XPenvironment??

  • Thread starter Thread starter RM-admin
  • Start date Start date
R

RM-admin

OS: Win2000SrvSP4 single domain/DC XPProSP2 and Win2KPro clients

Issue: under services there is a service called XPenvironment resdiding at
c:\winnt\system32\microsoft\protect\s-1-5-18\userx\services.exe
/name:"XPenvironment"

/start:"environment.exe" but it is not actual path, so it cannot be started

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 11/27/2007
Time: 2:19:43 PM
User: N/A
Computer: VADER
Description:
The XPenvironment service failed to start due to the following error:
The system cannot find the path specified.



Cannot find any reference to this service online.
What is this service and is it needed?
Is this a MS service or an exploit?
What steps are needed to correct or remove this service (presently disabled)?
Is this why AD is not showing XP asynchronous logon?
 
RM-admin said:
OS: Win2000SrvSP4 single domain/DC XPProSP2 and Win2KPro clients
Issue: under services there is a service called XPenvironment resdiding at
c:\winnt\system32\microsoft\protect\s-1-5-18\userx\services.exe
/name:"XPenvironment"
/start:"environment.exe" but it is not actual path, so it cannot be started

You mean that there is no files left in location that is shown above?
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7000
Date: 11/27/2007
Time: 2:19:43 PM
User: N/A
Computer: VADER
Description:
The XPenvironment service failed to start due to the following error:
The system cannot find the path specified.
Cannot find any reference to this service online.
What is this service and is it needed?
Is this a MS service or an exploit?

AFAIC this seems to be some malware entries.
What steps are needed to correct or remove this service (presently disabled)?

To remove a service you must find its subkey located in registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services and delete it.
At the end delete all files from the disk - if there are any left. ;-)
Before making any changes with services I advice to make a backup of the
registry - for instance using free utility ERUNT.
Is this why AD is not showing XP asynchronous logon?

IMO this is not the cause.
 
Back
Top