[attachment=47011:Test.zip]
Heur Exploit Script virus looping to blue screen on start up
#76
Posted 06 January 2011 - 11:17 AM
[attachment=47011:Test.zip]
#77
Posted 06 January 2011 - 12:35 PM
I downloaded the Test file onto a disk and ran it. I then had to put the OTLPE disk back in to the PC in order to be able to copy the file.
Wireless Network Connection:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Local Area Connection:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
Windows IP Configuration
Host Name . . . . . . . . . . . . : YOUR-FD1326E9DC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Wireless Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
Physical Address. . . . . . . . . : 00-18-DE-10-A2-43
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Marvell Yukon 88E8038 PCI-E Fast Ethernet Controller - Packet Scheduler Miniport
Physical Address. . . . . . . . . : 00-E0-B8-AE-42-10
Ping request could not find host Yahoo.com. Please check the name and try again.
Ping request could not find host Google.com. Please check the name and try again.
These Windows services are started:
Automatic Updates
Background Intelligent Transfer Service
CryptSvc
DCOM Server Process Launcher
Error Reporting Service
Event Log
Help and Support
Print Spooler
Remote Procedure Call (RPC)
Secondary Logon
Security Center
System Restore Service
Windows Defender
Windows Management Instrumentation
The command completed successfully.
#78
Posted 06 January 2011 - 12:48 PM
Let me get a report on my XP Box. Standby.
#79
Posted 06 January 2011 - 12:49 PM
#80
Posted 06 January 2011 - 01:12 PM
Application Layer Gateway Service
COM+ Event System
Computer Browser
DCOM Server Process Launcher
DHCP Client
Distributed Link Tracking Client
HTTP SSL
Human Interface Device Access
IPSEC Services
IPv6 Helper Service
Java Quick Starter
Network Connections
Network Location Awareness (NLA)
Plug and Play
Protected Storage
Remote Access Connection Manager
Remote Procedure Call (RPC) Locator
Security Accounts Manager
Server
Shell Hardware Detection
SSDP Discovery Service
System Event Notification
Task Scheduler
TCP/IP NetBIOS Helper
Telephony
Terminal Services
Themes
Universal Plug and Play Device Host
WebClient
Windows Audio
Windows Firewall/Internet Connection Sharing (ICS)
Windows Time
Workstation
Lets check for their presence.
Boot the computer to the OTLPE CD as you did before.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change all settings to none. That will speed-up the scan.
- Under the Custom Scan box paste this in
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive.
- Please post the contents of the C:\OTL.txt file in your reply.
#81
Posted 06 January 2011 - 01:24 PM
OTL logfile created on: 1/6/2011 7:18:47 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 135.06 Gb Free Space | 90.61% Space Free | Partition Type: NTFS
Drive D: | 7.31 Gb Total Space | 7.31 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
========== Files/Folders - Created Within 30 Days ==========
[2011/01/05 14:58:16 | 000,000,000 | ---D | C] -- C:\windows\temp
[2011/01/03 15:27:39 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2011/01/03 01:50:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2011/01/03 01:50:02 | 000,161,792 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011/01/03 01:50:02 | 000,136,704 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011/01/03 01:50:02 | 000,031,232 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011/01/03 01:49:50 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011/01/03 01:49:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/29 17:20:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2010/12/29 17:19:03 | 000,553,984 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2010/12/29 17:18:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/25 11:13:25 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2010/05/08 04:42:33 | 001,200,128 | ---- | C] ( ) -- C:\windows\System32\lxdfserv.dll
[2010/05/08 04:42:33 | 000,950,272 | ---- | C] ( ) -- C:\windows\System32\lxdfusb1.dll
[2010/05/08 04:42:33 | 000,663,552 | ---- | C] ( ) -- C:\windows\System32\lxdfhbn3.dll
[2010/05/08 04:42:33 | 000,647,168 | ---- | C] ( ) -- C:\windows\System32\lxdfpmui.dll
[2010/05/08 04:42:33 | 000,565,248 | ---- | C] ( ) -- C:\windows\System32\lxdflmpm.dll
[2010/05/08 04:42:33 | 000,434,176 | ---- | C] ( ) -- C:\windows\System32\lxdfhcp.dll
[2010/05/08 04:42:33 | 000,356,352 | ---- | C] ( ) -- C:\windows\System32\lxdfinpa.dll
[2010/05/08 04:42:33 | 000,339,968 | ---- | C] ( ) -- C:\windows\System32\lxdfiesc.dll
[2010/05/08 04:42:33 | 000,053,248 | ---- | C] ( ) -- C:\windows\System32\lxdfprox.dll
[2010/05/08 04:42:32 | 000,860,160 | ---- | C] ( ) -- C:\windows\System32\lxdfcomc.dll
[2010/05/08 04:42:32 | 000,364,544 | ---- | C] ( ) -- C:\windows\System32\lxdfcomm.dll
========== Files - Modified Within 30 Days ==========
[2011/01/06 13:16:32 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2011/01/06 13:03:16 | 000,000,330 | -H-- | M] () -- C:\windows\tasks\MP Scheduled Scan.job
[2011/01/06 13:00:08 | 2137,182,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/05 14:10:03 | 000,001,158 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2011/01/03 15:33:44 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011/01/03 01:54:19 | 000,442,334 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/01/03 01:54:19 | 000,071,912 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010/12/31 00:54:35 | 000,002,577 | ---- | M] () -- C:\windows\System32\CONFIG.NT
========== Files Created - No Company Name ==========
[2011/01/03 01:50:02 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2011/01/03 01:50:02 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/01/03 01:50:02 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2011/01/03 01:50:02 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/01/03 01:50:02 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2010/10/13 12:21:10 | 000,000,127 | ---- | C] () -- C:\windows\System32\MRT.INI
[2010/07/23 13:24:13 | 000,000,025 | ---- | C] () -- C:\windows\cdplayer.ini
[2010/05/08 04:46:40 | 000,040,960 | ---- | C] () -- C:\windows\System32\lxdfvs.dll
[2010/05/08 04:46:38 | 000,348,160 | ---- | C] () -- C:\windows\System32\lxdfcoin.dll
[2010/05/08 04:46:11 | 000,692,224 | ---- | C] () -- C:\windows\System32\lxdfdrs.dll
[2010/05/08 04:46:11 | 000,069,632 | ---- | C] () -- C:\windows\System32\lxdfcnv4.dll
[2010/05/08 04:46:11 | 000,065,536 | ---- | C] () -- C:\windows\System32\lxdfcaps.dll
[2010/05/08 04:45:55 | 000,069,632 | ---- | C] () -- C:\windows\System32\lxdfoem.dll
[2010/05/08 04:45:55 | 000,045,056 | ---- | C] () -- C:\windows\System32\LXDFPMON.DLL
[2010/05/08 04:45:55 | 000,032,768 | ---- | C] () -- C:\windows\System32\LXDFFXPU.DLL
[2010/05/08 04:42:33 | 000,348,160 | ---- | C] () -- C:\windows\System32\lxdfinst.dll
