Antimalware Doctor + more

DDS (Ver_10-12-12.02) - NTFSx86
Run by Auser at 2:28:18.39 on Wed 12/29/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2012.1628 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\DKabcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RTDCPL.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\Guardian.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\getmac.exe
C:\Documents and Settings\Auser\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.choiceadvantage.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WhiteSmoke Toolbar: {52794457-af6c-4c50-9def-f2e24f4c8889} - c:\program files\whitesmoketoolbar\whitesmoketoolbarX.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {52794457-af6c-4c50-9def-f2e24f4c8889} - c:\program files\whitesmoketoolbar\whitesmoketoolbarX.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\auser\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTDCPL.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\bam\mabm.exe" /runcleanupscript
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {7451D317-862C-45DA-8C28-1B21ADF95877} - hxxp://208.57.191.182/WebViewS.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {DCBF889B-422B-4AA0-9914-D5045A103758} - hxxp://208.57.191.182/WebRPB.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R2 dkab_device;dkab_device;c:\windows\system32\dkabcoms.exe -service --> c:\windows\system32\DKabcoms.exe -service [?]
R2 TheGuardianService;TheGuardian;c:\windows\system32\Guardian.exe [2010-11-18 57344]
R3 CmtlPort;Comtrol Serial Port;c:\windows\system32\drivers\rp2cport.sys [2009-11-9 112128]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [2010-2-23 209960]
R3 RcktPort;Comtrol RocketPort Infinity;c:\windows\system32\drivers\rp2.sys [2009-10-15 33792]
S0 cerc6;cerc6; [x]
S0 sshtrc;sshtrc; [x]
S0 xvrsxcb;xvrsxcb;c:\windows\system32\drivers\uvqhyj.sys --> c:\windows\system32\drivers\uvqhyj.sys [?]

=============== Created Last 30 ================

2010-12-29 09:31:47 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-29 09:31:43 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-29 09:31:43 -------- d-----w- c:\program files\bam
2010-12-29 09:22:14 -------- d-----w- c:\docume~1\auser\applic~1\Malwarebytes
2010-12-29 09:22:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-29 08:55:16 -------- d-----w- c:\docume~1\auser\applic~1\whitesmoketoolbar
2010-12-29 08:15:20 -------- d-----w- c:\program files\whitesmoketoolbar
2010-12-29 08:14:51 -------- d-----w- c:\windows\system32\%APPDATA%
2010-12-29 03:47:12 30000 ----a-w- c:\windows\system32\scyiks.dll
2010-12-29 03:47:12 30000 ----a-w- c:\windows\system32\mh8v69.dll
2010-12-29 03:46:49 -------- d-----w- c:\docume~1\auser\locals~1\applic~1\SanctionedMedia
2010-12-29 03:46:28 -------- d-----w- c:\docume~1\auser\applic~1\906E878B6DFFA6D3AC6CA83AC93BDF64
2010-12-21 12:47:55 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-12-21 12:47:55 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-12-21 12:47:54 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-12-21 12:47:54 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-12-21 12:47:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-12-21 12:47:47 -------- d-----w- c:\windows\Logs
2010-12-08 09:29:19 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-08 09:29:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-07 08:43:05 -------- d-----w- c:\program files\GRETECH
2010-12-06 08:06:19 -------- d-----w- c:\windows\system32\appmgmt
2010-12-05 08:06:01 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2010-12-05 07:46:23 -------- d--h--w- c:\windows\system32\1039
2010-12-04 07:26:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-17 21:01:46 344064 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34:11 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34:11 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34:11 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:25:53 389120 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HD161GJ rev.1AC01122 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89D64555]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x89d6a7b0]; MOV EAX, [0x89d6a82c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x89D79AB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x89E1EC20]
\Driver\atapi[0x89E14030] -> IRP_MJ_CREATE -> 0x89D64555
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskSAMSUNG_HD161GJ_________________________1AC01122#5&125555f1&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x89D6439B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !

============= FINISH: 2:29:13.70 ===============
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/23/2010 10:05:48 AM
System Uptime: 12/29/2010 2:24:27 AM (0 hours ago)

Motherboard: Dell Inc. | | 0HN7XN
Processor: Intel Pentium III Xeon processor | CPU | 2693/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 116.057 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 12/28/2010 7:57:36 PM - System Checkpoint

==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.1
Broadcom NetXtreme-I Netlink Driver and Management Installer
Comtrol Corporation
Dell Printer Software Uninstall
ERUNT 1.1j
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Standard for Students and Teachers
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7

==== Event Viewer Messages From Past Week ========

12/29/2010 12:59:53 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/29/2010 12:59:03 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/29/2010 12:59:00 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/29/2010 1:38:05 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
12/29/2010 1:08:44 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
12/29/2010 1:00:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/28/2010 8:12:31 PM, error: Service Control Manager [7022] - The Server service hung on starting.
12/28/2010 8:12:31 PM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state.
12/28/2010 7:47:45 PM, error: Service Control Manager [7000] - The Microsoft Kernel Acoustic Echo Canceller service failed to start due to the following error: A device attached to the system is not functioning.
12/27/2010 1:21:53 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer CA596-2 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{352F1033-F0A0-485B-9. The master browser is stopping or an election is being forced.

