09-07-2012 06:40 PM - edited 09-07-2012 06:47 PM
Did you have any one use the system between steps, as what is strange is the MD5 for services.exe has changed from BC81150939BD52DBC7A08C245F1FB229 to E2D076F2C1239AA6C7412BA6B8B1DE4E, but still a MD5 I don't know of.
Your system should probably use for that location MD5 934E0B7D77FF78C18D9F8891221B6DE3
09-07-2012 07:29 PM
On the Flash Drive that has FRST64.exe and the .txt files. Delete them all and download a new FRST64.exe (like the first instructions) and create a new FRST.txt log for me.
We may have to use FRST to seach and replace services.exe files and script to swap with the copy I want it to.
A stubborn one, or a re infection.
09-07-2012 08:02 PM
tart FRST like you did in Step 1, once it starts do this,
Type the following in the edit box after "Search:" so it looks like this:
Click Search button and post the log it makes to your reply. Called search.txt
09-07-2012 09:39 PM
Download the script attached, needs to be the same file name as well (fixlist.txt), Copy across to flash drive
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Now please enter System Recovery Options again. Like previously