[2010/05/08 04:42:32 | 000,208,896 | ---- | C] () -- C:\windows\System32\lxdfgrd.dll
[2008/11/11 13:42:43 | 000,027,136 | ---- | C] () -- C:\windows\System32\QTUninst.dll
[2008/11/11 13:38:10 | 000,009,136 | ---- | C] () -- C:\windows\System32\INETWH16.DLL
[2008/06/23 05:09:39 | 000,069,632 | R--- | C] () -- C:\windows\sm56spn.dll
[2008/06/23 05:09:39 | 000,069,632 | R--- | C] () -- C:\windows\sm56itl.dll
[2008/06/23 05:09:39 | 000,069,632 | R--- | C] () -- C:\windows\sm56eng.dll
[2008/06/23 05:09:39 | 000,069,632 | R--- | C] () -- C:\windows\sm56brz.dll
[2008/06/23 05:09:39 | 000,061,440 | R--- | C] () -- C:\windows\sm56ger.dll
[2008/06/23 05:09:39 | 000,061,440 | R--- | C] () -- C:\windows\sm56fra.dll
[2008/06/23 05:09:39 | 000,053,248 | R--- | C] () -- C:\windows\sm56jpn.dll
[2008/06/23 05:09:39 | 000,049,152 | R--- | C] () -- C:\windows\sm56cht.dll
[2008/06/23 05:09:39 | 000,049,152 | R--- | C] () -- C:\windows\sm56chs.dll
[2008/06/23 04:32:03 | 000,204,800 | ---- | C] () -- C:\windows\System32\igfxCoIn_v4764.dll
[2008/06/19 10:49:09 | 000,249,856 | ---- | C] () -- C:\windows\System32\igfxTMM.dll
[2008/06/19 10:49:09 | 000,204,800 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1244.dll
[2006/01/17 13:28:20 | 000,000,061 | ---- | C] () -- C:\windows\smscfg.ini
[2006/01/14 15:00:09 | 000,000,441 | ---- | C] () -- C:\windows\System32\emver.ini
[2006/01/14 08:10:36 | 000,004,161 | ---- | C] () -- C:\windows\ODBCINST.INI
[2005/08/06 00:01:54 | 000,239,104 | ---- | C] () -- C:\windows\System32\psisdecd.dll
========== LOP Check ==========
[2010/10/23 10:06:20 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Ilubol
[2010/10/07 09:57:49 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Maus
[2010/10/09 04:24:35 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Uhzena
[2010/10/13 12:24:22 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\Ulmy
[2011/01/06 13:03:16 | 000,000,330 | -H-- | M] () -- C:\windows\Tasks\MP Scheduled Scan.job
[2010/10/24 00:21:21 | 000,000,426 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{2E16A703-F1B3-4340-B56D-A79C454F9DE3}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services >
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET CLR Data]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET CLR Networking]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET Data Provider for Oracle]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET Data Provider for SqlServer]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NETFramework]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Abiosdsk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\abp480n5]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ACPI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ACPIEC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\adpu160m]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\aec]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\agp440]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\agpCPQ]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Aha154x]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\aic78u2]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\aic78xx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Alerter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ALG]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AliIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\alim1541]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\amdagp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\amsint]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Arp1394]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\asc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\asc3350p]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\asc3550]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET_1.1.4322]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET_2.0.50727]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\aspnet_state]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AsyncMac]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Atdisk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Atmarpc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\audstub]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Avg]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BattC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Beep]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BITS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\catchme]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\cbidf]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\cbidf2k]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\cd20xrnt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Cdaudio]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Cdfs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Cdrom]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Changer]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CiSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ClipSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\clr_optimization_v2.0.50727_32]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CmBatt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CmdIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Compbatt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\COMSysApp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ContentFilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ContentIndex]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Cpqarray]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dac2w2k]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dac960nt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Disk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmadmin]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmboot]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmio]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmload]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmserver]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\DMusic]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dnscache]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dot3svc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dpti2o]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\drmkaud]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\EapHost]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ehRecvr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ehSched]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ERSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Eventlog]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\EventSystem]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Fastfat]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\FastUserSwitchingCompatibility]