Windows Update Error 0x80070005 XP SP3 cannot update

maybe it's from your Firewall or

try checkout
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.windowsupdate&tid=00c31eeb-b4a4-46d6-a7d9-de47f7101cfd&p=1

it's included the WGA also

check out this also

http://blogs.msdn.com/b/astebner/archive/2006/09/04/739820.aspx

Thanks for the reply.

Unfortunately not: Norton Firewall is disabled and auto-protect is off. I had tried following that page, and have run the WGA Diagnostic tool to no avail.

try the below ( good luck )

0x80070005 - Resolution Suggestion:

In most cases you can resolve this error by doing the following:

Step 1

Open up your browser and download the Microsoft Genuine Advantage Diagnostic Tool - HERE to your desktop.

 

Step 2

Simply double click the file and hit the "continue" button.

The tool will now run a diagnostic and hopefully automatically fix the issue on your PC.


Step 3

When finished you should see an entry:

  Validation Status: Genuine

Now REBOOT your PC and try Windows Updates again...


Step 4

Another quick way that has been reported to fix this issue is to visit the online validation too:

http://www.microsoft.com/genuine/default.aspx?displaylang=en

 

...and that should have now resolved the 0x80070005 error for you!

Sorry forgot the link for Microsoft Genuine Advantage Diagnostic Tool
Open up your browser and download the Microsoft Genuine Advantage Diagnostic Tool - HERE
http://go.microsoft.com/fwlink/?linkid=52012

Could be virus related.
Run Combofix and post logfile here after.
Follow its instructions
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Another option is to run MS fixit if not virus
http://support.microsoft.com/kb/971058

pballan: thanks but I had already tried that diagnostic tool

optoma: good suggestion--interesting when i run the FixIt tool, I get the error message: "Service 'Automatic Updates' (WUAUSERV) could not be stopped. Verify that you have sufficient privileges to stop system services"

Sure enough, when I ope services.msc and try to open the "Automatic Updates" service I get: "Unable to open Service Automatic Updates for reasing on Local Computer. Error 5: Access is Denied"

Also the combofix window appears to be running indefinitely...Been sitting there for 25 minutes or so.

It's not really showing other signs of infection, Norton, Trojan Remover coming up empty.

Also I'm not getting any status updates from Combofix...I see on the walkthrough its supposed to come up and say "Completed Stage_1, _2..." etc...don't have any of that

nevermind, ran fine after a reboot. here's the log:


ComboFix 10-06-15.02 - Cedric 15/06/2010  22:22:51.1.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1022.499 [GMT -4:00]
Running from: c:\documents and settings\Cedric\My Documents\Downloads\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Cedric\GoToAssistDownloadHelper.exe
c:\program files\INSTALL.LOG
C:\setup.exe
c:\windows\xpsp1hfm.log

.
(((((((((((((((((((((((((   Files Created from 2010-05-16 to 2010-06-16  )))))))))))))))))))))))))))))))
.