==== End Of File ===========================
 
Hello bob200 :),

The logs are the same as the previous. Maybe I did not word the instructions properly.

Please rerun DDS and post back a new DDS.txt.
 
Sorry about that. I did a new DDS scan but I must have copy-pasted the old log.

Im still switching back from normal mode to run the program and safe mode to post it.




DDS (Ver_10-12-12.02) - NTFSx86
Run by Auser at 6:47:00.29 on Sun 01/02/2011
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2012.1671 [GMT -8:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\WgaTray.exe
svchost.exe
C:\WINDOWS\system32\DKabcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\Guardian.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\java.exe
C:\WINDOWS\system32\getmac.exe
C:\Documents and Settings\Auser\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.choiceadvantage.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\auser\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [modset70700update.exe] c:\documents and settings\auser\application data\906e878b6dffa6d3ac6ca83ac93bdf64\modset70700update.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTDCPL.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\wee.exe" /runcleanupscript
mRun: [combofix] "c:\combofix\cf30113.cfxxe" /c "c:\combofix\C.bat"
mRunOnce: [combofix] "c:\combofix\cf30113.cfxxe" /c "c:\combofix\C.bat"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {7451D317-862C-45DA-8C28-1B21ADF95877} - hxxp://208.57.191.182/WebViewS.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {DCBF889B-422B-4AA0-9914-D5045A103758} - hxxp://208.57.191.182/WebRPB.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R2 dkab_device;dkab_device;c:\windows\system32\dkabcoms.exe -service --> c:\windows\system32\DKabcoms.exe -service [?]
R2 TheGuardianService;TheGuardian;c:\windows\system32\Guardian.exe [2010-11-18 57344]
R3 CmtlPort;Comtrol Serial Port;c:\windows\system32\drivers\rp2cport.sys [2009-11-9 112128]
R3 k57w2k;Broadcom NetLink (TM) Gigabit Ethernet;c:\windows\system32\drivers\k57xp32.sys [2010-2-23 209960]
R3 RcktPort;Comtrol RocketPort Infinity;c:\windows\system32\drivers\rp2.sys [2009-10-15 33792]
S0 cerc6;cerc6; [x]
S0 cjglq;cjglq;c:\windows\system32\drivers\vwkaailq.sys --> c:\windows\system32\drivers\vwkaailq.sys [?]
S0 sshtrc;sshtrc; [x]

