Windows BBS The Place for Microsoft Windows Support! Windows, Support, Help Site

Go Back   Windows BBS > Security > Malware and Virus Removal
Reload this Page

infostealer.gampass help :D

Register FAQ Members List Mark Forums Read

Malware and Virus Removal Problems removing malware/viruses? Get help from our Malware removal experts.

Register your FREE account to unlock additional features at WindowsBBS.com
Register
Welcome to WindowsBBS.com
Microsoft Windows Support

Mission Statement

WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.

Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.

Discussion Forums
Operating Systems
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Windows 2000 Windows 2000
Windows 95/98/Me/NT Windows 95/98/Me/NT
Internet & Networking
Networking
Internet Explorer
Microsoft Mail
Firefox, Thunderbird
      & SeaMonkey
General Internet
Security
General Security
Malware and Virus
     Removal
Other
Other Software
Hardware
Test Posts
Community
Introductions
General Discussions
Comments
      & Suggestions
News @ WindowsBBS

Forum Sponsor
Image

Reply
 
LinkBack Thread Tools
Old 12th May 2008   #1
Member
 
Profile:
Join Date: May 2008
Posts: 3
Computer Experience:
beginner
kumiko Reputation Level
infostealer.gampass help :D
Hi, first time on the forum.

Today I received a notification from my Symantec Anti-Virus that the gampass.infostealer had infected one of my files. I had done a full system scan but just do make sure it's completely gone I posted my HJT profile. I'm not too HJT savvy but I'd do anything to get completely rid of the virus since I had read it can be quite a nuisance later on.


Logfile of HijackThis v1.99.1
Scan saved at 4:04:25 PM, on 5/12/2008
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
(I use Firefox 99% of the time)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\AIM95\aim.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\vpc32.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

Thanks so much for reviewing
kumiko is offline   Reply With Quote
Didn't find the information you thought to find?
Check out these Similar Threads
Old 13th May 2008   #2
Staff
 
noahdfear's Avatar
 
Profile:
Join Date: Apr 2003
Location: New Bremen, Ohio U.S.A.
Posts: 10,956
Computer Experience:
~@<*+
noahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Levelnoahdfear Reputation Level

My System

Welcome to WindowsBBS kumiko

While that log appears clean, you're using an outdated version of HijackThis. Please read this topic, install the latest version of Hijackthis, run a scan and save the log (you can close it for now). Then, download and run Deckard's System Scanner and post BOTH the main.txt and extra.txt logs. You may be required to put them in separate posts due to character count limitations.


Then do an online scan with Kaspersky WebScanner

Click Scan Now and Accept the agreement. You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    • Extended (if available otherwise Standard)
    • Scan Options:
    • Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    • Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.

Post the Kaspersky log here as well.
noahdfear is online now   Reply With Quote
Old 13th May 2008   #3
Member
 
Profile:
Join Date: May 2008
Posts: 3
Computer Experience:
beginner
kumiko Reputation Level
deckard results pt 1
Sorry for the triple posting. Below this post should have the main and extra text files. Still waiting for Kaspersky, that's been kind of hanging on me though...
Last edited by kumiko; 13th May 2008 at 05:13.
kumiko is offline   Reply With Quote
Old 13th May 2008   #4
Member
 
Profile:
Join Date: May 2008
Posts: 3
Computer Experience:
beginner
kumiko Reputation Level
deckard results
MAIN.TXT

Deckard's System Scanner v20071014.68
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
74: 2008-05-13 02:28:26 UTC - RP355 - Deckard's System Scanner Restore Point
73: 2008-05-12 21:35:03 UTC - RP354 - Removed MonatoEsprit
72: 2008-05-11 17:04:33 UTC - RP353 - System Checkpoint
71: 2008-05-10 01:16:33 UTC - RP352 - System Checkpoint
70: 2008-05-09 00:48:46 UTC - RP351 - System Checkpoint


-- First Restore Point --
1: 2008-02-12 23:50:02 UTC - RP282 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:48 PM, on 5/12/2008
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\AIM95\aim.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

--
End of file - 7351 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 PenClass (Pen Class) - c:\windows\system32\drivers\penclass.sys <Not Verified; Wacom Technology Corporation; Wacom Pen Class Driver>
R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 DgiVecp - c:\windows\system32\drivers\dgivecp.sys <Not Verified; Samsung Electronics Co., Ltd.; Samsung Electronics Co., Ltd. VECP for Windows 2000, XP>
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 O&O Defrag - c:\windows\system32\oodag.exe <Not Verified; O&O Software GmbH; O&O Defrag>
R2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
R2 TabletService - c:\windows\system32\tablet.exe <Not Verified; Wacom Technology, Corp.; Wacom Win32 Tablet Service>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&163C0F35&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&163C0F35&0
Service: i8042prt


-- Scheduled Tasks -------------------------------------------------------------

2008-05-12 22:16:20 430 --a------ C:\WINDOWS\Tasks\XoftSpySE 2.job
2007-04-01 18:25:44 360 --a------ C:\WINDOWS\Tasks\XoftSpySE.job