2010-08-06 22:20 . 2009-10-07 08:43      199192      ----a-w-      c:\windows\system32\lvci12101110.dll
2010-06-16 00:40 . 2010-06-16 00:40      --------      d-----w-      c:\documents and settings\All Users\Application Data\TEMP
2010-06-14 20:22 . 2010-06-14 20:22      --------      d-----w-      c:\program files\Windows Resource Kits
2010-06-14 20:21 . 2006-06-19 16:01      69632      ----a-w-      c:\windows\system32\ztvcabinet.dll
2010-06-14 20:21 . 2006-05-25 18:52      162304      ----a-w-      c:\windows\system32\ztvunrar36.dll
2010-06-14 20:21 . 2005-08-26 04:50      77312      ----a-w-      c:\windows\system32\ztvunace26.dll
2010-06-14 20:21 . 2003-02-02 23:06      153088      ----a-w-      c:\windows\system32\UNRAR3.dll
2010-06-14 20:21 . 2002-03-06 04:00      75264      ----a-w-      c:\windows\system32\unacev2.dll
2010-06-14 15:49 . 2010-06-14 15:49      --------      d-----w-      c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-06-11 02:57 . 2004-08-04 10:00      221184      ----a-w-      c:\windows\system32\wmpns.dll
2010-06-11 02:41 . 2008-04-14 09:41      4255      ------w-      c:\windows\system32\drivers\adv01nt5.dll
2010-06-11 02:37 . 2010-06-11 02:37      --------      d-----w-      c:\windows\EHome
2010-06-11 01:51 . 2010-06-11 01:51      --------      d-----w-      c:\program files\Windows Defender
2010-06-08 23:21 . 2010-06-08 23:21      --------      d-----w-      c:\documents and settings\All Users\Uniblue
2010-05-29 00:10 . 2010-05-29 00:10      503808      ----a-w-      c:\documents and settings\Diana\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38dcbca0-n\msvcp71.dll
2010-05-29 00:10 . 2010-05-29 00:10      499712      ----a-w-      c:\documents and settings\Diana\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38dcbca0-n\jmc.dll
2010-05-29 00:10 . 2010-05-29 00:10      348160      ----a-w-      c:\documents and settings\Diana\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-38dcbca0-n\msvcr71.dll
2010-05-29 00:10 . 2010-05-29 00:10      61440      ----a-w-      c:\documents and settings\Diana\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-627fd319-n\decora-sse.dll
2010-05-29 00:10 . 2010-05-29 00:10      12800      ----a-w-      c:\documents and settings\Diana\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-627fd319-n\decora-d3d.dll
2010-05-22 18:11 . 2010-05-22 18:11      503808      ----a-w-      c:\documents and settings\Cedric\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5b450a03-n\msvcp71.dll
2010-05-22 18:11 . 2010-05-22 18:11      499712      ----a-w-      c:\documents and settings\Cedric\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5b450a03-n\jmc.dll
2010-05-22 18:11 . 2010-05-22 18:11      348160      ----a-w-      c:\documents and settings\Cedric\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-5b450a03-n\msvcr71.dll
2010-05-22 18:11 . 2010-05-22 18:11      61440      ----a-w-      c:\documents and settings\Cedric\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-72567230-n\decora-sse.dll
2010-05-22 18:11 . 2010-05-22 18:11      12800      ----a-w-      c:\documents and settings\Cedric\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-72567230-n\decora-d3d.dll
2010-05-19 03:41 . 2010-05-19 03:41      --------      d-----w-      c:\program files\Common Files\Java
2010-05-19 03:41 . 2010-05-19 03:40      411368      ----a-w-      c:\windows\system32\deployJava1.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-06 22:21 . 2009-08-25 00:57      --------      d-----w-      c:\program files\Common Files\LogiShrd
2010-06-14 15:58 . 2009-08-25 00:28      0      ----a-w-      c:\windows\system32\drivers\lvuvc.hs
2010-06-14 15:57 . 2009-08-25 00:26      0      ----a-w-      c:\windows\system32\drivers\logiflt.iad
2010-06-14 13:49 . 2008-02-25 23:27      --------      d-----w-      c:\program files\Dl_cats
2010-06-12 21:02 . 2007-12-04 15:01      47120      ----a-w-      c:\documents and settings\Diana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-11 02:58 . 2007-12-03 22:59      47120      ----a-w-      c:\documents and settings\Cedric\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-11 02:49 . 2007-12-03 22:32      77423      ----a-w-      c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-06-09 00:25 . 2009-10-22 17:27      --------      d-----w-      c:\documents and settings\Cedric\Application Data\Uniblue
2010-06-09 00:25 . 2009-10-22 18:06      --------      d-----w-      c:\program files\Uniblue
2010-06-08 23:44 . 2009-08-25 00:58      23832      ----a-w-      c:\windows\system32\drivers\lvuvcflt.sys
2010-06-08 23:30 . 2007-12-03 23:21      45568      ----a-w-      c:\windows\system32\drivers\bcm4sbxp.sys
2010-06-03 19:09 . 2009-10-15 19:08      64288      ----a-w-      c:\windows\system32\drivers\Lbd.sys
2010-05-29 00:10 . 2010-02-18 14:10      664      ----a-w-      c:\windows\system32\d3d9caps.dat
2010-05-16 00:33 . 2009-08-24 22:03      --------      d-----w-      c:\documents and settings\Cedric\Application Data\Skype
2010-05-15 23:05 . 2009-08-24 22:07      --------      d-----w-      c:\documents and settings\Cedric\Application Data\skypePM
2010-05-02 19:09 . 2009-10-16 15:55      15880      ----a-w-      c:\windows\system32\lsdelete.exe
2010-04-24 23:31 . 2009-09-21 20:04      --------      d-----w-      c:\documents and settings\Cedric\Application Data\dvdcss
2010-04-17 17:45 . 2007-12-04 17:27      --------      d-----w-      c:\program files\Common Files\Symantec Shared