=============== Created Last 30 ================

2011-01-02 12:37:35 17664 ----a-w- c:\windows\system32\drivers\sermouse.sys
2011-01-02 12:15:22 -------- d-sha-r- C:\cmdcons
2011-01-02 12:13:34 98816 ----a-w- c:\windows\sed.exe
2011-01-02 12:13:34 89088 ----a-w- c:\windows\MBR.exe
2011-01-02 12:13:34 256512 ----a-w- c:\windows\PEV.exe
2011-01-02 12:13:34 161792 ----a-w- c:\windows\SWREG.exe
2011-01-02 12:13:16 -------- d-s---w- C:\ComboFix
2011-01-02 08:20:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-02 08:20:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-02 08:20:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-01 07:45:04 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-01-01 07:45:01 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-01-01 07:45:01 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-01-01 07:43:57 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2011-01-01 07:42:57 794399 -c--a-w- c:\windows\system32\dllcache\usr1806v.sys
2011-01-01 07:41:57 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2011-01-01 07:40:58 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2011-01-01 07:39:56 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2011-01-01 07:38:56 28160 -c--a-w- c:\windows\system32\dllcache\sm91w.dll
2011-01-01 07:37:57 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2011-01-01 07:36:58 166720 -c--a-w- c:\windows\system32\dllcache\s3m.sys
2011-01-01 07:35:58 45312 -c--a-w- c:\windows\system32\dllcache\ql12160.sys
2011-01-01 07:34:59 169984 -c--a-w- c:\windows\system32\dllcache\pcx500.sys
2011-01-01 07:33:58 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2011-01-01 07:32:58 7168 -c--a-w- c:\windows\system32\dllcache\mxport.dll
2011-01-01 07:31:57 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2011-01-01 07:30:46 26624 -c--a-w- c:\windows\system32\dllcache\irstusb.sys
2011-01-01 07:29:59 91136 -c--a-w- c:\windows\system32\dllcache\icam4com.dll
2011-01-01 07:28:59 19456 -c--a-w- c:\windows\system32\dllcache\hr1w.dll
2011-01-01 07:27:57 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2011-01-01 07:26:59 114944 -c--a-w- c:\windows\system32\dllcache\epstw2k.sys
2011-01-01 07:25:59 131156 -c--a-w- c:\windows\system32\dllcache\digidbp.dll
2011-01-01 07:24:59 27164 -c--a-w- c:\windows\system32\dllcache\ce3n5.sys
2011-01-01 07:23:59 36463 -c--a-w- c:\windows\system32\dllcache\ati1tuxx.sys
2010-12-31 07:50:53 81410 ----a-w- c:\docume~1\alluse~1\applic~1\wKWswWK6.exe
2010-12-30 09:07:52 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-12-30 09:07:52 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-30 09:07:39 -------- d-----w- c:\docume~1\auser\applic~1\906E878B6DFFA6D3AC6CA83AC93BDF64
2010-12-29 12:55:18 -------- d-----w- c:\windows\pss
2010-12-29 11:13:20 -------- d-----w- c:\docume~1\auser\applic~1\SUPERAntiSpyware.com
2010-12-29 11:02:20 -------- d-----w- c:\program files\SUPERAntiSpyware(2)
2010-12-29 09:31:43 -------- d-----w- c:\program files\bam
2010-12-29 09:22:14 -------- d-----w- c:\docume~1\auser\applic~1\Malwarebytes
2010-12-29 09:22:09 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-12-29 08:55:16 -------- d-----w- c:\docume~1\auser\applic~1\whitesmoketoolbar(2)
2010-12-29 08:15:20 -------- d-----w- c:\program files\whitesmoketoolbar(2)
2010-12-29 08:14:51 -------- d-----w- c:\windows\system32\%APPDATA%
2010-12-29 03:47:28 21284 ---h--w- c:\windows\winamp.exe
2010-12-29 03:47:26 21284 ---h--w- c:\windows\hexdump.exe
2010-12-29 03:47:21 21284 ---h--w- c:\windows\spoolsv.exe
2010-12-29 03:47:20 21284 ---h--w- c:\windows\taskmgr.exe
2010-12-29 03:47:12 30000 ----a-w- c:\windows\system32\mh8v69.dll
2010-12-29 03:46:49 -------- d-----w- c:\docume~1\auser\locals~1\applic~1\SanctionedMedia
2010-12-21 12:47:55 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-12-21 12:47:55 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-12-21 12:47:54 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-12-21 12:47:54 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-12-21 12:47:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-12-21 12:47:47 -------- d-----w- c:\windows\Logs
2010-12-08 09:29:19 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-08 09:29:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-12-07 08:43:05 -------- d-----w- c:\program files\GRETECH
2010-12-06 08:06:19 -------- d-----w- c:\windows\system32\appmgmt
2010-12-05 08:06:01 -------- d-----w- c:\program files\common files\Blizzard Entertainment
2010-12-05 07:46:23 -------- d--h--w- c:\windows\system32\1039
2010-12-04 07:26:03 -------- d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-17 21:01:46 344064 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-06 00:34:12 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34:11 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34:11 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34:11 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:25:53 389120 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HD161GJ rev.1AC01122 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x89D89555]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x89d8f7b0]; MOV EAX, [0x89d8f82c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x89E14AB8]
3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x89D9E030]
\Driver\atapi[0x89E09F38] -> IRP_MJ_CREATE -> 0x89D89555
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskSAMSUNG_HD161GJ_________________________1AC01122#5&125555f1&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x89D8939B
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !

============= FINISH: 6:48:19.95 ===============
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/23/2010 10:05:48 AM
System Uptime: 1/2/2011 6:45:35 AM (0 hours ago)

Motherboard: Dell Inc. | | 0HN7XN
Processor: Intel Pentium III Xeon processor | CPU | 2693/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 114.915 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 12/28/2010 7:57:36 PM - System Checkpoint
RP2: 12/29/2010 3:19:02 PM - Restore Operation
RP3: 12/30/2010 1:07:08 AM - Restore Operation
RP4: 1/2/2011 4:13:52 AM - ComboFix created restore point

==== Installed Programs ======================

Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.1
Broadcom NetXtreme-I Netlink Driver and Management Installer
Comtrol Corporation
Dell Printer Software Uninstall
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 22
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Standard for Students and Teachers
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Spybot - Search & Destroy
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7

