Sirefef won't go away - please help!

Nothing, just creates the same folder containing my drives.

OTL logfile created on: 2012-06-03 19:51:00 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Ägaren\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

7,98 Gb Total Physical Memory | 6,17 Gb Available Physical Memory | 77,27% Memory free
15,96 Gb Paging File | 14,18 Gb Available in Paging File | 88,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 478,05 Gb Total Space | 346,55 Gb Free Space | 72,49% Space Free | Partition Type: NTFS
Drive E: | 2,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive X: | 453,36 Gb Total Space | 60,05 Gb Free Space | 13,25% Space Free | Partition Type: NTFS

Computer Name: ÄGAREN-DATOR | User Name: Ägaren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-06-03 19:49:53 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Ägaren\Downloads\OTL.exe
PRC - [2012-05-20 18:20:27 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-04-21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012-04-17 17:19:32 | 002,614,080 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011-06-15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2009-03-05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (No Company Name) ==========

MOD - [2012-05-15 21:34:34 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012-04-21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010-11-20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2009-07-14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-05-20 18:20:27 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012-05-19 11:47:59 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-05-15 22:42:44 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-05-15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-04-21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012-04-04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-07-07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-07-01 11:46:40 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011-06-26 08:45:56 | 000,256,000 | ---- | M] () [Auto | Stopped] -- C:\32788R22FWJFW\pev.3XE -- (PEVSystemStart)
SRV - [2011-06-15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009-06-10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-06-02 22:17:50 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\39377219.sys -- (39377219)
DRV:64bit: - [2012-05-23 13:58:41 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012-04-18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-08-09 14:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2011-08-04 09:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011-08-04 09:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2011-07-01 11:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011-06-10 08:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-06-02 10:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011-06-02 10:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-07-14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A 1F 2E 1D A9 32 CD 01 [binary data]
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\..\SearchScopes\{FA8674F3-AF74-4640-B55E-3FBCE4393507}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ägaren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012-05-27 22:26:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-05-15 21:17:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-05-27 22:26:12 | 000,000,000 | ---D | M]

[2012-05-15 21:18:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ägaren\AppData\Roaming\mozilla\Extensions
[2012-05-23 07:03:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ägaren\AppData\Roaming\mozilla\Firefox\Profiles\r3cyqdc7.default\extensions
[2012-05-23 07:03:56 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Ägaren\AppData\Roaming\mozilla\Firefox\Profiles\r3cyqdc7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012-05-20 10:24:39 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Ägaren\AppData\Roaming\mozilla\Firefox\Profiles\r3cyqdc7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012-05-15 21:17:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) -- C:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{BEE6EB20-01E0-EBD1-DA83-080329FB9A3A}
File not found (No name found) -- C:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}
[2012-04-21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012-04-21 04:05:56 | 000,001,470 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
[2012-04-21 04:05:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012-04-21 04:05:56 | 000,002,670 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
[2012-04-21 04:05:56 | 000,000,948 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
[2012-04-21 04:05:57 | 000,001,174 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
[2012-04-21 04:05:57 | 000,000,951 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml