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Fdc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Fips]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Flpydisk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\FltMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\FontCache3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Fs_Rec]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ftdisk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Gpc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\gupdate]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\gusvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HDAudBus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\helpsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HidServ]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HidUsb]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hkmsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hpn]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HTTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HTTPFilter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\i2omgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\i2omp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\i8042prt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IAANTMON]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ialm]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\iaStor]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\idsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\igfx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Imapi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ImapiService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\inetaccs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ini910u]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Inport]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IntelIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\intelppm]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ip6Fw]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IpFilterDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IpInIp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IpNat]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IPSec]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\IRENUM]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ISAPISearch]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\isapnp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\JavaQuickStarterService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Kbdclass]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\kmixer]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\KSecDD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lanmanserver]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lanmanworkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lbrtfdc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ldap]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\LicenseService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lxdfCATSCustConnectService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lxdf_device]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MBAMSwissArmy]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\McrdSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MHN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MHNDRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mnmdd]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mnmsrvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Modem]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Mouclass]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mouhid]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MountMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mraid35x]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MRxDAV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MRxSmb]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSDTC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSDTC Bridge 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Msfs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSKSSRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSPCLOCK]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSPQM]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mssmbios]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Mup]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\napagent]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NdisTapi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NdisWan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NDProxy]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetDDE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetDDEdsdm]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Netman]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetTcpPortSharing]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NIC1394]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Nla]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Npfs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ntfs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NtLmSsp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NtmsSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Null]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\nv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NwlnkFlt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NwlnkFwd]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ohci1394]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Parport]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PartMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ParVdm]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PCI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PCIDump]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PCIIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PDRELI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\perc2]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\perc2hib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfNet]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfOS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfProc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PptpMiniport]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PrismXL]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ProtectedStorage]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PSched]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ptilink]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PxHelp20]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ql1080]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Ql10wnt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ql12160]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ql1240]