Jump to content

godivafilm

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

 Content Type 

Everything posted by godivafilm

  1. godivafilm
    Yay so I am clean?!!! WOOHOOOO! TY Screenie. I almost cried when I had to reformat but it was everywhere- no other option really. I will start to install your suggestions asap. AVG AntiVir avast!. which one is best? BTW I do have adaware, spydoctor and windows defender on atm. Is that good or bad? Should I delete one or do what?? Everywhere I was reading about that search assistant for HJT - everyone was saying to delete it that it was smitfraud. Also - just one more question. I am admin on my user. Why- for every single application- it asks me if I should continue to run it? IS there a way to get rid of this as its annoying. TY screenie:P
  2. godivafilm
    Here is the new log of the clean version I just installed. Simply fixing this following two will not work- pls help if u can: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:53:21 PM, on 8/22/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16890) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\System32\mobsync.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 2323 bytes
  3. godivafilm
    I had to reformat last night. Nothing would run- device manager and even some other apps were saying it was marked for deletion. So I reformatted. BUT now I cant find windows.old so I can delete that so it wont get on the clean version of vista home. I went to disk cleanup and it wasnt there. Also I just ran HJT on the clean version after installing most of my programs back and it seems clean BUT it has a search assisnat on it that will NOT delete. what can I do? I will post new log. Screenie pls help. Its been a long two days lol.
  4. godivafilm
    I had to reformat yesterday as I could not get rid of Braviax. But now I am slow. Can you pls read my HJT?? Logfile of HijackThis v1.99.1 Scan saved at 6:44:43 PM, on 8/22/2009 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16890) Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\System32\mobsync.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Users\Yvonne\Documents\Downloads\hijackthis.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe PLS tell me what to delete: I cannot delete the followning as I have tried: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Also I wanted to make sure I do not have the old windows folder when I formatted as it usually does windows.old BUT when I went to disk cleanup to get rid of it, it wasnt there. Does this mean it is not there at all and I am safe? I also notice the ones in HJT with "svchost.exe (file missing)" I do not h ave svc anymore as I had refomatted and did not put that on- so delete this?
  5. godivafilm
    Ok I repeated the process and I have the diag log- But I cannot run Mbam still. Here is the log: Removing all found mount points. Attempting to reset file permissions. WARNING: Could not get backup privileges! Searching 'C:\Windows'... Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl [1] 2009-08-21 18:04:48 158096 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl [1] 2009-08-21 18:07:50 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl [1] 2009-08-21 18:07:59 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl Attempting to restore permissions of : C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl [1] 2009-08-21 18:07:59 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl () Found mount point : C:\Windows\System32\wbem\MOF\bad\bad Mount point destination : \Device\__max++>\^ Removing mount point : C:\Windows\System32\wbem\MOF\bad\bad Found mount point : C:\Windows\System32\wbem\MOF\good\good Mount point destination : \Device\__max++>\^ Removing mount point : C:\Windows\System32\wbem\MOF\good\good Cannot access: C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Cannot access: C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl Attempting to restore permissions of : C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl [1] 2009-08-21 11:44:46 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{1aba14c4-d830-4d37-864b-a8b67de4e1f9}\snapshot.etl () [1] 2009-08-20 18:41:00 196608 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{c3ee06aa-07c9-4798-a48c-9ae5e03c11b9}\snapshot.etl () [1] 2009-08-21 01:21:06 180224 C:\Windows\System32\WDI\{67144949-5132-4859-8036-a737b43825d8}\{fec175aa-8a18-4729-a9c0-5d058992b5a3}\snapshot.etl () [1] 2009-08-21 11:44:46 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{07abb119-f39f-44a8-8ad2-052bc4b155e6}\snapshot.etl () [1] 2009-08-21 01:21:06 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{0917f8e1-997a-4896-8e03-97caed54067a}\snapshot.etl () [1] 2009-08-10 10:50:30 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{16f55632-23c1-42c2-a76a-b980c42ac877}\snapshot.etl () [1] 2009-08-21 02:53:48 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{205b55c6-b970-4495-87ef-f1f2e36e7656}\snapshot.etl () [1] 2009-08-20 22:26:22 212992 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{3a4d56a9-b51a-47e4-b5ad-192d3c8064e9}\snapshot.etl () [1] 2009-08-21 12:25:45 