Free Malware Removal Forum

by **Tummelumsen** » August 27th, 2010, 10:58 am

Hello Jack&Jill

I pressed the "List of found threads" and then the "Export to text file...".

Content:
C:\Users\Henrik\AppData\Local\Temp\jar_cache7180.tmp multiple threats
C:\Users\Søren\Documents\Downloads\frostwire-4.17.0.windows.exe a variant of Win32/AdInstaller application

Hope that is better, since the log now only contains:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=53251

by **Jack&Jill** » August 28th, 2010, 10:46 am

Hello Tummelumsen

,

Thanks for the result. We will address them a bit later.

For Windows Vista or Windows 7, please use right click and select Run as administrator instead of double click to run all the tools I ask you to, or they may not work properly.

Please download RegQuery© by Noviciate and save it to your desktop. Click here.

Double click on RegQuery.exe to run the program.
Copy and paste the following text into the white box:
Code: Select all
```
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
```
Click the Query button. A Notepad file will open, please save it to a convenient location and post the contents of the report in your reply.
Click Exit to close the program.

--------------------

Check for additional security risks

Please download CKScanner© by askey127 and save to your desktop. Click here.
Double click on CKScanner.exe and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File. You will be prompted, click OK.
Post the contents of ckfiles.txt in your reply, it is located on your desktop.

--------------------

Please post back:
1. RegQuery result
2. CKScanner log

by **Tummelumsen** » August 29th, 2010, 11:23 am

Hello Jack & Jill

Two more log files !

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusDisableNotify"=""
"AntiVirusOverride"=dword:00000000
"FirewallDisableNotify"=""
"FirewallOverride"=dword:00000000
"FirstRunDisabled"=""
"UpdatesDisableNotify"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000000

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\protect.dll
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\reloaded.nfo
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\søren\desktop\spil\age of empires 2 & the conquerors expansion - full game - [hussey]\crack.zip
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackshadow.cfx
scanner sequence 3.ZZ.11
----- EOF -----

by **Jack&Jill** » August 30th, 2010, 1:37 am

Hello Tummelumsen

,

Cracks / Keygens / Warez / Illegal softwares detected!!!

Your log indicates the presence and usage of one or more of the above. Very likely your computer got infected due to the illegal softwares or the illegitimate websites you visited to get them.

Please read Illegal copies of software and Forum Rules.

Any time the helper detects that you may have illegal software on your machine, that helper may stop assisting you immediately until you can demonstrate that you have rectified the situation. We will not support fixing machines with pirated or otherwise illegal software.

If you still want help, please remove the illegal items from your computer, and if you still need the softwares, get legal ones from legitimate sources.
If you advised that the illegal softwares have been removed and I find it otherwise (the tools we use can and will detect them), then I will have no choice but to have this topic closed.
If there are more such new findings after this, the topic will also be closed.

Please remove/uninstall the following before we continue:
c:\users\søren\desktop\spil\age of empires 2 & the conquerors expansion - full game - [hussey]\crack.zip
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\protect.dll
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\reloaded.nfo
c:\users\brugeradmin\documents\frostwire\incomplete\rck22aa2jsi6m6kqmmvsrifxv25szqgr\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe
C:\users\brugeradmin\desktop\crack\rld-w4m\worms 4 mayhem.exe
C:\users\brugeradmin\desktop\worms\crack\rld-w4m\worms 4 mayhem.exe
C:\users\brugeradmin\downloads\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe

--------------------

Remove P2P software

IMPORTANT: I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

uTorrent
FrostWire
LimeWire
Please read our P2P Policy where we explain why it's not a good idea to have them.
Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.
Although these are no longer present in your program list, there are still some remnants that we should remove and you should stay away from P2P in the future.
I will address them in the following fix upon the removal of the cracks.

--------------------

Please post back:
1. a new CKScanner log

by **Tummelumsen** » August 30th, 2010, 2:49 pm

Hello Jack&Jill
I have tried the best to remove the illegal software: "Age of empires 2 & the conquerors expansion - full game - [hussey]<Crack.zip". No more files/directories with Mayhem, LimeWire, Frostwire or uTorrent. No more registry keys with the same names.

