Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

services list and devices list almost empty

Status
Not open for further replies.
RDSKC

RDSKC

Technical User
Jun 3, 2002
28
US
We have an NT4.0 Server box that still serves a purpose. On our event viewer there are 2 errors of particular services not starting, no problem, we can disable the service. ( application has long since been removed) Anyway, when we checked the list of services, it only shows a few of the services, many of the basic services are no longer showing up, (sermouse, serial, etc.) though they are still listed in the registry. The devices list is also incomplete. I have no idea how long it has been this way, or why. We have scanned for virus, spyware, etc, and have no other issues that we know of. Is there a way to restore the lists?

Thank You!
 
Sort by date Sort by votes
When you say 'sermouse, serial' are missing from the services list, AFAIK they shouldn't be there, and belong in the devices list.

What are some of the 'basic' services/devices that seem to be missing?

The registry key for services lists the combination of the services and devices list.
 
Upvote 0 Downvote
Oooops, yes you are correct. Those are devices, but since my devices weren't showing up either I didn't remember.

I had only the first 8 services listed starting with Alerter and dhcp client are ones I know were there...

Eventlog, directory replicator, ftp, IIS, Messenger, DHCP Server and others were missing from the services...

Devices list showed only Atapi, Atdisk, Beep,... basically only the first 8 or so...

Anyway, I finally stumbled across what I think was a RootKit of some kind. As I work to delete it, my devices and services lists have repopulated.

I ran HiJackthis and found an unfamiliar file "pantable.exe" supposedly in my sys32\dllcache but when I went there through explorer it wasn't visible, in fact the folder appeared empty. Hijackthis couldn't fix, it would redetect it on the next scan. I tried to delete the sys32\dllcache folder, but it said it couldn't because it wasn't empty even though I couldnt see anything. Immediately after this, My Trend Micro OfficeScan popped up saying it found BKDR_HACKDEF.72.A in this location. Most of the utilities I have wouldnt work on NT, but finally I found "autoruns" which found that file, and I was able to delete it. then the sys32\dllcache folder was full of crap that I could see, and Trend Micro again went wild with more popups identifying different files in this same folder, I think I'm on the downhill side...

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bechna
  • Locked
  • Question
Windows Server and VPN Setup
Replies
1
Views
292
DrB0b
DrB0b
geneg28
  • Locked
  • Question
Active Directory and Linux Servers
Replies
0
Views
192
geneg28
geneg28
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
261
DrB0b
DrB0b
abm-support
  • Locked
  • Question
Essentials Server 2012 not showing users or devices
Replies
0
Views
210
abm-support
abm-support
kbryii
  • Locked
  • Question
AD and DHCP issue
Replies
1
Views
248
gbaughma
gbaughma

Part and Inventory Search

Sponsor

Back
Top