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ql1280]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasAcd]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasAuto]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Rasl2tp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasMan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasPppoe]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Raspti]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPCDD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPDD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\rdpdr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPNP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPWD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDSessMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\redbook]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RemoteAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RemoteRegistry]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RpcLocator]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RSVP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SamSs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SASDIFSV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SASKUTIL]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Schedule]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ScsiPort]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Secdrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\seclogon]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SENS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\serenum]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Serial]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelEndpoint 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelOperation 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelService 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ShellHWDetection]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Simbad]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sisagp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\smserial]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SMSvcHost 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Sparrow]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\splitter]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Spooler]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\srservice]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Srv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SSDPSRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\STHDA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\stisvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\swenum]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\swmidi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SwPrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\swwd]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\symc810]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\symc8xx]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sym_hi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sym_u3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SynTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysaudio]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SysmonLog]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TapiSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TDTCP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TermDD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TermService]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Themes]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\tifm21]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TlntSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TosIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TrkWks]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TSDDD]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Udfs]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ultra]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UMWdf]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Update]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\upnphost]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UPS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbccgp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbehci]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbhub]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbscan]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbstor]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\usbuhci]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\VgaSave]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\viaagp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ViaIde]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\VolSnap]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\VSS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\W32Time]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\w39n51]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\W3SVC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Wanarp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WDICA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\wdmaud]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WebClient]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Windows Workflow Foundation 3.0.0.0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\winmgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Winsock]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinTrust]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmdmPmSN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Wmi]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmiApSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WS2IFSL]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\wscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\wuauserv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WZCSVC]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xmlprov]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\yukonwxp]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\{8E277FF1-9384-4701-A59D-9AC5DBA21EAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\{9B228BC9-29E4-497E-93D4-8EF7B9F8CD68}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\{EF466B64-3DC6-48AB-A954-EBBD1206849C}]
< End of report >
#82
Posted 06 January 2011 - 04:23 PM
Boot the computer to the OTLPE CD as you did before.
- Double-click on the OTLPE icon.
- When asked "Do you wish to load the remote registry", select Yes
- When asked "Do you wish to load remote user profile(s) for scanning", select Yes
- Ensure the box "Automatically Load All Remaining Users" is checked and press OK
- OTL should now start. Change the following settings
- Change all settings to none. That will speed-up the scan.