==== Event Viewer Messages From Past Week ========

12/31/2010 11:45:05 PM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully.
12/31/2010 11:44:19 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\winzm.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\winsp.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\winpy.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\winime.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:16 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wingb.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:16 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\winar30.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\drivers\weitekp9.sys could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:44:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\weitekp9.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\wamreg.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\wamps.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\wam.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:38 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\w3svc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:37 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\w3svapi.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:37 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\w3ctrs.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:37 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\w3ext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:36 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\w32.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:29 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\voicesub.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:43:29 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\voicepad.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:42:45 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\uniime.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:42:44 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\unicdime.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:42:11 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\uihelper.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:42:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\tsprof.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:41:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\tools.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:41:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ime\tintlgnt\tmigrate.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:41:22 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\tintlgnt.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:41:21 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\thawbrkr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:40:24 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\svcext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:40:12 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\status.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:40:11 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\sspifilt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:40:10 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\ssinc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:40:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\srusbusd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:37 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\softkey.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:33 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\snprfdll.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:33 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\snmptrap.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:32 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmpthrd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:32 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmpstup.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmpsmir.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmpincl.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\snmpmib.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:30 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmpcl.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:30 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\snmp.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:29 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\smtpctrs.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:29 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\smtpsvc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:28 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\smtpapi.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmp\smimsgif.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:24 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmp\smierrsy.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:24 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmp\smierrsm.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:21 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wbem\snmp\smi2smir.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:09 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\smb6w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sma3w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm9aw.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:39:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm93w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm92w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:56 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm90w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm8dw.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm8cw.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm8aw.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm89w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm87w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm81w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\sm59w.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:38:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\simptcp.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:37:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\seos.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:37:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\seo.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:37:47 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\scripto.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\rwnh.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:49 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\rwia330.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:49 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\rwia001.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:47 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\rw330ext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:47 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\rw001ext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:34 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\rpcref.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:33 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\romanime.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:25 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\regtrace.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:25 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\register.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\drivers\ramdisk.sys could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:08 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\quser.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\quick.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:36:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\query.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\pwsdata.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:28 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\pmxviceo.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:28 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\pmxmcro.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\pmxgl.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ime\pintlgnt\pmigrate.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ime\pintlgnt\pintlphr.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\pintlgnt.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:26 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chsime\applets\pintlcsd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:26 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chsime\applets\pintlcsa.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:22 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\phon.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:35:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\permchk.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:34:44 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\pagecnt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:34:43 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\res\padrs804.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:34:43 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\res\padrs412.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:34:43 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\res\padrs411.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:34:42 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\res\padrs404.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:33:51 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\ntfsdrv.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:33:45 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\nsepm.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:33:36 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\nextlink.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:50 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\multibox.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:46 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\mtstocom.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:32 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\msiregmv.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\msir3jp.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\com\migregdb.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\migisol.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\mga.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:32:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\metadata.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\mdsync.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\md5filt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:49 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\mailmsg.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:29 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\lprmon.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:28 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\lpdsvc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\lonsint.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:25 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\logscrpt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\lmmib2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\korwbrkr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdurdu.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdth3.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdth2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdth1.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdth0.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdsyr2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:31:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdsyr1.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdlk41j.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdlk41a.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdintel.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdintam.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdinpun.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdinmar.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:57 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdinkan.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:57 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdinhin.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:57 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdinguj.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:56 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdindev.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:56 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdibm02.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdheb.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdfa.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbddiv2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbddiv1.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbdax2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbda3.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:51 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbda2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:51 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbda1.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:51 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbd106n.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:50 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\kbd101.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:50 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\jupiw.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:49 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iwrps.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:48 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iscomlog.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:48 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\isapips.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:39 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iprip.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\infoctrs.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\infocomm.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\inetinfo.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:25 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\imskf.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:24 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\imlang.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:24 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\imskdic.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:23 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\imjputyc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:22 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\imjpdct.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
 