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\brugeradmin\documents\battlefield 2\mods\xpack\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2965_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\henrik\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\søren\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4742-11cf-bd6b-452301c2ca35}_2551_2\rashaderstmbasedetaildirtcrackshadow.cfx
scanner sequence 3.ZZ.11
----- EOF -----

by **Jack&Jill** » August 30th, 2010, 9:55 pm

Hello Tummelumsen

,

For Windows Vista or Windows 7, please use right click and select Run as administrator instead of double click to run all the tools I ask you to, or they may not work properly.

Please download ERUNT© by Lars Hederer from one of the links below and save it to your desktop.

Link 1
Link 2
Link 3

Backup your registry with ERUNT

Double click on erunt-setup.exe and run the installation setup.
Follow the setup instructions until you reach Select Additional Tasks, uncheck (untick) Create NTREGOPT desktop icon.
Continue until you get prompted to run ERUNT at startup. Choose No.
Next, make sure Launch ERUNT is checked (ticked) and click Finish.
Click OK when ERUNT is launched, and accept all default setting. ERUNT will then backup the registry.

--------------------

Fix with OTL

Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
If you need help to disable your protection programs see here and here.
Double click on OTL.exe to run it.

Copy and paste the following text into the white box below Custom Scans/Fixes:

Code: Select all

:otl
SRV - [2008-04-07 15:06:47 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
IE - HKU\S-1-5-21-3851498605-421253736-3578957769-1001\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - Reg Error: Key error. File not found
O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - No CLSID value found.
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No CLSID value found.
O3 - HKU\S-1-5-21-3851498605-421253736-3578957769-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [CCUTRAYICON]  File not found
[2010-08-26 23:36:05 | 000,000,254 | ---- | M] () -- C:\Windows\tasks\PersSecurity.job
[2010-05-05 16:07:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008-12-23 18:37:55 | 000,000,000 | ---D | M] -- C:\Users\BrugerAdmin\AppData\Roaming\FrostWire
[2008-10-03 15:47:37 | 000,000,000 | ---D | M] -- C:\Users\BrugerAdmin\AppData\Roaming\LimeWire
[2009-01-10 13:18:05 | 000,000,000 | ---D | M] -- C:\Users\BrugerAdmin\AppData\Roaming\uTorrent
[2010-01-31 18:37:48 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\FrostWire
[2008-10-04 13:18:38 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\LimeWire
[2010-01-16 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Henrik\AppData\Roaming\uTorrent
[2009-08-13 15:25:00 | 000,000,000 | ---D | M] -- C:\Users\Søren\AppData\Roaming\FrostWire
[2008-10-03 16:26:37 | 000,000,000 | ---D | M] -- C:\Users\Søren\AppData\Roaming\LimeWire
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8