-- Files created between 2008-04-12 and 2008-05-12 -----------------------------

2008-05-12 16:56:13 0 d-------- C:\Program Files\Enigma Software Group
2008-05-08 15:36:35 0 d-------- C:\WINDOWS\aim95
2008-05-08 15:36:29 0 d-------- C:\Program Files\AIM95
2008-05-08 06:24:22 0 d-------- C:\WINDOWS\system32\Plugins
2008-05-06 18:00:11 0 d-------- C:\Program Files\MeeSoft
2008-05-04 16:35:42 0 d-------- C:\Documents and Settings\Administrator\Application Data\ScummVM
2008-05-04 16:35:38 0 d-------- C:\Program Files\ScummVM
2008-04-24 20:16:13 0 d-------- C:\Documents and Settings\Administrator\.alice


-- Find3M Report ---------------------------------------------------------------

2008-05-12 22:16:46 12620 --a------ C:\WINDOWS\system32\wacom.dat
2008-05-12 19:15:20 40 --a------ C:\WINDOWS\system32\profile.dat
2008-05-12 15:22:27 0 d-------- C:\Program Files\XoftSpySE
2008-05-11 17:43:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-05-11 15:58:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\.purple
2008-05-09 20:01:38 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-07 19:40:06 0 d-------- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
2008-05-06 19:58:59 0 d-------- C:\Program Files\Common Files
2008-05-05 18:08:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM
2008-05-04 15:30:08 0 d-------- C:\Program Files\SpywareBlaster
2008-05-03 13:51:07 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-15 11:30:35 0 d-------- C:\Program Files\Winamp
2008-02-24 20:50:15 27368 --a------ C:\Documents and Settings\Administrator\Application Data\GDIPFONTCACHEV1.DAT
2008-02-24 17:32:57 5474304 --a------ C:\WINDOWS\system32\logonuiX.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/22/2006 07:22 AM]
"nwiz"="nwiz.exe" [10/22/2006 07:22 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [10/22/2006 07:22 AM]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [09/07/2006 01:19 PM]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [08/10/2004 04:04 AM]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [03/24/2006 05:14 PM]
"vptray"="C:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe" [06/15/2006 01:40 AM]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [09/20/2007 09:23 AM]
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [05/05/2006 07:38 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [01/01/2007 05:22 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07/12/2007 04:00 AM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [02/01/2008 12:13 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [04/03/2007 06:29 PM]
"AIM"="C:\PROGRA~1\AIM95\aim.exe" [10/30/2000 04:43 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [5/15/2003 1:19:50 AM]
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [4/1/2007 7:03:37 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 1:01:04 AM]
TabUserW.exe.lnk - C:\WINDOWS\system32\Wtablet\TabUserW.exe [5/29/2003 9:33:34 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explor er]
"NoLowDiskSpaceChecks"=1 (0x1)
"NoRecentDocsMenu"=1 (0x1)
"NoSaveSettings"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell ExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [11/23/2004 04:51 PM 192512]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountp oints2\{84c0fa18-de83-11dc-bdb6-00e0183aab75}]
AutoRun\command- H:\LaunchU3.exe -a

*Newly Created Service* - ASPI32

EXTRA.TXT

-- End of Deckard's System Scanner: finished at 2008-05-12 22:31:25 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

A: is Removable (No Media)
C: is Fixed (NTFS) - 76.32 GiB total, 39.86 GiB free.
D: is Fixed (FAT32) - 4.01 GiB total, 1.19 GiB free.
E: is CDROM (UDF)
F: is CDROM (No Media)
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6Y080P0 - 76.33 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 76.32 GiB - C:

\\.\PHYSICALDRIVE1 - WDC AC24300L - 4.01 GiB - 1 partition
\PARTITION0 (bootable) - Unknown - 4.01 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.

