Rootkit redirect assistance request

[califlefty]

Thank you in advance it's driving me crazy!

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.03.19.05

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Owner :: ************ [administrator]

3/19/2012 4:00:57 PM

mbam-log-2012-03-19 (16-00-57).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 207574

Time elapsed: 16 minute(s), 47 second(s)

Memory Processes Detected: 1

C:\Documents and Settings\Owner\Application Data\comsrvr.exe (Trojan.Downloader) -> 1512 -> Delete on reboot.

Memory Modules Detected: 1

C:\WINDOWS\system32\Usb20Scan.dll (RootKit.0Access.H) -> Delete on reboot.

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|COMServer (Trojan.Downloader) -> Data: "C:\Documents and Settings\Owner\Application Data\comsrvr.exe" a -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 5

C:\WINDOWS\system32\Usb20Scan.dll (RootKit.0Access.H) -> Delete on reboot.

C:\WINDOWS\system32\i2omp.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.

C:\Documents and Settings\Owner\Local Settings\Temp\0.5672344951848936.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

C:\Documents and Settings\Owner\Local Settings\Temp\0.7229129778457822h7i.exe (Exploit.Drop.4) -> Quarantined and deleted successfully.

C:\Documents and Settings\Owner\Application Data\comsrvr.exe (Trojan.Downloader) -> Delete on reboot.

(end)

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24

Run by Owner at 17:24:02 on 2012-03-19

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2039.1589 [GMT -7:00]

.

AV: ZoneAlarm Extreme Security Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}

FW: ZoneAlarm Extreme Security Firewall *Disabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\system32\hpbpro.exe

C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\NMSSvc.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\WINDOWS\system32\hphmon06.exe

\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\wbem\wmiapsrv.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = hxxp://www.google.com/ie

uStart Page = hxxp://isearch.avg.com/?cid={F4076CA4-A0FA-480E-84F8-0937D96C5321}&mid=169f7e0ea40e47d0b75ed14eaf3fd073-78c8f3bf619c2dd533afb703b0cad604807d167b〈=en&ds=ft011&pr=sa&d=2012-03-19 11:46:38&v=10.2.0.3&sap=hp

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File

TB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

mRun: [Launch LGDCore] "c:\program files\common files\logitech\g-series software\LGDCore.exe" /SHOWHIDE

mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe

mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe

mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe

mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [HPHmon06] c:\windows\system32\hphmon06.exe

mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s

mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

mPolicies-system: EnableLUA = 0 (0x0)

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

LSP: mswsock.dll

DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://support.gateway.com/support/profiler/PCPitStop.CAB

DPF: {3E0D93BD-ABC6-4723-A70F-2A57D33C0186} - hxxp://www.alamy.com/uploader/alamy_uploader.cab

DPF: {511073AD-BE56-4D43-AE68-93390514385E} - hcp://system/TechTools.CAB

DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1286497519218

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1286546723375

DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab

DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} - hcp://system/RunExeActiveX.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} - hcp://system/StartFirstControl.CAB

DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} - hxxp://www.linksysfix.com/netcheck/67/install/gtdownls.cab

DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45}

DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

Notify: igfxcui - igfxsrvc.dll

Notify: NecUsb3Sevices - USB3Sw32.dll

Notify: rkpoirk - c:\documents and settings\networkservice\local settings\application data\rkpoirk.dll

Notify: USB3Sw32 - USB3Sw32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

LSA: Authentication Packages = msv1_0 relog_ap

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\taf47qko.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B0f42a1b7-ab3c-46cc-93b1-785227f3fe81%7D&mid=169f7e0ea40e47d0b75ed14eaf3fd073-78c8f3bf619c2dd533afb703b0cad604807d167b&ds=ft011&v=10.2.0.3〈=en&pr=sa&d=2012-03-19%2011%3A46%3A38&sap=ku&q=

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\nos\bin\np_gp.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

2 NecUsb3;USB3 Service

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver

R? LGVirHid;Logitech Gamepanel Virtual HID Device Driver

R? ngrpci;NETGEAR FA310TX Fast Ethernet Adapter Driver

R? nosGetPlusHelper;getPlus® Helper 3004

R? PCDRDRV;Pcdr Helper Driver

R? vsmon;TrueVector Internet Monitor

R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0

S? icsak;icsak

S? IntuitUpdateServiceV4;Intuit Update Service v4

S? ISWKL;ZoneAlarm ForceField ISWKL

S? IswSvc;ZoneAlarm ForceField IswSvc

S? kl1;kl1

S? KLIF;Kaspersky Lab Driver

S? vsdatant;vsdatant

.