:files
C:\Users\Henrik\AppData\Local\Temp\jar_cache7180.tmp 
C:\Users\Søren\Documents\Downloads\frostwire-4.17.0.windows.exe
c:\program files\limewire
C:\program files\frostwire 
C:\program files\uTorrent
dir C:\*.* /L /A /B /S|Find /c "crack" /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=dword:00000000
"FirewallDisableNotify"=dword:00000000
"FirstRunDisabled"=dword:00000000
"UpdatesDisableNotify"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiSpywareOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8337891B-9D9E-4160-9259-18A19BD8F2A7}"=-
"{8BF4C35E-15F8-4FC7-9FA5-0C7AB86D179C}"=-
"TCP Query User{3A1C5B56-DEA5-453A-B415-9488BD718BF9}C:\users\søren\inexplorer.exe"=-
"TCP Query User{4744C38A-3F46-4CE9-8AB4-F50B2F356C26}C:\program files\frostwire\frostwire.exe"=-
"TCP Query User{7174D9FA-54DE-42D1-AD47-5FF28A962168}C:\users\brugeradmin\desktop\crack\rld-w4m\worms 4 mayhem.exe"=-
"TCP Query User{A573710B-3942-4692-A0D2-DA2919F9DB34}C:\users\brugeradmin\desktop\worms\crack\rld-w4m\worms 4 mayhem.exe"=-
"TCP Query User{C25C3FA7-8BDD-4FC7-BEC7-CDCAA0DC786F}C:\users\brugeradmin\downloads\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe"=-
"UDP Query User{375296D2-26DA-41DE-9B9F-0709FB5E1F93}C:\users\brugeradmin\downloads\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe"=-
"UDP Query User{3A045C7E-A9C7-4891-BE36-52B12E9ACA70}C:\users\brugeradmin\desktop\crack\rld-w4m\worms 4 mayhem.exe"=-
"UDP Query User{44AF8C2C-ED9F-46BC-8708-2248CBFDD4CE}C:\users\søren\inexplorer.exe"=-
"UDP Query User{4B3AADE8-940E-466C-876E-12C08F44671B}C:\users\brugeradmin\desktop\worms\crack\rld-w4m\worms 4 mayhem.exe"=-
"UDP Query User{C79FE835-02E3-483F-837A-0E5A9947E493}C:\program files\frostwire\frostwire.exe"=-

:commands
[CREATERESTOREPOINT]
[EMPTYFLASH]
[emptytemp]

Click Run Fix.
Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
If requested to reboot, please do so. The log file will open after restart.
Enable back your security softwares as soon as you completed the OTL fix steps.

--------------------

Please post back:
1. the OTL fix log
2. how is your computer now?

by **Tummelumsen** » August 31st, 2010, 3:16 pm

Hello Jack&Jill.

The boot sequence of the computer previously had two "long" time periods with black screen. Before the logon procedure and just after the logon procedure. The one just after the logon has disappeared

. Thanks.

All processes killed
========== OTL ==========
Service Boonty Games stopped successfully!
Service Boonty Games deleted successfully!
C:\Programmer\Common Files\BOONTY Shared\Service\Boonty.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-3851498605-421253736-3578957769-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3851498605-421253736-3578957769-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CCUTRAYICON deleted successfully.
C:\WINDOWS\Tasks\PersSecurity.job moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
Folder C:\Users\BrugerAdmin\AppData\Roaming\FrostWire\ not found.
Folder C:\Users\BrugerAdmin\AppData\Roaming\LimeWire\ not found.
Folder C:\Users\BrugerAdmin\AppData\Roaming\uTorrent\ not found.
Folder C:\Users\Henrik\AppData\Roaming\FrostWire\ not found.
Folder C:\Users\Henrik\AppData\Roaming\LimeWire\ not found.
Folder C:\Users\Henrik\AppData\Roaming\uTorrent\ not found.
Folder C:\Users\Søren\AppData\Roaming\FrostWire\ not found.
Folder C:\Users\Søren\AppData\Roaming\LimeWire\ not found.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
C:\Users\Henrik\AppData\Local\Temp\jar_cache7180.tmp moved successfully.
File\Folder C:\Users\Søren\Documents\Downloads\frostwire-4.17.0.windows.exe not found.
c:\program files\LimeWire\.NetworkShare folder moved successfully.
c:\program files\LimeWire folder moved successfully.
C:\program files\FrostWire folder moved successfully.
File\Folder C:\program files\uTorrent not found.
< dir C:\*.* /L /A /B /S|Find /c "crack" /c >
161
C:\Users\BrugerAdmin\Desktop\cmd.bat deleted successfully.
C:\Users\BrugerAdmin\Desktop\cmd.txt deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"AntiVirusDisableNotify"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirewallDisableNotify"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirstRunDisabled"|dword:00000000 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"UpdatesDisableNotify"|dword:00000000 /E : value set successfully!
Unable to set value : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\"AntiSpywareOverride"|dword:00000000 /E!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8337891B-9D9E-4160-9259-18A19BD8F2A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8337891B-9D9E-4160-9259-18A19BD8F2A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BF4C35E-15F8-4FC7-9FA5-0C7AB86D179C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8BF4C35E-15F8-4FC7-9FA5-0C7AB86D179C}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A1C5B56-DEA5-453A-B415-9488BD718BF9}C:\users\søren\inexplorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4744C38A-3F46-4CE9-8AB4-F50B2F356C26}C:\program files\frostwire\frostwire.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7174D9FA-54DE-42D1-AD47-5FF28A962168}C:\users\brugeradmin\desktop\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A573710B-3942-4692-A0D2-DA2919F9DB34}C:\users\brugeradmin\desktop\worms\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C25C3FA7-8BDD-4FC7-BEC7-CDCAA0DC786F}C:\users\brugeradmin\downloads\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{375296D2-26DA-41DE-9B9F-0709FB5E1F93}C:\users\brugeradmin\downloads\worms 4 mayhem\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3A045C7E-A9C7-4891-BE36-52B12E9ACA70}C:\users\brugeradmin\desktop\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44AF8C2C-ED9F-46BC-8708-2248CBFDD4CE}C:\users\søren\inexplorer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4B3AADE8-940E-466C-876E-12C08F44671B}C:\users\brugeradmin\desktop\worms\crack\rld-w4m\worms 4 mayhem.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C79FE835-02E3-483F-837A-0E5A9947E493}C:\program files\frostwire\frostwire.exe deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: BrugerAdmin
->Flash cache emptied: 1369 bytes

