We are a consultant / integration company working in the material handling distribution industry. And we're experiencing an unusal problem at one of our client site locations on 1 server (Compaq ML370, W2k Server SPk 4), 1 area controller industrial pc (Advantech 610, W2k Pro, SPK 3), and 2 work station pc's (Advantech Shoe box pc's, W2k Pro, SPK 3) that all talk to each other via DCOM to display updates to our graphic that is running running on the area controller pc.
What is happening is that:
- something on the area controller pc keeps disabling Dcom. Always after a reboot, and usually at some other inconsistent frequency.
- When this happens, our graphic will crash when trying to connect to an OPCServer on that machine. The last log message says "TA_OPCServer connected, no status" It seems to be the "no status" part that causes the crash.
- A file named 26h1w9k.exe then appears on the root C directory, and is launched after a reboot and gives a "NDVDM CPU instruction error, 16 bit app"
- After a reboot, IE is launched and tries to go to a web site for. I do not have the URL right now, but we did clense the pc's for adware programs and the issue remains.
- Sometimes re-enabling Dcom will get the graphic to work again. Sometimes after re-enabling after a re-boot, sometimes not at all (like this morning)
- After the PC's were declared clean by IT, these symptons reappeared the instant Dcom was re-enabled.
- The PC's run somewhat sluggishly. The "System" process is using up 20-40% of the CPU. Not all the time.
- A virus scan of the C drive shows no virus found on one of the pc's this morning.
I don't believe this is virus, because it is only ocurring on these pc's that are
communicating via DCOM and virus protection software with the latest definitions are not finding anything.
Any help towards shedding some light to this situation would be most appreciated. I can be reached directly at the contact information listed below.
Thanks.
Ken Wilson, MCSE
Senior Consultant
Tompkins Associates
(W) 407.362.0394
(C) 919.345.5360
kwilson@tompkinsinc.com
What is happening is that:
- something on the area controller pc keeps disabling Dcom. Always after a reboot, and usually at some other inconsistent frequency.
- When this happens, our graphic will crash when trying to connect to an OPCServer on that machine. The last log message says "TA_OPCServer connected, no status" It seems to be the "no status" part that causes the crash.
- A file named 26h1w9k.exe then appears on the root C directory, and is launched after a reboot and gives a "NDVDM CPU instruction error, 16 bit app"
- After a reboot, IE is launched and tries to go to a web site for. I do not have the URL right now, but we did clense the pc's for adware programs and the issue remains.
- Sometimes re-enabling Dcom will get the graphic to work again. Sometimes after re-enabling after a re-boot, sometimes not at all (like this morning)
- After the PC's were declared clean by IT, these symptons reappeared the instant Dcom was re-enabled.
- The PC's run somewhat sluggishly. The "System" process is using up 20-40% of the CPU. Not all the time.
- A virus scan of the C drive shows no virus found on one of the pc's this morning.
I don't believe this is virus, because it is only ocurring on these pc's that are
communicating via DCOM and virus protection software with the latest definitions are not finding anything.
Any help towards shedding some light to this situation would be most appreciated. I can be reached directly at the contact information listed below.
Thanks.
Ken Wilson, MCSE
Senior Consultant
Tompkins Associates
(W) 407.362.0394
(C) 919.345.5360
kwilson@tompkinsinc.com