=============== Created Last 30 ================

.

2012-03-19 21:47:04 388096 ----a-r- c:\documents and settings\owner\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-03-19 21:47:03 -------- d-----w- c:\program files\Trend Micro

2012-03-19 20:27:38 -------- d-----w- c:\documents and settings\owner\application data\MailFrontier

2012-03-19 20:18:56 72704 ----a-w- c:\windows\zllsputility.exe

2012-03-19 20:18:54 128016 ----a-w- c:\windows\system32\drivers\kl1.sys

2012-03-19 20:17:44 1238528 ----a-w- c:\windows\system32\zpeng25.dll

2012-03-19 20:17:43 -------- d-----w- c:\windows\system32\ZoneLabs

2012-03-19 20:17:39 -------- d-----w- c:\program files\Zone Labs

2012-03-19 20:03:18 -------- d-----w- c:\windows\Internet Logs

2012-03-19 19:39:14 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-19 18:55:30 -------- d-----w- c:\documents and settings\all users\application data\IObit

2012-03-19 18:55:20 -------- d-----w- c:\documents and settings\owner\application data\IObit

2012-03-19 18:55:08 -------- d-----w- c:\program files\IObit

2012-03-19 18:51:47 -------- d--h--w- c:\windows\PIF

2012-03-19 18:45:55 -------- d--h--w- c:\documents and settings\all users\application data\Common Files

2012-03-19 17:29:20 38400 ----a-w- c:\windows\system32\USB3Sw32.dll

2012-03-19 05:25:28 -------- d-----w- c:\program files\CheckPoint

2012-03-19 00:43:08 -------- dc-h--w- c:\windows\ie8

2012-03-15 23:40:11 0 --sha-w- c:\windows\system32\dds_trash_log.cmd

2012-03-15 23:36:12 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-03-15 23:36:12 -------- d-----w- c:\windows\system32\wbem\Repository

2012-02-27 20:17:44 -------- d-----w- c:\program files\TurboTax

.

==================== Find3M ====================

.

2012-03-19 19:40:34 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2012-03-04 17:12:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-02-12 21:48:47 106496 ----a-w- c:\windows\system32\ATL71.DLL

.

============= FINISH: 17:31:29.76 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 10/7/2010 1:22:53 PM

System Uptime: 3/19/2012 4:52:17 PM (1 hours ago)

.

Motherboard: Intel Corporation | | D845GRG

Processor: Intel® Pentium® 4 CPU 2.00GHz | J2E1 | 2000/100mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 75 GiB total, 44.564 GiB free.

D: is FIXED (NTFS) - 75 GiB total, 49.697 GiB free.

E: is CDROM ()

G: is Removable

I: is FIXED (NTFS) - 194 GiB total, 47.458 GiB free.

J: is FIXED (NTFS) - 39 GiB total, 38.856 GiB free.

.

==== Disabled Device Manager Items =============

.

==== Installed Programs ======================

.

.

Acronis True Image Home

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Creative Suite 2

Adobe Download Manager

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Help Center 1.0

Adobe Photoshop CS2

Adobe Reader X (10.1.2)

Adobe Stock Photos 1.0

AnswerWorks 5.0 English Runtime

Any Video Converter 3.3.4

Auslogics Disk Defrag

BabasChess

Capture NX 2

CCleaner

CombineZM

Compatibility Pack for the 2007 Office system

CueTour

Director

Distortion Control Data

Do More 6.0

Gateway Desktop Manager

Gateway Drivers and Applications Recovery

Gateway IE Customizations

Gateway Power Management

Gateway Rhapsody

GTW V.92 Voicemodem

HelpSpot

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB954550-v5)