User: Default

User: Default User

User: Henrik
->Flash cache emptied: 237431 bytes

User: IUSR_NMPR

User: Mette Marie
->Flash cache emptied: 3884 bytes

User: Preben
->Flash cache emptied: 14465 bytes

User: Public

User: Søren
->Flash cache emptied: 2832850 bytes

Total Flash Files Cleaned = 3,00 mb

[EMPTYTEMP]

User: All Users

User: BrugerAdmin
->Temp folder emptied: 10167798 bytes
->Temporary Internet Files folder emptied: 31323495 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Henrik
->Temp folder emptied: 58964250 bytes
->Temporary Internet Files folder emptied: 137149301 bytes
->Java cache emptied: 1352824 bytes
->Google Chrome cache emptied: 257771618 bytes
->Flash cache emptied: 0 bytes

User: IUSR_NMPR
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Mette Marie
->Temp folder emptied: 2504875 bytes
->Temporary Internet Files folder emptied: 20133501 bytes
->Google Chrome cache emptied: 6099312 bytes
->Flash cache emptied: 0 bytes

User: Preben
->Temp folder emptied: 2793245551 bytes
->Temporary Internet Files folder emptied: 24727847 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Søren
->Temp folder emptied: 133222471 bytes
->Temporary Internet Files folder emptied: 1187395520 bytes
->Java cache emptied: 8145036 bytes
->Google Chrome cache emptied: 339379729 bytes
->Apple Safari cache emptied: 175591424 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1193863 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4.948,00 mb

OTL by OldTimer - Version 3.2.10.0 log created on 08312010_204829

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\nmsmc_DQLWinService.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

by **Jack&Jill** » August 31st, 2010, 9:24 pm

Hello Tummelumsen

,

Your Adobe Reader is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Adobe Reader to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Adobe Reader 8.1.2 - Dansk

Go to the Adobe download page. Click here.
If your OS is not the same as stated, click on Different language or operating system? link.
- Under the Select an operating system title, click on Select an OS... box and choose the OS that you have.
- Change the language if you want by clicking on English below the Select a language title.
- Press Continue.
- Uncheck (untick) Free McAfee Security Scan (optional).
- Click the Download now button after selecting the latest version.
- Allow if prompted and save the file to a convenient location.
- Run the downloaded file to continue with the installation.
If your OS is the same, uncheck (untick) Free McAfee Security Scan (optional).
Click Download to proceed. Allow if prompted and save the file to a convenient location.
Run the downloaded file to continue with the installation.

