Unhandled win32 exception 9640
We have a piece of software running on the server which generates labels
for emailing. (Just a VB6 program which has been running fine up until now.
No updates have been made to this software).
When we run the software now though we receive a debugger message:
New instance of Visual Studio 2005. After cancelling out of that
we receive the following message: An unhandled win32 exception (9640).
Machine has also intermittently been running slow.
We have run an antivirus scan on the server which removed 126 items of spyware.
We have run hijack this and found the following. Points will be awarded to anyone offering
genuine fixes to any of the items below...
Logfile of HijackThis v1.99.1
Scan saved at 13:28:20, on 03/10/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Running processes:
C:\Documents and Settings\Administrator\WIN
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spools
C:\WINDOWS\system32\dllhos
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\PROGRA~1\APC\POWERC~1\a
C:\PROGRA~1\APC\POWERC~1\s
C:\WINDOWS\system32\cisvc.
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\Dfssvc
C:\WINDOWS\System32\dns.ex
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\inetsr
C:\WINDOWS\System32\ismser
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\ntfrs.
C:\WINDOWS\System32\svchos
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\lserve
C:\Program Files\RealVNC\VNC4\WinVNC4
C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\cmd.ex
C:\Program Files\RAID Web Console 2\JRE\bin\javaw.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\dllhos
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTra
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\tsadmi
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\logon.
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\rdpcli
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\mmc.ex
C:\WINDOWS\system32\NOTEPA
C:\utils\hijackthis\Hijack
C:\WINDOWS\system32\NOTEPA
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\userin
C:\WINDOWS\system32\rdpcli
C:\WINDOWS\system32\userin
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
C:\utils\hijackthis\Hijack
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
F2 - REG:system.ini: UserInit=C:\WINDOWS\system
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEch
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEch
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\sc
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra
O4 - HKLM\..\Run: [Seagull Drivers] ssdal_nc.exe startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\win
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-1
O18 - Protocol: HPDCS - {BA135F49-A12C-4E26-A2C4-6
O18 - Protocol: hppfile - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: hppsam - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: hppzip - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-0
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-0
O20 - Winlogon Notify: dimsntfy - dimsntfy.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLog
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\sc
O23 - Service: Application Experience Lookup Service (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\a
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\s
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Audio (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Cryptographic Services (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Distributed File System (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DNS Server (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Fax - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: Intersite Messaging (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Kerberos Key Distribution Center (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: MRMonitor (MegaMonitorSrv) - Unknown owner - C:\Program Files\RAID Web Console 2\MegaMonitor\mrmonitor.ex
O23 - Service: Messenger - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: RWCFramework (MSMFramework) - Unknown owner - C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Connections (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: File Replication Service (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Registry (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Resultant Set of Policy Provider (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Special Administration Console Helper (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: SQL Server Agent (MSSQLSERVER) (SQLSERVERAGENT) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Terminal Server Licensing (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: World Wide Web Publishing Service (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Management Instrumentation (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Provisioning Service (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WIN
for emailing. (Just a VB6 program which has been running fine up until now.
No updates have been made to this software).
When we run the software now though we receive a debugger message:
New instance of Visual Studio 2005. After cancelling out of that
we receive the following message: An unhandled win32 exception (9640).
Machine has also intermittently been running slow.
We have run an antivirus scan on the server which removed 126 items of spyware.
We have run hijack this and found the following. Points will be awarded to anyone offering
genuine fixes to any of the items below...
Logfile of HijackThis v1.99.1
Scan saved at 13:28:20, on 03/10/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Running processes:
C:\Documents and Settings\Administrator\WIN
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spools
C:\WINDOWS\system32\dllhos
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\PROGRA~1\APC\POWERC~1\a
C:\PROGRA~1\APC\POWERC~1\s
C:\WINDOWS\system32\cisvc.
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\Dfssvc
C:\WINDOWS\System32\dns.ex
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\inetsr
C:\WINDOWS\System32\ismser
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\ntfrs.