HP Image Zone 4.0

HP Software Update

HPSystemDiagnostics

Intel® Extreme Graphics Driver

Intel® Network Connections Drivers

Intel® PROSet II

IrfanView (remove only)

iSEEK AnswerWorks English Runtime

Java Auto Updater

Java™ 6 Update 24

jZip

K-Lite Mega Codec Pack 6.2.0

Logitech G11 Keyboard Software 1.03

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Image Composite Editor

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office File Validation Add-In

Microsoft Office Small Business Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ Run Time Lib Setup

Microsoft Windows XP Video Decoder Checkup Utility

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_CRT_x86

Moyea PPT to Video Converter version 2.2.0.55

Mozilla Firefox 11.0 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NEF Codec

Nero 7 Essentials

neroxml

Nikon File Uploader 2

Nikon Message Center 2

Nikon Movie Editor

NTFS Undelete v0.94

OGA Notifier 2.0.0048.0

Overland

PC-Doctor for Windows

PhoneTools

Photosmart 320,370,7400,8100,8400 Series

Picture Control Utility

Polaroid Dust and Scratch Removal v1.0.0.15.2e

PS8400

PSPrinters06

PTGui Pro 7.2

PTLens

QFolder

Quicken 2011

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows XP (KB923789)

SilverFast Epson-SE 6.6.2r5

SkinsHP1

Suite Specific

TrayApp

TurboTax 2011

TurboTax 2011 wcaiper

TurboTax 2011 WinPerFedFormset

TurboTax 2011 WinPerReleaseEngine

TurboTax 2011 WinPerTaxSupport

TurboTax 2011 wrapper

Unload

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VC 9.0 Runtime

ViewNX 2

WebFldrs XP

WebReg

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows XP Service Pack 3

XNeat Windows Manager

ZoneAlarm Extreme Security

.

==== Event Viewer Messages From Past Week ========

.

3/19/2012 5:10:54 PM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.

3/19/2012 4:59:41 PM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/19/2012 4:59:40 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.

3/19/2012 4:58:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde

3/19/2012 4:58:44 PM, error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.

3/19/2012 4:56:40 PM, error: Service Control Manager [7023] - The FsRamDsk service terminated with the following error: The specified module could not be found.

3/19/2012 4:56:40 PM, error: Service Control Manager [7023] - The Dtsrvc service terminated with the following error: The specified module could not be found.

3/19/2012 4:54:35 PM, error: PSched [14105] - QoS [Adapter {0C4B1C24-B233-48D8-8D1B-A70B46E94243}]: The UpperBindings key is missing from the registry.

3/19/2012 4:51:04 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the USB3 Service service to connect.

3/19/2012 4:51:04 PM, error: Service Control Manager [7000] - The USB3 Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

3/19/2012 4:16:03 PM, error: Service Control Manager [7023] - The USB3 Service service terminated with the following error: The specified module could not be found.

3/19/2012 4:15:50 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

.

==== End Of File ===========================

[califlefty]

Just checking in to see if anyone ever responded to this help request, apparently not. I had to format my computer in order to resolve the issue, so a response at this point is rather pointless. I had supported this site financially in the past for assistance, but will do so no longer. Moderators feel free to delete this thread.

[MrCharlie]

Just checking in to see if anyone ever responded to this help request, apparently not. I had to format my computer in order to resolve the issue, so a response at this point is rather pointless. I had supported this site financially in the past for assistance, but will do so no longer. Moderators feel free to delete this thread.

This is a very unfair statement on your part.

You have to remember that we are all volunteers, that means we give up our free time to help you! We don't get paid to do this!!

We all have jobs, families and other responsibilities to attend to.

Most of us work on many forums and we do our best to help out everyone.

There's one problem though.....there's an overwhelming demand for help on ALL forums and sometimes we just can't keep up with it all and posts get missed, there's not enough of us to go around.

At the bottom of this topic it says:

If you've posted to the HJT forum and it has been over 5 days without a response please send a Private Message asking for assistance.

Click on my avatar picture > click Profile Feed and read what some of the people wrote who appreciate the time I gave them.

You had a "RootKit.0Access.H" infection and you chose the right course of action , format and reinstall, now you have a safe and secure computer.

What you wrote I take personally, I hope you reconsider your comments.

MrC

[LDTate]

We look for post with 0 replies, so when you replied to your own topic, we assumed you were being helped.