- Under the Custom Scan box paste this in
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET CLR Data /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET CLR Networking /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET Data Provider for Oracle /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NET Data Provider for SqlServer /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\.NETFramework /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Alerter /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ALG /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AppMgmt /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET_1.1.4322 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ASP.NET_2.0.50727 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\aspnet_state /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\AudioSrv /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BattC /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Browser /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\CiSvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ClipSrv /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\clr_optimization_v2.0.50727_32 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\COMSysApp /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ContentFilter /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ContentIndex /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dhcp /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmadmin /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\dmserver /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dnscache /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Dot3svc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\EapHost /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ehRecvr /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ehSched /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\EventSystem /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\FastUserSwitchingCompatibility /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\FontCache3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\gupdate /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\gusvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HidServ /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\hkmsvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\HTTPFilter /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\idsvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ImapiService /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\inetaccs /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Inport /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ISAPISearch /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\JavaQuickStarterService /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lanmanserver /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\lanmanworkstation /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ldap /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\LicenseService /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\LmHosts /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\McrdSvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\mnmsrvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSDTC /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSDTC Bridge 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\MSIServer /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\napagent /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetDDE /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetDDEdsdm /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Netlogon /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Netman /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NetTcpPortSharing /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Nla /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NtLmSsp /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\NtmsSvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfDisk /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfNet /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfOS /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PerfProc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PlugPlay /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\PolicyAgent /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ProtectedStorage /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasAuto /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RasMan /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPDD /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDPNP /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RDSessMgr /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RemoteAccess /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RemoteRegistry /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RpcLocator /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RpcSs /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\RSVP /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SamSs /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SCardSvr /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Schedule /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ScsiPort /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SENS /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelEndpoint 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelOperation 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ServiceModelService 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ShellHWDetection /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SMSvcHost 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SSDPSRV /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\stisvc /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SwPrv /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\swwd /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SysmonLog /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TapiSrv /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TermService /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Themes /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TlntSvr /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TrkWks /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\TSDDD /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UMWdf /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\upnphost /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\UPS /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\VSS /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\W32Time /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\W3SVC /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WebClient /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Windows Workflow Foundation 3.0.0.0 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinSock2 /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WinTrust /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmdmPmSN /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmiApRpl /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WmiApSrv /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WS2IFSL /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\WZCSVC /s
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xmlprov /s
- Press Run Scan to start the scan.
- When finished, the file will be saved in drive C:\OTL.txt
- Copy this file to your USB drive.
- Please post the contents of the C:\OTL.txt file in your reply.
If the log is too large, upload it as follows:
Please go here:
The Spy Killer Forum
- Click on "New Topic"
- Put your name, e-mail address, and this as the title: "For JSntgRvr"
- Put a link to this thread in the description box.
- Then next to the file box, at the bottom, click the browse button, then navigate to this file:
- OTL.log
- Click Open.
- Click Post.
If you need to upload the file, let me know to check. I will need some time to review all this data. Sooner or later we gonna get this going.
#83
Posted 06 January 2011 - 04:37 PM
It then goes back to the Realtogo desktop screen.
I have tried scanning it twice and it has happened both times.
Sorry
Edited by Jan1959, 06 January 2011 - 04:47 PM.
#84
Posted 06 January 2011 - 04:54 PM
#85
Posted 06 January 2011 - 04:58 PM
#86
Posted 06 January 2011 - 05:03 PM
#87
Posted 06 January 2011 - 05:17 PM
#88
Posted 06 January 2011 - 05:32 PM
Go to Start -> Run, type Services.msc and click OK. Scroll down to Plug and Play. Double click on it. Make sure the Starup type is set to automatic and click on the Start button. Let me know if you receive an error message.
While in the Services Console, scroll down to the Remote Procedure Call and do the same. There should be two entries for the RPC. One is the locator. Make sure both are set to automatic and are running.
Go to Start -> Run, type CMD and click OK. At the prompt type the following and press Enter after each line:
netsh int ip reset C:\Resetlog.txt
netsh winsock reset catalog
ipconfig /flushdns (The space between g and / is needed)
Exit
Restart the computer.
Let me know of any error messages when performing these actions.
#89
Posted 06 January 2011 - 05:41 PM
I will now look at the Remote Procedure Call
It is not available due to the Plug and Play Service being disabled. Again I have tried to apply with no success.
When I click back on these boxes the Automatic is still in the boxes so I will try the CMD commands.
No other error messages other than the usual no boot.ini using windows on start up.
Edited by Jan1959, 06 January 2011 - 06:08 PM.
#90
Posted 06 January 2011 - 06:13 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users