C:\WINDOWS\System32\svchos
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\lserve
C:\Program Files\RealVNC\VNC4\WinVNC4
C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\cmd.ex
C:\Program Files\RAID Web Console 2\JRE\bin\javaw.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\dllhos
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTra
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\cidaem
C:\WINDOWS\system32\tsadmi
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\logon.
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\rdpcli
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\mmc.ex
C:\WINDOWS\system32\NOTEPA
C:\utils\hijackthis\Hijack
C:\WINDOWS\system32\NOTEPA
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\userin
C:\WINDOWS\system32\rdpcli
C:\WINDOWS\system32\userin
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Acronis\TrueImageEch
C:\Program Files\Common Files\Acronis\Schedule2\sc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon
C:\utils\hijackthis\Hijack
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
F2 - REG:system.ini: UserInit=C:\WINDOWS\system
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageEch
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageEch
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\sc
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra
O4 - HKLM\..\Run: [Seagull Drivers] ssdal_nc.exe startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClien
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\win
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-1
O18 - Protocol: HPDCS - {BA135F49-A12C-4E26-A2C4-6
O18 - Protocol: hppfile - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: hppsam - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: hppzip - {C4E2084B-ED27-4893-A43D-4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-0
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-0
O20 - Winlogon Notify: dimsntfy - dimsntfy.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLog
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\sc
O23 - Service: Application Experience Lookup Service (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\a
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\s
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Audio (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Cryptographic Services (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Distributed File System (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DNS Server (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Fax - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingServ
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver
O23 - Service: Intersite Messaging (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Kerberos Key Distribution Center (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEU
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: MRMonitor (MegaMonitorSrv) - Unknown owner - C:\Program Files\RAID Web Console 2\MegaMonitor\mrmonitor.ex
O23 - Service: Messenger - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: RWCFramework (MSMFramework) - Unknown owner - C:\Program Files\RAID Web Console 2\Framework\VivaldiFramewo
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Connections (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: File Replication Service (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Registry (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Resultant Set of Policy Provider (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Special Administration Console Helper (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: SQL Server Agent (MSSQLSERVER) (SQLSERVERAGENT) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Terminal Server Licensing (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: World Wide Web Publishing Service (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Management Instrumentation (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WIN
O23 - Service: Network Provisioning Service (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WIN
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hello swaller - thanks for your post.
May I ask - Does a repair install exist for a server - I've only previously done that in one form or another with workstations. Is the process of a repair install similar to that of XP - ie during installation the setup detects an existing OS (the server), beyond recovery console and gives a repair option?
May I ask - Does a repair install exist for a server - I've only previously done that in one form or another with workstations. Is the process of a repair install similar to that of XP - ie during installation the setup detects an existing OS (the server), beyond recovery console and gives a repair option?
ASKER
Early days yet but we've updated various drivers.
The problem happened intermittently- but hasn't happened for a couple of days now. I have asked people to let me know if it happens again - not sure if it's solved - certainly there are deeper problems anyway - which may or may not be affecting people.
I have passed all the above info onto my boss.
I'd prefer to keep this call open to ensure there are no further problems - the intermittent ones are the worst ones to track down.
The problem happened intermittently- but hasn't happened for a couple of days now. I have asked people to let me know if it happens again - not sure if it's solved - certainly there are deeper problems anyway - which may or may not be affecting people.
I have passed all the above info onto my boss.
I'd prefer to keep this call open to ensure there are no further problems - the intermittent ones are the worst ones to track down.
ASKER
(Still ok so far)
ASKER
Thanks for your help. The problem has not re-occurred since I upgraded a selection of drivers. Interestingly there are no other surface problems on the server. I'll carry out the suggestions if further problems occur relating to missing links, etc.
good to know ;)
ASKER
Btw - anyone reading this - be sure to have the correct CD for running sfc. For example in Windows XP upgraded to SP2 online - if you need to use sfc and it asks for a cd - using your original none-sp2 cd can really mess up your system. I was fortunate to get a system warning when doing something similar - but some people didn't.