Running from: C:\Documents and Settings\Warcraft\Desktop\Win32kDiag.exe
Log file at : C:\Documents and Settings\Warcraft\Desktop\Win32kDiag.txt
WARNING: Could not get backup privileges!
Searching ‘C:\WINDOWS’…
Finished!
DDS (Ver_09-12-01.01) - NTFSx86
Run by Warcraft at 19:47:30.95 on Sun 12/06/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.467 [GMT 13:00]
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\sstray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.21 V1.30\WlanCU.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Warcraft\Desktop\dds.scr
============== Pseudo HJT Report ===============
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
mRun: [nForce Tray Options] sstray.exe /r
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [StartCCC] “c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe” MSRun
mRun: [SunJavaUpdateSched] “c:\program files\java\jre6\bin\jusched.exe”
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRunOnce: [nlsf] cmd.exe /C move /Y “%SystemRoot%\System32\syssetub.dll” “%SystemRoot%\System32\syssetup.dll”
dRunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\802.11 wireless lan\802.11g wireless cardbus & pci adapter hw.21 v1.30\WlanCU.exe
uPolicies-explorer: NoInternetIcon = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoInternetIcon = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\warcraft\applic~1\mozilla\firefox\profiles\xcwahe5d.default
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref(“security.ssl3.rsa_seed_sha”, true);
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-11-29 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-11-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-11-23 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-11-29 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-11-29 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-11-29 254040]
R3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;c:\windows\system32\drivers\TNET1130.sys [2004-6-17 386688]
S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-11-29 352920]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-11-23 7408]
=============== Created Last 30 ================
2009-12-06 05:53:44 0 d–h–w- c:\windows\PIF
2009-12-06 03:10:28 102660 ----a-w- C:\SystemLook.exe
2009-12-06 03:02:25 0 d-s—w- c:\documents and settings\warcraft\UserData
2009-12-06 02:08:49 0 d-----w- c:\documents and settings\warcraft\DoctorWeb
2009-12-06 00:25:55 0 d-----w- c:\program files\Trend Micro
2009-12-06 00:16:21 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-12-06 00:16:21 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-12-05 23:12:53 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-12-05 23:12:43 0 d-----w- c:\program files\SUPERAntiSpyware
2009-12-05 23:12:43 0 d-----w- c:\docume~1\warcraft\applic~1\SUPERAntiSpyware.com
2009-12-05 22:46:37 0 d-----w- c:\docume~1\warcraft\applic~1\Malwarebytes
2009-12-05 22:46:33 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-05 22:46:32 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-12-05 22:46:31 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-05 22:46:31 0 d-----w- c:\program files\Malwarebytes’ Anti-Malware
2009-12-05 22:18:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-03 07:44:48 0 d-----w- c:\program files\IObit
2009-12-01 20:14:41 116 ----a-w- c:\windows\NeroDigital.ini
2009-12-01 20:10:55 133211 ------w- c:\windows\UNNeroVision.cfg
2009-12-01 20:10:54 2277376 ------w- c:\windows\UNNeroVision.exe
2009-12-01 20:03:38 106496 ------w- c:\windows\system32\TwnLib20.dll
2009-12-01 20:03:35 471040 ------w- c:\windows\system32\ImagXRA7.dll
2009-12-01 20:03:35 364544 ------w- c:\windows\system32\TwnLib4.dll
2009-12-01 20:03:35 262144 ------w- c:\windows\system32\ImagXR7.dll
2009-12-01 20:03:34 476320 ------w- c:\windows\system32\ImagXpr7.dll
2009-12-01 20:03:34 1568768 ------w- c:\windows\system32\ImagX7.dll
2009-12-01 20:03:33 38912 ------w- c:\windows\system32\picn20.dll
2009-12-01 20:03:30 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2009-12-01 19:59:02 0 d-----w- c:\windows\system32\appmgmt
2009-12-01 19:01:53 24064 ------w- c:\windows\system32\msxml3a.dll
2009-12-01 11:26:24 0 d-----w- c:\program files\VideoLAN
2009-12-01 11:09:06 0 d-----w- c:\program files\uTorrent
2009-11-30 19:15:39 0 d-----w- c:\program files\common files\Blizzard Entertainment
2009-11-30 13:06:05 0 d-----w- c:\program files\Ventrilo
2009-11-30 13:06:00 262 ----a-w- c:\windows{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-11-30 13:05:46 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-11-29 18:48:17 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard Entertainment
2009-11-29 01:48:29 0 d-----w- c:\program files\common files\ODBC
2009-11-29 01:48:26 0 d-----w- c:\program files\common files\SpeechEngines
2009-11-29 01:48:00 0 d-----r- c:\documents and settings\all users\Documents
2009-11-28 22:16:52 0 d-----w- c:\docume~1\alluse~1\applic~1\Blizzard
2009-11-28 21:05:24 0 d-----w- c:\program files\World of Warcraft
2009-11-28 14:37:14 0 d-----w- c:\program files\ATI
2009-11-28 13:53:48 0 d-----w- c:\program files\Driver Cleaner Pro
2009-11-28 13:22:08 0 d-----w- c:\program files\ATI Technologies
2009-11-28 13:07:09 0 d-----w- c:\program files\802.11 Wireless LAN
2009-11-28 13:06:57 0 d-----w- c:\docume~1\alluse~1\applic~1{3BF7B6DE-D2D6-4888-83BE-488663791EB5}
2009-11-28 13:00:22 0 d-sh–w- c:\documents and settings\all users\DRM
2009-11-28 13:00:19 0 d-----w- c:\program files\Messenger
2009-11-28 12:58:46 0 d–h–w- c:\program files\WindowsUpdate
2009-11-28 12:58:42 0 d-----w- c:\program files\Online Services
2009-11-28 12:58:12 0 d-----w- c:\program files\common files\MSSoap
2009-11-28 12:57:04 0 d-----w- c:\program files\MSN Gaming Zone
2009-11-28 12:56:49 0 d-----w- c:\program files\Windows NT
==================== Find3M ====================
2009-11-28 14:53:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-28 13:06:57 62865 ----a-w- c:\windows\system32\drivers\odysseyIM3.sys
2009-11-28 12:57:35 21640 ----a-w- c:\windows\system32\emptyregdb.dat
============= FINISH: 19:47:38.25 ===============