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{4ed6c641-8e0a-40ec-869d-caa2f62ce349}\snapshot.etl () [1] 2009-08-20 15:42:20 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5ac3b609-bdfa-4d3f-9d9a-a3a9b04348c0}\snapshot.etl () [1] 2009-08-09 14:19:25 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{5cd230d9-ee2c-4718-9c09-710eceacbbfc}\snapshot.etl () [1] 2009-08-19 18:56:01 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{638bb7be-28e0-4dd3-8983-8c74a58535a1}\snapshot.etl () [1] 2009-08-21 02:09:51 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{7451b8ae-fe7c-4338-89ff-29a7b3ea975c}\snapshot.etl () [1] 2009-08-12 17:35:50 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{87267bf8-67b6-4e71-97a7-5089b000000a}\snapshot.etl () [1] 2009-08-04 16:22:45 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{8eccf360-7f13-44b5-93dc-125ba8010f42}\snapshot.etl () [1] 2009-08-05 17:40:19 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{97e0faf8-b375-453e-872c-e570bac5552b}\snapshot.etl () [1] 2009-08-07 11:59:58 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{99e5c888-d35f-4912-9a29-618eee4e394a}\snapshot.etl () [1] 2009-08-14 07:31:20 262144 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{b0cfb4b3-34d9-461e-89e2-17bef6048166}\snapshot.etl () [1] 2009-08-03 12:15:13 278528 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{bc2a5164-5507-42ed-8290-d06729654ea3}\snapshot.etl () [1] 2009-08-20 19:09:18 245760 C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\{e3e781c2-8b6a-4a84-a81e-5115a4c49604}\snapshot.etl () Found mount point : C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{a7a5847a-7511-4e4e-90b1-45ad2a002f51} Mount point destination : \Device\__max++>\^ Removing mount point : C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{a7a5847a-7511-4e4e-90b1-45ad2a002f51} Found mount point : C:\Windows\System32\WDI\{ecfb03d1-58ee-4cc7-a1b5-9bc6febcb915}\{ecfb03d1-58ee-4cc7-a1b5-9bc6febcb915} Mount point destination : \Device\__max++>\^ Removing mount point : C:\Windows\System32\WDI\{ecfb03d1-58ee-4cc7-a1b5-9bc6febcb915}\{ecfb03d1-58ee-4cc7-a1b5-9bc6febcb915} Cannot access: C:\Windows\System32\WerFault.exe Attempting to restore permissions of : C:\Windows\System32\WerFault.exe [1] 2006-11-02 05:45:54 216064 C:\Windows\System32\WerFault.exe (Microsoft Corporation) [1] 2006-11-02 05:45:54 216064 C:\Windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6000.16386_none_6dd05aa63fde4065\WerFault.exe (Microsoft Corporation) Found mount point : C:\Windows\System32\winevt\TraceFormat\TraceFormat Mount point destination : \Device\__max++>\^ Removing mount point : C:\Windows\System32\winevt\TraceFormat\TraceFormat Finished!
  6. godivafilm
    Just received a win32diage.exe error- application error in the process: The instruction at 0x009b1fd5 referenced memory at 0x00000000. The memory could not be written. Click ok to terminate the program.
  7. godivafilm
    Hi screen and yes, sorry. Just the font was so small hehe. I will go do that now and post. Thx so much- I have been stressing.
  8. godivafilm
    I tried running Rootrepeal - downloaded to my laptop and burned to cd and put on the vista pc. I double clicked it and it said: X FOPS- DeviceIoControl Error!! Error code= 0000024 Extended Info (0x00000110) Can someone pls help me? I have a 500gb full of important things and I do not want to reformat.
  9. godivafilm
    OK PLS help me: I really do not wanna reformat. combofix log: ComboFix Beta_09-08-18.01 - Yvonne 08/21/2009 12:22.4.4 - NTFSx86 Microsoft error.doc
  10. godivafilm
    I still cant run anything but combofix does work in safe mode- I will post that asap. PLS any ideas? I will post in just a sec.
  11. godivafilm
    Hi everyone. I am new. Please help me if you can. I am running Vista. I have HJT on it but it will not even open. Internet explorer will redirect to random spam sites. When I tried running HJT, I received an error saying access is denied because I dont have permission, and I am the admin. So I went ahead and changed permissions by stating owner and admin in properties- then security tab. This worked for about 5 seconds. I took a prnt screen before it disappeared 2 seconds later and it said: 04-hklm\ Run: (braviax) C:\windows\system32\braviax.exe 04-hkcu\ Run: (monopod) C:\users\Yvette\appdata\local\temp\b.exe 04-hkcu\ Run: (braviax) C:\windows\system32\braviax.exe Then the window disappeared. I have tried renaming hjt- doesnt work. I have changed permissions- works for 2 seconds until you start the exe and then wont work again. Then I saw this: http://www.myantispyware.com/2008/03/15/ho...cru629-malware/ So I disconnected my pc from the net and I am using my laptop to find help. I downloaded SDFIX and MBAM ,and put it on cd and transferred it to the pc in Normal mode. Should I have done this in safe mode? I then rebooted went into safe mode and started sdfix bu running runthis. The window popped open and closed. I then tried MBAM. I started to load it and got error 732, then the window close and the application started. I started to do a scan and it closed and disappeared. SO what do I do? I am at a loss. Please help me. Godivafilm
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.