2010-04-17 15:25 . 2010-04-17 15:25      --------      d-----w-      c:\program files\Symantec
2010-04-17 15:25 . 2010-04-17 15:25      805      ----a-w-      c:\windows\system32\drivers\SYMEVENT.INF
2010-04-17 15:25 . 2010-04-17 15:25      7443      ----a-w-      c:\windows\system32\drivers\SYMEVENT.CAT
2010-04-17 15:25 . 2010-04-17 15:25      60808      ----a-w-      c:\windows\system32\S32EVNT1.DLL
2010-04-17 15:25 . 2010-04-17 15:25      124976      ----a-w-      c:\windows\system32\drivers\SYMEVENT.SYS
2010-04-17 15:25 . 2010-04-17 15:24      --------      d-----w-      c:\program files\Norton Internet Security
2010-04-17 15:24 . 2008-12-04 21:57      --------      d-----w-      c:\documents and settings\All Users\Application Data\Norton
2010-04-17 15:17 . 2008-12-04 21:55      --------      d-----w-      c:\documents and settings\All Users\Application Data\NortonInstaller
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PowerSuite"="c:\program files\Uniblue\PowerSuite\launcher.exe" [2010-06-01 46440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll" [2005-09-14 73728]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"ISUSScheduler"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" [2004-07-27 81920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Cedric\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Logitech WebCam Software\eReg.exe [2009-10-14 517384]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2009-7-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-09-19 01:21      10536      ----a-w-      c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2008-10-01 17:57      111936      ----a-w-      c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-01-02 21:41      45056      ----a-w-      c:\program files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 09:42      15360      ----a-w-      c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlccmon.exe]
2005-10-21 15:40      430080      ----a-w-      c:\program files\Dell Photo AIO Printer 924\dlccmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 21:50      221184      ----a-w-      c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50      81920      ----a-w-      c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2002-11-08 09:50      19968      ------w-      c:\windows\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 09:42      1695232      ----a-w-      c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 01:53      421888      ----a-w-      c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-27 18:19      282624      ----a-w-      c:\windows\stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-10-05 00:09      185872      ----a-w-      c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"NMSAccessU"=2 (0x2)
"KodakDigitalDisplayService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"ATI Smart"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Kodak\\Digital Display\\KodakDigitalDisplaySoftware.exe"=
"c:\\Program Files\\Kodak\\Digital Display\\OrbKodakLauncher\\DllStartupService.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [10/15/2009 3:08 PM 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [5/25/2010 3:13 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [5/25/2010 3:13 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20100522.001\BHDrvx86.sys [5/22/2010 2:16 PM 691248]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [5/25/2010 3:13 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [5/25/2010 3:13 PM 116784]
R2 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe [5/14/2009 12:21 PM 98304]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [5/25/2010 3:13 PM 126392]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/27/2010 1:51 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20100604.004\IDSXpx86.sys [6/9/2010 12:35 PM 331640]
S2 gupdate1ca4dca80fef7ea;Google Update Service (gupdate1ca4dca80fef7ea);c:\program files\Google\Update\GoogleUpdate.exe [10/15/2009 3:05 PM 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 11:52 AM 1352320]
.
Contents of the 'Scheduled Tasks' folder

2010-06-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 19:08]

2010-03-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 19:05]

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-15 19:05]

2010-06-16 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]

2010-06-11 c:\windows\Tasks\User_Feed_Synchronization-{1139FFEB-BA25-45B0-BF8E-A114DD5C9176}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: microsoft.com\v4.windowsupdate
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www.update
Trusted Zone: windowsupdate.com\download
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-osCheck - c:\program files\Norton AntiVirus\osCheck.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-DMXLauncher - c:\program files\Dell\Media Experience\DMXLauncher.exe
MSConfigStartUp-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-15 22:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  DLCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(632)
c:\program files\Citrix\GoToAssist\514\G2AWinLogon.dll
.
Completion time: 2010-06-15  22:33:33
ComboFix-quarantined-files.txt  2010-06-16 02:33

Pre-Run: 137,925,038,080 bytes free
Post-Run: 141,682,282,496 bytes free

- - End Of File - - CF63EFA8A7528BC05182626B7591C31C

Did you try update fixit after running Combofix?
Any difference/ error messages?

No prob.