FW: Symantec Client Firewall v8.7.4.79 (Symantec Corporation)
AV: Symantec AntiVirus Corporate Edition v10.1.4.4000 (Symantec Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPoli cy\DomainProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPoli cy\StandardProfile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:En abled:MUZ AOD APP player"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\Mic rosoft.NET\Framework\v2.0.50727;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 7, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0207
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42 --> "C:\Program Files\7-Zip\Uninstall.exe"
7-Zip Addon Pack --> C:\PROGRA~1\7-Zip\UNWISE.EXE C:\PROGRA~1\7-Zip\INSTALL.LOG
Adobe Acrobat 6.0 Professional - English, Français, Deutsch --> MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000001}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop CS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,Launch Setup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x9
Adobe Reader 8.1.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
AOL Instant Messenger (SM) --> C:\Program Files\AIM95\uninstll.exe -LOG= C:\Program Files\AIM95\install.log -OEM=
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
Audio Recorder for FREE v5.6 --> "C:\Program Files\Audio Recorder for FREE\unins000.exe"
CamStudio --> C:\Program Files\CamStudio\uninstall.exe
Corel Painter X --> C:\Program Files\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\PainterX.log
Corel Painter X --> MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Talk (remove only) --> "C:\Program Files\Google\Google Talk\uninstall.exe"
GTK+ Runtime 2.10.11 rev b (remove only) --> C:\Program Files\Common Files\GTK\2.0\uninst.exe
HijackThis 2.0.2 --> "C:\Documents and Settings\Administrator\Desktop\HijackThis.exe" /uninstall
Japanese Language Support --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ja.inf, Uninstall
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
K-Lite Codec Pack 2.85 Full --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Korean Language Support --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\ko.inf, Uninstall
LiveUpdate 3.0 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Macromedia Flash MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F353D44-73BB-4971-B31D-F7642E9E9531}\Setup.exe" -l0x9 UNINSTALL
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Mustek 1200 UB Plus v2.0 --> C:\PROGRA~1\MUSTEK~1\Driver\UNINST.EXE
Nero 7.2.3.2 --> "C:\Program Files\Nero\unins000.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
O&O Defrag Professional Edition --> MsiExec.exe /I{53480370-6CA2-47EC-BC05-02B4B9271C31}
Pen Tablet --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FE2FF182-7DB1-43FB-BFDE-7C44C26867AE} /l1033
Pidgin --> C:\Program Files\Pidgin\pidgin-uninst.exe
PowerDVD --> C:\PROGRA~1\CYBERL~1\PowerDVD\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\HTMLHE~1\ UNWISE.EXE C:\PROGRA~1\CYBERL~1\PowerDVD\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\HTMLHE~1\ INSTALL.LOG
QuickTime --> MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
QuickTime Alternative 1.77 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
Real Alternative 1.51 Lite --> "C:\Program Files\Real Alternative\unins000.exe"
Samsung CLP-600 Series --> C:\Program Files\Samsung\Samsung CLP-600 Series\Install\Setup.exe /R
Samsung Media Studio --> C:\Program Files\InstallShield Installation Information\{C20CE592-B0F8-4D20-BF31-0151CA6331A6}\Setup.exe -runfromtemp -l0x0009 -removeonly
ScummVM 0.11.1 --> "C:\Program Files\ScummVM\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Symantec Client Security --> MsiExec.exe /I{C20729A4-C8C2-4DE3-94BE-5E3A2E9EFB63}
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip 10 Pro --> C:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\Crypto\UNWISE.EXE C:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\Crypto\INSTALL.LOG
XoftSpySE --> C:\Program Files\XoftSpySE\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type12186 / Error
Event Submitted/Written: 05/12/2008 10:20:07 PM
Event ID/Source: 45 / Symantec AntiVirus
Event Description:
SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe
Event Info: Allocation Memory
Action Taken: Blocked
Actor Process: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (PID 3032)
Time: Monday, May 12, 2008 10:20:07 PM

Event Record #/Type12185 / Error
Event Submitted/Written: 05/12/2008 10:20:07 PM
Event ID/Source: 45 / Symantec AntiVirus
Event Description:
SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
Event Info: Allocation Memory
Action Taken: Blocked
Actor Process: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (PID 3032)
Time: Monday, May 12, 2008 10:20:07 PM

Event Record #/Type12184 / Error
Event Submitted/Written: 05/12/2008 10:20:07 PM
Event ID/Source: 45 / Symantec AntiVirus
Event Description:
SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
Event Info: Allocation Memory
Action Taken: Blocked
Actor Process: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (PID 3032)
Time: Monday, May 12, 2008 10:20:07 PM

Event Record #/Type12183 / Error
Event Submitted/Written: 05/12/2008 10:20:07 PM
Event ID/Source: 45 / Symantec AntiVirus
Event Description:
SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec Client Security\Symantec AntiVirus\VPTray.exe
Event Info: Allocation Memory
Action Taken: Blocked
Actor Process: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (PID 3032)
Time: Monday, May 12, 2008 10:20:07 PM

Event Record #/Type12182 / Error
Event Submitted/Written: 05/12/2008 10:20:07 PM
Event ID/Source: 45 / Symantec AntiVirus
Event Description:
SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Allocation Memory
Action Taken: Blocked
Actor Process: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe (PID 3032)
Time: Monday, May 12, 2008 10:20:07 PM



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type16758 / Warning
Event Submitted/Written: 05/11/2008 11:34:38 AM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type16526 / Error
Event Submitted/Written: 05/07/2008 06:50:25 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The LiveUpdate service failed to start due to the following error:
%%1053

Event Record #/Type16525 / Error
Event Submitted/Written: 05/07/2008 06:50:25 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.

Event Record #/Type16524 / Error
Event Submitted/Written: 05/07/2008 06:50:25 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1053" attempting to start the service LiveUpdate with arguments ""
in order to run the server:
{03E0E6C2-363B-11D3-B536-00902771A435}

Event Record #/Type16523 / Error
Event Submitted/Written: 05/07/2008 06:50:08 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The LiveUpdate service failed to start due to the following error:
%%1053



-- End of Deckard's System Scanner: finished at 2008-05-12 22:31:25 ------------
kumiko is offline   Reply With Quote




Contact Us - Windows BBS - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0
Copyright © 2002 - 2008 WindowsBBS.com. All rights reserved.
Terms of Use, Legal Information & Privacy Policy
[
]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32