12/31/2010 11:30:21 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\imjpcus.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:21 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\imjpcic.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\imjp81k.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\imjp81.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:20 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\shared\imepadsm.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:19 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\imekr61.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:19 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imkr6_1\imekrcic.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:19 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imkr6_1\applets\imekrmbx.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iissync.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iismui.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iislog.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iisfecnv.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iiscrmap.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iisclex4.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:16 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iischema.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:30:16 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iisadmin.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:39 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imkr6_1\applets\hwxkor.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:37 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imjp8_1\applets\hwxjpn.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:34 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chtime\applets\hwxcht.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:32 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\httpodbc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\httpmib.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:29:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\httpext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:30 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\hostmib.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:21 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\imkr6_1\dicts\hanjadic.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\gzip.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsxp32.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxswzrd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsui.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxstiff.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxst30.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxssvc.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsst.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxssend.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsroute.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsres.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsperf.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsmon.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsext32.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsevent.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsdrv.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxscover.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxscomex.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxscom.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsclntr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsclnt.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:28:00 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxscfgwz.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fxsapi.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\ftpsvc2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\ftpmib.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:54 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ftpctrs2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ftlx041e.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:45 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\flattemp.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:38 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\fcachdll.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:34 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\f3ahvoas.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:31 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\exstrace.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:30 PM, information: Windows File Protection [64020] - Windows File Protection scan found that the system file c:\windows\explorer.exe has a bad signature. This file was restored to the original version to maintain system stability. The file version of the system file is 0.0.0.1.
12/31/2010 11:27:30 PM, information: Windows File Protection [64004] - The protected system file c:\windows\explorer.exe could not be restored to its original, valid version. The file version of the bad file is 0.0.0.1 The specific error code is 0x800b0100 [No signature was present in the subject. ].
12/31/2010 11:27:27 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\evntwin.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\evntcmd.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:26 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\evntagnt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:25 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\esunid.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:22 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\esuimgd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:27:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\esucmd.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:26:35 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\edb500.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:44 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\davcdata.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:44 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\dayi.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:21 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\cprofile.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\counters.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:18 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\convlog.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:17 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\controt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:16 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\compfilt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:08 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\cintlgnt.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ime\cintlgnt\cintime.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:06 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chtime\applets\chtskf.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:06 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chtime\applets\chtskdic.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chtbrkr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chsbrkr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:05 PM, information: Windows File Protection [64021] - The system file c:\windows\ime\chtime\applets\chtmbx.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chgusr.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chgport.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:03 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chglogon.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:02 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\change.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:25:01 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\chajei.ime could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:24:49 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\c_iscii.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:24:48 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\c_is2022.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:24:48 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\c_g18030.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:24:33 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\browscap.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:24:19 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\authfilt.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\asptxn.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\asp.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:55 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\aspperf.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\aqueue.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:53 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\aqadmin.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:52 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\appconf.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:48 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt0804.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:47 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt0412.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:47 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt0411.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:46 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt040d.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:46 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt0404.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:46 PM, information: Windows File Protection [64021] - The system file c:\windows\msagent\intl\agt0401.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:39 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\adrot.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:39 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\adsiisex.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:38 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\admxprox.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:37 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\admexs.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:23 PM, information: Windows File Protection [64004] - The protected system file c:\windows\system32\winlogon.exe could not be restored to its original, valid version. The file version of the bad file is 5.1.2600.5512 The specific error code is 0x800b0100 [No signature was present in the subject. ].
12/31/2010 11:23:22 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\wamregps.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:22 PM, information: Windows File Protection [64020] - Windows File Protection scan found that the system file c:\windows\system32\winlogon.exe has a bad signature. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
12/31/2010 11:23:21 PM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\bin\1033\tcptsat.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\staxmem.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:20 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\smtpsnap.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:19 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\smtpadm.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:08 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\logui.ocx could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\infoadmn.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:07 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\isatq.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\inetmgr.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\inetmgr.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iisui.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:06 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsloc.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\iisrstas.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iisrtl.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:05 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iisrstap.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iisreset.exe could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iismap.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\iisext.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:04 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\ftpsapi2.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:23:03 PM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\bin\1033\fpmmcsat.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\coadmin.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:59 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\cnfgprts.ocx could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\certwiz.ocx could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:58 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\certmap.ocx could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:56 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\adsiis.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/31/2010 11:22:56 PM, information: Windows File Protection [64021] - The system file c:\windows\system32\admwprox.dll could not be copied into the DLL cache. The specific error code is 0x800b0100 [No signature was present in the subject. ]. This file is necessary to maintain system stability.
12/30/2010 12:50:17 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/30/2010 12:18:51 AM, information: Windows File Protection [64004] - The protected system file explorer.exe could not be restored to its original, valid version. The file version of the bad file is 0.0.0.1 The specific error code is 0x00000426 [The service has not been started. ].
12/29/2010 8:26:09 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/29/2010 6:59:37 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/29/2010 5:36:16 PM, error: Service Control Manager [7034] - The TheGuardian service terminated unexpectedly. It has done this 1 time(s).
12/29/2010 5:36:16 PM, error: Service Control Manager [7034] - The dkab_device service terminated unexpectedly. It has done this 1 time(s).
12/29/2010 4:44:58 AM, information: Windows File Protection [64018] - Windows File Protection file scan was cancelled by user interaction, user name is Auser.
12/29/2010 4:44:57 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\coadmin.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:56 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\cnfgprts.ocx could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:55 AM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\bin\cfgwiz.exe could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:53 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\certwiz.ocx could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:51 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\inetsrv\certmap.ocx could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:50 AM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\_vti_bin\_vti_aut\author.exe could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:48 AM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\isapi\_vti_aut\author.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:46 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\adsiis.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:45 AM, information: Windows File Protection [64021] - The system file c:\windows\system32\admwprox.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:43 AM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\_vti_bin\_vti_adm\admin.exe could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:39 AM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\isapi\_vti_adm\admin.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability.
12/29/2010 4:44:14 AM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
12/29/2010 4:24:26 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
12/29/2010 3:46:23 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm SASDIFSV SASKUTIL
12/29/2010 3:45:05 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/29/2010 3:12:33 AM, error: Service Control Manager [7022] - The Server service hung on starting.
12/29/2010 3:12:33 AM, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: After starting, the service hung in a start-pending state.
12/29/2010 2:34:44 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips intelppm
12/29/2010 12:59:53 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:53 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/29/2010 12:59:00 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12/29/2010 1:38:05 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
12/29/2010 1:04:34 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12/29/2010 1:00:04 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/28/2010 7:47:45 PM, error: Service Control Manager [7000] - The Microsoft Kernel Acoustic Echo Canceller service failed to start due to the following error: A device attached to the system is not functioning.
12/27/2010 1:21:53 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer CA596-2 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{352F1033-F0A0-485B-9. The master browser is stopping or an election is being forced.