O1 HOSTS File: ([2012-06-03 10:18:40 | 000,442,883 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15214 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3856055600-2435477386-2425398921-1000..\Run: [VPNCheck] File not found
O4 - HKU\S-1-5-21-3856055600-2435477386-2425398921-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3856055600-2435477386-2425398921-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk = File not found
O4 - Startup: C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39377219.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm ()
O8:64bit: - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.5.1.0.cab (SysInfo Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDFEB4F4-C1D5-4A6A-8517-3EA096F8E806}: DhcpNameServer = 80.67.0.2 91.213.246.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFFC1798-E68E-4286-B124-E67DE135FAAE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EFFC1798-E68E-4286-B124-E67DE135FAAE}: NameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012-01-05 21:30:20 | 000,000,039 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-06-03 18:37:31 | 004,535,659 | R--- | C] (Swearware) -- C:\Users\Ägaren\Desktop\your_name.exe
[2012-06-03 18:13:45 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012-06-03 18:07:38 | 004,535,659 | R--- | C] (Swearware) -- C:\Users\Ägaren\Desktop\something.exe
[2012-06-03 18:04:03 | 004,535,659 | R--- | C] (Swearware) -- C:\Users\Ägaren\Desktop\ComboFix.exe
[2012-06-03 17:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2012-06-03 17:50:16 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
[2012-06-03 17:50:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2012-06-03 14:49:31 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2012-06-03 13:03:37 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Need for Speed World
[2012-06-03 12:48:17 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Electronic_Arts_Inc
[2012-06-03 11:45:50 | 004,535,659 | R--- | C] (Swearware) -- C:\Users\Ägaren\Desktop\Combo--Fix.exe
[2012-06-03 10:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012-06-03 10:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012-06-03 10:12:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012-06-03 01:04:22 | 004,534,467 | R--- | C] (Swearware) -- C:\Users\Ägaren\Desktop\Combo-Fix.exe
[2012-06-02 22:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012-06-02 22:17:13 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\39377219.sys
[2012-06-02 19:35:11 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Malwarebytes
[2012-06-02 19:35:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-02 19:35:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-06-02 19:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-06-02 19:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-02 19:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2012-06-02 18:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012-06-02 13:28:58 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Chromium
[2012-06-02 13:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012-06-02 13:10:43 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Rockstar Games
[2012-06-02 13:10:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
[2012-06-01 14:28:51 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\European Bus Simulator 2012
[2012-06-01 14:28:51 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\European Bus Simulator 2012
[2012-06-01 14:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\European Bus Simulator 2012
[2012-05-30 22:10:58 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rigs of Rods 0.38.67
[2012-05-30 22:10:48 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Rigs of Rods 0.38
[2012-05-29 16:31:37 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Roaming
[2012-05-29 16:31:37 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Quest3D
[2012-05-29 16:31:36 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\ShipSimExtremes Userdata
[2012-05-29 16:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
[2012-05-29 14:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
[2012-05-29 13:59:03 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Motorm4x
[2012-05-29 13:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2012-05-28 17:56:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2012-05-28 17:56:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012-05-28 17:53:29 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\ESET
[2012-05-28 17:51:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
[2012-05-28 17:51:21 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2012-05-27 22:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\UlisesSoft
[2012-05-27 22:29:12 | 000,000,000 | ---D | C] -- C:\CRACK
[2012-05-27 22:25:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012-05-27 22:25:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-05-27 22:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-05-27 21:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2012-05-27 21:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\SystemRequirementsLab
[2012-05-26 21:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2012-05-26 21:09:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2012-05-26 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2012-05-26 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\My Games
[2012-05-26 18:39:24 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\FLT
[2012-05-26 18:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2012-05-26 18:35:51 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-05-26 18:35:51 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-05-26 18:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012-05-26 18:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiRT Showdown
[2012-05-26 17:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2012-05-26 17:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2012-05-26 15:40:14 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGA
[2012-05-26 15:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGA
[2012-05-26 15:34:53 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
[2012-05-25 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\FlashGet
[2012-05-25 20:17:02 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet
[2012-05-25 20:17:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet
[2012-05-25 17:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGA
[2012-05-24 16:59:54 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KISS
[2012-05-24 16:58:24 | 000,000,000 | ---D | C] -- C:\KISS
[2012-05-24 16:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
[2012-05-24 16:20:52 | 000,023,816 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2012-05-24 16:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-05-24 16:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012-05-24 13:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2012-05-24 13:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2012-05-24 09:51:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012-05-23 13:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-05-23 13:58:41 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-05-23 13:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012-05-23 13:57:22 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\DAEMON Tools Lite
[2012-05-23 13:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-05-22 21:19:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-05-22 21:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012-05-22 21:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012-05-22 21:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-05-22 17:14:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeoDownloader1
[2012-05-22 17:14:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoDownloader
[2012-05-22 17:04:30 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\NeoDownloader
[2012-05-22 17:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeoDownloader
[2012-05-21 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012-05-21 21:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012-05-21 21:27:09 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012-05-21 21:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012-05-21 21:27:08 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Notepad++
[2012-05-21 21:27:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2012-05-20 16:41:51 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\OpenOffice.org
[2012-05-20 16:41:31 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
[2012-05-20 16:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012-05-20 16:38:15 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Desktop\OpenOffice.org 3.4 (en-US) Installation Files
[2012-05-20 11:55:59 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\NVIDIA
[2012-05-20 11:53:16 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\PunkBuster
[2012-05-20 11:53:10 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Battlefield 3
[2012-05-20 11:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2012-05-20 11:50:16 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2012-05-20 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\.minecraft
[2012-05-19 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Unity
[2012-05-19 14:26:07 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Unity
[2012-05-18 23:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
[2012-05-18 21:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2012-05-18 21:55:36 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Origin
[2012-05-18 21:55:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012-05-18 21:54:35 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Origin
[2012-05-18 21:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012-05-18 21:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012-05-18 21:54:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012-05-17 23:36:19 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Diablo III
[2012-05-17 23:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012-05-17 23:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-05-17 23:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-05-17 21:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2012-05-17 13:23:32 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Hitman Blood Money