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Java(TM) 6 Update 10
Java(TM) SE Runtime Environment 6 Update 1

Go to the Java SE download page. Click here.
Look for JDK 6 Update 21 (JDK or JRE). Click the Download JRE button to the right.
Select Windows from the drop-down list for Platform.
Check I agree to the Java SE Runtime Environment 6u21 with JavaFX 1 License Agreement after reading it, and click Continue >>. The page will refresh.
Under the Windows Offline Installation title, click on the link which says jre-6u21-windows-i586.exe and save the file to your desktop.
Close any programs you may have running - especially your web browser.
Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Please post back:
1. new OTL log

by **Tummelumsen** » September 1st, 2010, 4:24 pm

Hello Jack&Jill.

Adobe Reader and Java updated.....

OTL logfile created on: 01-09-2010 22:13:33 - Run 3
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\BrugerAdmin\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,77 Gb Total Space | 101,82 Gb Free Space | 35,02% Space Free | Partition Type: NTFS
Drive D: | 7,32 Gb Total Space | 1,53 Gb Free Space | 20,86% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 297,56 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FARS-PC
Current User Name: BrugerAdmin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-08-24 16:03:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\BrugerAdmin\Desktop\OTL.exe
PRC - [2010-07-21 14:23:35 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programmer\AVG\AVG8\avgtray.exe
PRC - [2010-01-14 19:04:52 | 000,041,984 | ---- | M] (David Becher) -- C:\Programmer\WC3 Quickstarter\WC3 Quickstarter.exe
PRC - [2009-08-28 14:50:35 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programmer\AVG\AVG8\avgrsx.exe
PRC - [2009-08-28 14:50:21 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programmer\AVG\AVG8\avgwdsvc.exe
PRC - [2009-05-07 14:59:00 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009-02-26 13:46:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\System32\ANIWConnService.exe
PRC - [2008-10-29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008-02-29 20:36:50 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Programmer\Windows Sidebar\sidebar.exe
PRC - [2007-12-18 23:24:48 | 000,385,024 | R--- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\System32\AstSrv.exe
PRC - [2007-09-13 21:42:36 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Programmer\Windows Defender\MSASCui.exe
PRC - [2007-07-06 13:06:52 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007-05-29 17:19:08 | 000,198,240 | ---- | M] () -- c:\hp\HPEZBTN\HPBtnSrv.exe
PRC - [2007-05-24 13:13:16 | 000,071,176 | ---- | M] (Hewlett-Packard) -- C:\Programmer\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
PRC - [2007-04-18 17:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007-02-15 13:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Programmer\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006-12-08 18:16:56 | 000,065,536 | ---- | M] () -- C:\hp\KBD\KbdStub.exe
PRC - [2006-10-26 13:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Programmer\Common Files\microsoft shared\VS7DEBUG\mdm.exe
PRC - [2006-09-03 10:32:28 | 000,208,896 | ---- | M] () -- C:\Programmer\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