==== End Of File ===========================
 
I'm going to be leaving in a few minutes, going out of town for a couple days. I won't be back at this computer probably until tuesday night PST.

Thank you so much for the help so far, I hope this thread won't be closed. You can leave further instructions for me here and I'll get back as soon as possible or if you'd prefer I can post here when I'm back at the computer.
 
Hello bob200 :),

I'm going to be leaving in a few minutes, going out of town for a couple days. I won't be back at this computer probably until tuesday night PST.
Click to expand...
Thanks for informing. No rush.

The Windows restore must have reactivated all the infections.

Please delete the copy of ComboFix that you have and download a fresh copy. Then run it and post back the log.

Link 1
Link 2

--------------------

I want you to update MBAM and run a scan.
  • Open MBAM and click on the Update tab, then Check for Updates.
  • When completed, go to back to the Scanner tab and select Perform full scan. Click Scan.
  • Leave the default options as it is and click on Start Scan.
  • If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process.
  • When done, you will be prompted. Click OK, then click on Show Results.
  • Check (tick) all items except items in the C:\System Volume Information folder and click on Remove Selected.
  • After it has removed the items, a log in Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware. If you receive an (Error Loading) error on reboot, please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it returns on future reboots.

--------------------

Please post back:
1. the ComboFix log
2. MBAM report
 
I'm back. Thank you so much for your patience.

Going to try downloading a new combofix and mbam again. I had deleted and re-downloaded combofix a couple times already and they hadn't worked. If it still doesn't work, can I run it in safe mode?

Since I still only have website access in safe mode, could you specify if programs you want me to use can be used in safe mode or normal mode only? Thank you.

trying combo/mbam now...
 
Combofix gave me the same problem.

I deleted the old combofix.exe off the desktop and the combofix folder from c:\, then downloaded a new one from your link.

Then restarted in normal mode. Started combofix. The loading bar poped up, and filled up, then dissapeared and nothing happened.

Several minutes later of nothing happening, I tried to start combofix again, and it gave me the error messaging saying my copy of combofix was corrupt.

So I went on to mbam. I started mbam, and was prompted to update because it was more than 15 days old. I updated (from normal mode), and mbam started fine. I selected Full Scan and started.

The scan started but when it says "Enumerating registry objects prior to scan" it would free up. I left it like that for several minutes but nothing happened. In the task manager it's listed as "Not Responding". I shut it down and tried again. Same problem, it would lock up at "Enumerating registry objects prior to scan".

I tried renaming mbam.exe and that didn't help. I had this issue last week with the update. Which is why I didn't update mbam this time. Last week when I tried scanning with the updated mbam I would get this same problem.

On a side note:
Every time I start up in safe mode, the command prompt flashes on for a fraction of a second, with 1 line of text. I couldn't read what it said because it goes on and off so fast. But after sooo many times starting in safe mode I'm peicing it together.

It says somethign about "explorer.exe blah blah blah blah blah fit in memory."

Not sure what that means.

awaiting further instruction.
 
Hello bob200 :),

Lets take it one at a time. For ComboFix, please delete the copy you have, download it again and save it as bobCF.exe. Try running it. Please do not delete any other files or folders that I did not ask you to.

If that does not work, move the file to the root of the drive, C:\ and try again.

If both do not yield any result, then do it in Safe Mode. Let me know which step worked for you.

Since I still only have website access in safe mode, could you specify if programs you want me to use can be used in safe mode or normal mode only?
Click to expand...
Generally, please run the tools in Normal Mode first. If you encounter problems, come back to me with details so that I can evaluate the situation and recommend to you the next best step.
 
I downloaded and saved it as BobCF.exe

Started the program. Loading bar filled up. The mouse hourglass started up and was blinking on and off for several seconds (more activity than any of the previous attempts). Then an End Program promp came up, which was for "C:\32788R22FWJFW\License\iexplore.exe" , the promp dissapeared right away before I could click on anything.

Then combofix stopped, nothing else happened. Tried starting it again, same Corrupt error message.

Going to try saving it to C:\ now, will post back with results.

side note: "Explorer.exe too big to fit in memory" is the command propt message I get when starting in safe mode, I believe that's what it says.
 
Downloaded combofix as BobCF.exe and saved it to C:\

Ran program, loading bar started and filled. The hourglass on my mouse started blinking on and off for a few seconds then stopped. Nothing else happened for several minutes. Tried starting it again, same Corrupt message.

Also, since I have to do everything from the Task Manager, I'm noticing processes that I hadn't noticed before. Namely;
wKWswWK6.exe
wKWswWK6.exe
wKWswWK6.exe
pev.exe

Dunno where they came from, just hadn't noticed them before.

Going to try saving Combofix as is, on desktop, and running in safe mode. Will post back with results.
 
Downloaded Combofix and ran it in safe mode.

Combofix started normally, and the scan started. It prompted me that it found a rootkit TLD3 infection and that it would take some time. I clicked Ok.

