
tml
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IECaptureS
elLinks.ht
ml
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IEAppendSe
lLinks.htm
l
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IECapture.
html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IEAppend.h
tml
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
t.dll/Acro
IECapture.
html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
C9C571A826
3} - C:\PROGRA~1\MICROS~2\Offic
e12\REFIEB
AR.DLL
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\win
dows\syste
m32\mswsoc
k.dll' missing
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-1
38F869633F
3} (ASPRO Installer Class) -
http://acs.pandasoftware.com/activescanpro/as5/asproinst.cabO18 - Protocol: HPDCS - {BA135F49-A12C-4E26-A2C4-6
EA94599907
2} - C:\Program Files\Common Files\Hewlett-Packard\HP Device Communication Services\APP\hpdcsapp.dll
O18 - Protocol: hppfile - {C4E2084B-ED27-4893-A43D-4
88CA3F370E
2} - C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: hppsam - {C4E2084B-ED27-4893-A43D-4
88CA3F370E
2} - C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: hppzip - {C4E2084B-ED27-4893-A43D-4
88CA3F370E
2} - C:\Program Files\Hewlett-Packard\HP Easy Printer Care\HPPCtrls.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-0
0C04F8EC29
4} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-0
0B0D022E94
5} - C:\PROGRA~1\COMMON~1\MICRO
S~1\OFFICE
12\MSOXMLM
F.DLL
O20 - Winlogon Notify: dimsntfy - dimsntfy.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLog
on.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\sc
hedul2.exe
O23 - Service: Application Experience Lookup Service (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\alg.ex
e (file missing)
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\a
gent\pbeag
ent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\s
erver\PBES
ER~1.EXE
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Micro
soft.NET\F
ramework\v
2.0.50727\
aspnet_sta
te.exe (file missing)
O23 - Service: Windows Audio (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\cisvc.
exe (file missing)
O23 - Service: Cryptographic Services (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Distributed File System (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\Dfssvc
.exe (file missing)
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\dmadmi
n.exe (file missing)
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: DNS Server (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\dns.ex
e (file missing)
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\servic
es.exe (file missing)
O23 - Service: Fax - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\fxssvc
.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ
ice.exe
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
\1050\Inte
l 32\IDriverT.exe
O23 - Service: Intersite Messaging (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\ismser
v.exe (file missing)
O23 - Service: Kerberos Key Distribution Center (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\lsass.
exe (file missing)
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU
P~1\LUCOMS
~1.EXE
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: MRMonitor (MegaMonitorSrv) - Unknown owner - C:\Program Files\RAID Web Console 2\MegaMonitor\mrmonitor.ex
e
O23 - Service: Messenger - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: RWCFramework (MSMFramework) - Unknown owner - C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
rk.exe
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
sqlservr.e
xe" -sMSSQLSERVER (file missing)
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lsass.
exe (file missing)
O23 - Service: Network Connections (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: File Replication Service (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\ntfrs.
exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lsass.
exe (file missing)
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\servic
es.exe (file missing)
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lsass.
exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lsass.
exe (file missing)
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Remote Registry (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\locato
r.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Resultant Set of Policy Provider (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\RSoPPr
ov.exe (file missing)
O23 - Service: Special Administration Console Helper (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lsass.
exe (file missing)
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\SCardS
vr.exe (file missing)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\spools
v.exe (file missing)
O23 - Service: SQL Server Agent (MSSQLSERVER) (SQLSERVERAGENT) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
SQLAGENT90
.EXE" -i MSSQLSERVER (file missing)
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\smlogs
vc.exe (file missing)
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Terminal Server Licensing (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\lserve
r.exe (file missing)
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\vds.ex
e (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\vssvc.
exe (file missing)
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: World Wide Web Publishing Service (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Windows Management Instrumentation (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4
.exe" -service (file missing)
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\syste
m32\svchos
t.exe (file missing)
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
O23 - Service: Network Provisioning Service (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WIN
DOWS\Syste
m32\svchos
t.exe (file missing)