========== Modules (SafeList) ==========

MOD - [2010-08-24 16:03:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\BrugerAdmin\Desktop\OTL.exe
MOD - [2009-08-28 14:50:35 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
MOD - [2006-11-02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
MOD - [2006-11-02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010-07-29 16:32:33 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009-08-28 14:50:21 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programmer\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009-02-26 13:46:40 | 000,147,456 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\ANIWConnService.exe -- (ANIWConnService)
SRV - [2007-12-18 23:24:48 | 000,385,024 | R--- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\System32\AstSrv.exe -- (astcc)
SRV - [2007-09-13 21:42:36 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programmer\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-05-29 17:19:08 | 000,198,240 | ---- | M] () [Auto | Running] -- c:\hp\HPEZBTN\HPBtnSrv.exe -- (HPBtnSrv)
SRV - [2007-01-19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programmer\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006-09-11 16:02:44 | 000,544,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R)
SRV - [2006-09-11 16:01:04 | 000,167,936 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R)
SRV - [2006-09-11 15:56:32 | 000,075,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R)
SRV - [2006-09-11 15:56:20 | 000,188,416 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R)
SRV - [2006-09-03 10:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006-08-31 23:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Programmer\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM)
SRV - [2006-05-10 09:13:52 | 000,029,696 | R--- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009-08-28 14:50:35 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009-08-28 14:50:35 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009-04-17 11:27:10 | 000,722,944 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009-03-06 18:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\anodlwf.sys -- (anodlwf)
DRV - [2008-05-02 11:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008-05-02 11:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008-05-02 10:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008-05-02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007-07-11 12:21:00 | 001,793,880 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-07-06 15:15:00 | 007,568,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-06-11 11:49:22 | 000,968,064 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007-05-30 17:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007-04-13 15:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:55:16 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\avc.sys -- (Avc)
DRV - [2006-11-02 10:55:15 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\61883.sys -- (61883)
DRV - [2006-11-02 10:55:12 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\msdv.sys -- (MSDV)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2005-12-12 19:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005-02-23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmer\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programmer\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Programmer\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programmer\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [wc3quickstarter] C:\Programmer\WC3 Quickstarter\WC3 Quickstarter.exe (David Becher)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programmer\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmer\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmer\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programmer\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmer\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\awave.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\awave.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007-09-13 12:24:37 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-09-01 22:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-09-01 22:08:41 | 000,000,000 | ---D | C] -- C:\Programmer\Common Files\Java
[2010-09-01 22:08:26 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010-09-01 22:08:26 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010-09-01 22:08:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010-09-01 22:08:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010-09-01 22:08:16 | 000,000,000 | ---D | C] -- C:\Programmer\Java
[2010-09-01 22:07:38 | 016,062,240 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\BrugerAdmin\Desktop\jre-6u21-windows-i586.exe
[2010-09-01 22:04:16 | 000,054,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\jureg.exe
[2010-09-01 22:02:42 | 000,000,000 | ---D | C] -- C:\Programmer\Common Files\Adobe
[2010-09-01 22:02:42 | 000,000,000 | ---D | C] -- C:\Programmer\Adobe
[2010-09-01 22:02:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Adobe 9 Reader Installer
[2010-08-31 20:48:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-08-31 20:46:50 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010-08-31 20:45:25 | 000,000,000 | ---D | C] -- C:\Programmer\ERUNT
[2010-08-26 23:41:07 | 000,000,000 | ---D | C] -- C:\Programmer\ESET
[2010-08-25 20:25:23 | 000,000,000 | ---D | C] -- C:\Users\BrugerAdmin\AppData\Roaming\Malwarebytes
[2010-08-25 20:25:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-08-25 20:25:11 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-08-25 20:25:11 | 000,000,000 | ---D | C] -- C:\Programmer\Malwarebytes' Anti-Malware
[2010-08-25 20:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-08-25 20:23:42 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\BrugerAdmin\Desktop\mbam-setup-1.46.exe
[2010-08-24 16:03:17 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\BrugerAdmin\Desktop\OTL.exe
[2010-08-17 20:52:07 | 000,000,000 | ---D | C] -- C:\Programmer\Trend Micro
[2010-08-17 20:42:09 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010-08-17 20:34:24 | 000,000,000 | ---D | C] -- C:\Programmer\CCleaner
[2010-08-12 19:03:28 | 000,000,000 | ---D | C] -- C:\Temp