Then it said that a rootkit infection had been found and needed to restart. I clicked Ok, and the computer restarted.

After the restart, nothing happened. Combofix didn't start back up, nothing was going on.

There is no Combofix.txt log anywhere that I can find. This was the same result as the first Combofix I tried, with Combofix needing to restart then nothing happening after it boots back up.

Awaiting further instruction.
 
Hello bob200 :),

Is Spybot's Teatimer active when you run ComboFix? It should be disabled during any of our fixes. How long did you wait before you conclude that nothing is happening after running ComboFix?

We need to disable Spybot S&D's Teatimer real-time protection temporarily as it will interfere with the fix. Please minimize going online when your security softwares are disabled or not active.

First step:
  • Right click the Spybot icon that looks like a blue/white calendar with a padlock symbol in the System Tray (lower right corner where the clock is situated).
  • For version 1.6, the steps are similar to either one of the below.
  • If you have version 1.5, click once on Resident Protection, then right click the Spybot icon again and make sure Resident Protection is now unchecked (unticked). The Spybot icon should now be colorless.
  • If you have Version 1.4, click on Exit Spybot S&D Resident.
Second step, for either version:
  • Open Spybot S&D.
  • Click Mode, choose Advanced Mode.
  • Go to the bottom of the vertical panel on the left, click Tools.
  • Then, also in left panel, click on Resident that shows a red/white shield.
  • If your firewall raises a question, say OK.
  • In the Resident protection status frame, uncheck the box labeled Resident "Tea-Timer"(Protection of over-all system settings) active.
  • OK any prompts.
  • Exit Spybot S&D and reboot your machine for the changes to take effect.
Remember to enable it after the fix.

--------------------

Please download TDSSKiller© from Kaspersky and save it to your desktop. Click here.
  • Alternatively, you may get the zip version and extract the file to the desktop.
  • Double click on TDSSKiller.exe to execute it.
  • Press Start scan to begin.
  • If any malicious objects are found, the default action will be Cure. If any suspicious objects are found, the default action will be Skip. In case Cure is not an option, please select Skip only.
  • Then click on Continue at the lower right corner.
  • You may be prompted to reboot your computer, please consent.
  • Once complete, a log will be produced at C:\. It will be named TDSSKiller.Version_Date_Time_log.txt, for example, C:\TDSSKiller.2.4.12.0_26.12.2010_23.12.11_log.txt.
  • Please post the contents of this log.

--------------------

Please post back:
1. TDSSKiller log
 
Last edited:
Downloaded TDSSKiller, restarted in Normal mode.

Ran TDSSKiller.

It found a problem and asked for a reboot. I complied. After the reboot nothing happened, not sure if the program was supposed to start up again or not. It did produce a log though.