========== Files - Modified Within 30 Days ==========

[2010-09-01 22:15:13 | 002,359,296 | -HS- | M] () -- C:\Users\BrugerAdmin\NTUSER.DAT
[2010-09-01 22:12:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010-09-01 22:12:40 | 003,923,507 | -H-- | M] () -- C:\Users\BrugerAdmin\AppData\Local\IconCache.db
[2010-09-01 22:12:17 | 000,000,007 | ---- | M] () -- C:\Windows\System32\ANIWZCSUSERNAME
[2010-09-01 22:10:25 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-09-01 22:10:25 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-09-01 22:10:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-09-01 22:10:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-09-01 22:08:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010-09-01 22:08:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010-09-01 22:08:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010-09-01 22:08:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010-09-01 22:07:39 | 016,062,240 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\BrugerAdmin\Desktop\jre-6u21-windows-i586.exe
[2010-09-01 22:02:50 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-09-01 17:28:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010-09-01 17:04:18 | 064,153,839 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-09-01 17:04:17 | 000,000,836 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2010-08-31 20:45:25 | 000,000,735 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\NTREGOPT.lnk
[2010-08-31 20:45:25 | 000,000,716 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\ERUNT.lnk
[2010-08-31 20:39:10 | 234,710,319 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-08-29 17:17:05 | 000,443,392 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\CKScanner.exe
[2010-08-29 17:12:58 | 000,428,032 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\RegQuery.exe
[2010-08-26 17:09:45 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-08-26 17:09:45 | 000,485,362 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2010-08-26 17:09:45 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-08-26 17:09:45 | 000,080,082 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2010-08-26 17:09:43 | 001,270,178 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-08-25 20:25:15 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-08-25 20:23:55 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\BrugerAdmin\Desktop\mbam-setup-1.46.exe
[2010-08-24 16:03:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\BrugerAdmin\Desktop\OTL.exe
[2010-08-23 20:30:52 | 000,133,632 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\RKUnhookerLE.EXE
[2010-08-23 20:21:14 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010-08-17 21:35:54 | 000,003,584 | ---- | M] () -- C:\Users\BrugerAdmin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-08-17 21:26:28 | 000,002,535 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\HiJackThis.lnk
[2010-08-17 20:34:25 | 000,000,806 | ---- | M] () -- C:\Users\BrugerAdmin\Desktop\CCleaner.lnk
[2010-08-12 18:59:38 | 000,452,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-08-03 10:08:52 | 000,000,945 | ---- | M] () -- C:\Users\BrugerAdmin\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2010-09-01 22:02:50 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010-08-31 20:45:25 | 000,000,735 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\NTREGOPT.lnk
[2010-08-31 20:45:25 | 000,000,716 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\ERUNT.lnk
[2010-08-29 17:17:03 | 000,443,392 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\CKScanner.exe
[2010-08-29 17:12:54 | 000,428,032 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\RegQuery.exe
[2010-08-25 20:25:15 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010-08-25 13:01:27 | 234,710,319 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010-08-23 20:30:41 | 000,133,632 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\RKUnhookerLE.EXE
[2010-08-23 20:21:14 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010-08-17 20:52:07 | 000,002,535 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\HiJackThis.lnk
[2010-08-17 20:34:25 | 000,000,806 | ---- | C] () -- C:\Users\BrugerAdmin\Desktop\CCleaner.lnk
[2010-06-07 20:51:40 | 000,003,284 | ---- | C] () -- C:\Users\BrugerAdmin\AppData\Roaming\ANIWZCS{675E32AB-FCA0-451D-9FFF-7170DA93B73B}
[2010-06-07 20:49:00 | 000,315,392 | ---- | C] () -- C:\Windows\System32\ANIOApi.dll
[2010-06-07 20:48:52 | 000,258,048 | ---- | C] () -- C:\Windows\System32\wlanapp.dll
[2010-06-07 20:48:52 | 000,204,800 | ---- | C] () -- C:\Windows\System32\aIPH.dll
[2010-06-07 20:48:52 | 000,049,152 | ---- | C] () -- C:\Windows\System32\JJAKEn.dll
[2010-06-07 20:48:52 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AQCKGen.dll
[2010-06-07 20:48:52 | 000,045,115 | ---- | C] () -- C:\Windows\System32\ANICtl.dll
[2010-06-07 20:48:46 | 000,724,992 | ---- | C] () -- C:\Windows\System32\ANIOWPS.dll
[2010-06-07 20:47:31 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\anodlwf.sys
[2010-04-21 15:30:38 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010-03-12 00:08:32 | 000,000,596 | ---- | C] () -- C:\Windows\wininit.ini
[2009-06-05 22:02:19 | 000,000,000 | ---- | C] () -- C:\Users\BrugerAdmin\AppData\Local\rx_image.Cache
[2008-07-21 11:05:49 | 000,032,768 | ---- | C] () -- C:\Windows\unvise32.dll
[2008-05-13 12:39:14 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008-05-13 12:38:01 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008-05-13 12:38:01 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008-05-13 12:38:01 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008-02-29 22:40:03 | 000,003,584 | ---- | C] () -- C:\Users\BrugerAdmin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007-09-13 12:17:52 | 000,001,525 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007-09-13 12:12:51 | 000,003,758 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2007-09-13 12:12:32 | 000,066,048 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2007-09-13 12:04:27 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007-09-13 12:04:27 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007-07-19 17:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006-12-13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006-12-13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-06-23 10:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
< End of report >

by **Jack&Jill** » September 1st, 2010, 8:37 pm

Hello Tummelumsen

,

Congratulations, you are All Clear to go. Glad to hear everything is good and running

. If you have any more problems, please let me know.

Now we need to clear out the programs we have been using to clean up your computer. They are not suitable for general malware removal and could cause damage if used inappropriately.

Run OTL by double clicking on OTL.exe. Click on CleanUp, proceed to reboot if prompted.
Delete the GMER, Rootkit Unhooker, RegQuery and CKScanner files on your desktop.
Delete any logs on the desktop.
Uninstall HijackThis via the Add/Remove Programs at the Control Panel.

Some tips to help you stay clean and safe:

1. Keep your Windows up to date. Enable Automatic Updates for Windows XP, Windows Vista or Windows 7 to always update the latest security patches from Microsoft, or you can download from the Microsoft website. Otherwise, your computer will be vulnerable to new exploits or malwares.

2. Purge System Restore, for this one time only. A recovery feature will only be useful if it is clean from malwares. See Windows Vista System Restore Guide for some detail explanations.

3. Update your Antivirus program regularly, it is a must for constant protection against viruses. If you do not have one, Microsoft Security Essentials, Avast and Avira are some great and free antivirus programs that you can try. For paid versions, Avast, ESET NOD32 and Kaspersky are some good options. Please keep only one AV installed.

4. Install Malwarebytes' Anti-Malware if you haven't and use it occasionally. It is a new and powerful anti-malware tool, totally free but for real-time protection you will have to pay a small one-time fee.

5. Install WinPatrol, a great protection program that helps you monitor for unwanted files or applications.

6. Use a hosts file to block the access of bad sites from your computer. Get yourself a MVPS Hosts for this purpose.

7. Install Web of Trust (WOT). WOT keeps you from dangerous websites with warnings and blockings.

8. Protect your computer from removable or USB drive infections with Panda USB Vaccine, an effective method to prevent malware from spreading.

9. Keep all your softwares updated. Visit Secunia Software Inspector to find out if any updates required.

10. Install a third party firewall if you do not have one for additional defense against internet dangers. Built-in Windows firewall can only keep nasties from breaking in, but unable to protect against any malwares from sending information out. Some recommended firewalls are Online Armor, Outpost and PC Tools. More information on firewalls. Please keep only one FW installed.

11. If you have been a victim of malware before, Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!

12. Also look up How to prevent malware: By miekiemoes and So how did I get infected in the first place? By Tony Klein.

Stay safe.

If you have been helped and wish to donate to support this volunteer site, go to Donations For Malware Removal.

by **Tummelumsen** » September 3rd, 2010, 11:53 am

Hello Jack&Jill :bigsmurf:

Thank you very much for the "Tour de Malware". I will take a deeper look into your suggestions.

Best regards
Tummelumsen

by **Jack&Jill** » September 3rd, 2010, 11:43 pm

Hello Tummelumsen

,

You are most welcome. Glad to be of assistance. Take care and stay safe.

by **Gary R** » September 6th, 2010, 12:46 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.

Free Malware Removal Forum

GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Re: GDIPLUS infected

Who is online