2011/01/05 02:29:46.0406 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/05 02:29:46.0406 ================================================================================
2011/01/05 02:29:46.0406 SystemInfo:
2011/01/05 02:29:46.0406
2011/01/05 02:29:46.0406 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/05 02:29:46.0406 Product type: Workstation
2011/01/05 02:29:46.0406 ComputerName: CA596-1
2011/01/05 02:29:46.0406 UserName: Auser
2011/01/05 02:29:46.0406 Windows directory: C:\WINDOWS
2011/01/05 02:29:46.0406 System windows directory: C:\WINDOWS
2011/01/05 02:29:46.0406 Processor architecture: Intel x86
2011/01/05 02:29:46.0406 Number of processors: 2
2011/01/05 02:29:46.0406 Page size: 0x1000
2011/01/05 02:29:46.0406 Boot type: Normal boot
2011/01/05 02:29:46.0406 ================================================================================
2011/01/05 02:29:46.0671 Initialize success
2011/01/05 02:29:53.0125 ================================================================================
2011/01/05 02:29:53.0125 Scan started
2011/01/05 02:29:53.0125 Mode: Manual;
2011/01/05 02:29:53.0125 ================================================================================
2011/01/05 02:29:54.0578 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/05 02:29:54.0609 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/01/05 02:29:54.0656 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/05 02:29:54.0718 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/05 02:29:54.0843 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/05 02:29:54.0890 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/05 02:29:54.0906 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/05 02:29:54.0937 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/05 02:29:54.0968 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/05 02:29:54.0984 Blfp (3edae8e7b40257da798c6952edb26eb0) C:\WINDOWS\system32\DRIVERS\baspxp32.sys
2011/01/05 02:29:55.0093 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/05 02:29:55.0109 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/05 02:29:55.0125 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/05 02:29:55.0171 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/05 02:29:55.0250 CmtlPort (3701c1eec3f75dc764a8148e8f35c69f) C:\WINDOWS\system32\DRIVERS\rp2cport.sys
2011/01/05 02:29:55.0328 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/05 02:29:55.0375 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/05 02:29:55.0437 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/05 02:29:55.0484 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/05 02:29:55.0515 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/05 02:29:55.0546 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/05 02:29:55.0578 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/05 02:29:55.0593 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/05 02:29:55.0625 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/05 02:29:55.0640 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/05 02:29:55.0671 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/01/05 02:29:55.0703 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/05 02:29:55.0750 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/05 02:29:55.0781 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/05 02:29:55.0796 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/05 02:29:55.0828 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/05 02:29:55.0890 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/05 02:29:55.0937 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/01/05 02:29:56.0062 ialm (a01bb8da8d73bca83702a4cf1cd56dce) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/01/05 02:29:56.0265 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/05 02:29:56.0390 IntcAzAudAddService (1660e885a2bac0cdd877aadae2d23479) C:\WINDOWS\system32\drivers\RtDHDAud.sys
2011/01/05 02:29:56.0531 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/05 02:29:56.0578 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/01/05 02:29:56.0609 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/05 02:29:56.0609 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/05 02:29:56.0640 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/05 02:29:56.0671 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/05 02:29:56.0718 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/05 02:29:56.0718 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/05 02:29:56.0765 k57w2k (997190701bd80dd0f4412ed202cc7816) C:\WINDOWS\system32\DRIVERS\k57xp32.sys
2011/01/05 02:29:56.0812 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/05 02:29:56.0859 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/05 02:29:56.0906 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/05 02:29:56.0921 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/05 02:29:56.0984 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/05 02:29:57.0015 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/05 02:29:57.0031 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/05 02:29:57.0046 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/01/05 02:29:57.0078 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/05 02:29:57.0109 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/05 02:29:57.0156 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/05 02:29:57.0203 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/05 02:29:57.0250 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/05 02:29:57.0281 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/05 02:29:57.0281 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/05 02:29:57.0328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/05 02:29:57.0359 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/05 02:29:57.0421 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/05 02:29:57.0453 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/05 02:29:57.0484 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/05 02:29:57.0500 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/05 02:29:57.0546 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/05 02:29:57.0578 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/05 02:29:57.0593 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/05 02:29:57.0656 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/05 02:29:57.0703 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/05 02:29:57.0734 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/05 02:29:57.0781 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/05 02:29:57.0781 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/05 02:29:57.0812 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/05 02:29:57.0890 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/05 02:29:57.0906 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/05 02:29:57.0937 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/05 02:29:57.0984 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/05 02:29:58.0015 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/05 02:29:58.0109 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/05 02:29:58.0125 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/05 02:29:58.0156 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/05 02:29:58.0218 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/05 02:29:58.0250 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/05 02:29:58.0250 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/05 02:29:58.0265 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/05 02:29:58.0312 RcktPort (c9abee5fcfbe24205e70bb27de18ebf9) C:\WINDOWS\system32\DRIVERS\rp2.sys
2011/01/05 02:29:58.0343 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/05 02:29:58.0375 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/05 02:29:58.0406 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/05 02:29:58.0437 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/05 02:29:58.0468 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/05 02:29:58.0515 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/05 02:29:58.0546 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/05 02:29:58.0562 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/05 02:29:58.0609 sermouse (1f16931c722c69e4a7866244796c66a0) C:\WINDOWS\system32\DRIVERS\sermouse.sys
2011/01/05 02:29:58.0640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/05 02:29:58.0703 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/05 02:29:58.0718 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/05 02:29:58.0765 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/05 02:29:58.0796 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/05 02:29:58.0828 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/05 02:29:58.0890 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/05 02:29:58.0953 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/05 02:29:58.0984 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/05 02:29:58.0984 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/05 02:29:59.0031 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/05 02:29:59.0093 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/05 02:29:59.0140 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/05 02:29:59.0187 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/05 02:29:59.0234 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/05 02:29:59.0250 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/05 02:29:59.0281 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/05 02:29:59.0328 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/05 02:29:59.0359 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/05 02:29:59.0390 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/05 02:29:59.0468 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/05 02:29:59.0500 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/05 02:29:59.0546 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/01/05 02:29:59.0593 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/05 02:29:59.0656 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/01/05 02:29:59.0703 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/01/05 02:29:59.0703 ================================================================================
2011/01/05 02:29:59.0703 Scan finished
2011/01/05 02:29:59.0703 ================================================================================
2011/01/05 02:29:59.0718 Detected object count: 1
2011/01/05 02:30:15.0250 \HardDisk0 - will be cured after reboot
2011/01/05 02:30:15.0250 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2011/01/05 02:30:20.0656 Deinitialize success
 
Not sure if I mentioned this earlier or not, but the computer never actually shuts down/restarts properly. Everytime I try and shut down or restart from normal mode, the computer freezes up durring the "Windows is saving your settings" phase and I have to hold down the power button to turn it off.

Not sure if this is causing problems for these programs that require restarts.
 
Hello bob200 :),

Is Spybot's Teatimer active when you run ComboFix? How long did you wait before you conclude that nothing is happening after running ComboFix?
Click to expand...
Please answer these questions.


Please try ComboFix now as well.
 
You must log in or register to reply here.
Back
Top