[2012-05-17 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012-05-16 17:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012-05-16 17:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2012-05-16 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\QuickScan
[2012-05-16 17:16:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012-05-16 17:14:28 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\WinRAR
[2012-05-16 17:12:16 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-05-16 17:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012-05-16 15:10:20 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\vlc
[2012-05-16 13:16:10 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\BitTorrent
[2012-05-16 13:06:06 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\Documents\Multisoft
[2012-05-15 23:27:23 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Media Player Classic
[2012-05-15 22:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012-05-15 22:52:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012-05-15 22:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-05-15 22:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012-05-15 22:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema x64
[2012-05-15 22:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2012-05-15 22:17:19 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Google
[2012-05-15 22:08:36 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Guavi
[2012-05-15 22:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNCheck
[2012-05-15 22:08:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VPNCheck
[2012-05-15 22:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
[2012-05-15 22:00:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN
[2012-05-15 21:18:24 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Mozilla
[2012-05-15 21:18:24 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Mozilla
[2012-05-15 21:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-05-15 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-05-15 21:17:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012-05-15 20:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-05-15 20:46:36 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-05-15 20:46:36 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-05-15 20:44:56 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-05-15 20:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012-05-15 20:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012-05-15 20:13:32 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\TeraCopy
[2012-05-15 20:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2012-05-15 16:56:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012-05-15 16:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012-05-15 16:55:16 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Adobe
[2012-05-15 16:54:17 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Macromedia
[2012-05-15 16:54:17 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Adobe
[2012-05-15 16:54:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012-05-15 16:54:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012-05-15 16:49:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012-05-15 16:44:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012-05-15 16:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012-05-15 16:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012-05-15 16:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012-05-15 15:46:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012-05-15 15:46:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012-05-15 15:43:00 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012-05-15 15:42:47 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012-05-15 15:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012-05-15 15:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012-05-15 14:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-05-15 14:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012-05-15 14:31:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012-05-15 13:41:11 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-05-15 13:15:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012-05-15 13:14:04 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012-05-15 13:12:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012-05-15 13:12:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012-05-15 13:12:14 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012-05-15 13:12:14 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012-05-15 13:12:14 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012-05-15 13:12:14 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012-05-15 13:12:14 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012-05-15 13:12:14 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012-05-15 13:12:14 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012-05-15 13:12:14 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012-05-15 13:12:14 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012-05-15 13:12:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012-05-15 13:12:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012-05-15 13:12:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012-05-15 13:12:11 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012-05-15 13:12:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012-05-15 13:12:11 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012-05-15 13:12:09 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012-05-15 13:12:09 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012-05-15 13:12:09 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012-05-15 13:12:09 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012-05-15 13:12:09 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012-05-15 13:12:09 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012-05-15 13:12:09 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012-05-15 13:12:08 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012-05-15 13:12:08 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012-05-15 13:12:08 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012-05-15 13:12:08 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012-05-15 13:12:06 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012-05-15 13:12:05 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012-05-15 13:12:05 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012-05-15 13:12:05 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012-05-15 13:12:05 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012-05-15 13:12:05 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012-05-15 13:12:05 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012-05-15 13:12:05 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012-05-15 13:12:05 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012-05-15 13:12:05 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012-05-15 13:12:04 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012-05-15 13:12:04 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012-05-15 13:12:04 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012-05-15 13:12:03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012-05-15 13:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012-05-15 13:12:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012-05-15 13:11:52 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012-05-15 13:11:11 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012-05-15 13:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012-05-15 13:10:58 | 000,000,000 | ---D | C] -- C:\Intel
[2012-05-15 13:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2012-05-15 13:08:48 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-05-15 12:57:46 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-05-15 12:57:46 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Searches
[2012-05-15 12:57:46 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-05-15 12:57:37 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Identities
[2012-05-15 12:57:33 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Contacts
[2012-05-15 12:57:25 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\VirtualStore
[2012-05-15 12:57:12 | 000,000,000 | --SD | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Videos
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Saved Games
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Pictures
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Music
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Links
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Favorites
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Downloads
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Documents
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\Desktop
[2012-05-15 12:57:12 | 000,000,000 | R--D | C] -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\AppData\Local\Tidigare
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\AppData\Local\Temporary Internet Files
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Start-meny
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Skrivare
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\SendTo
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Recent
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Programdata
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\AppData\Local\Programdata
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Nätverket
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Documents\Mina videoklipp
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Mina dokument
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Documents\Mina bilder
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Documents\Min musik
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Mallar
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Lokala inställningar
[2012-05-15 12:57:12 | 000,000,000 | -HSD | C] -- C:\Users\Ägaren\Cookies
[2012-05-15 12:57:12 | 000,000,000 | -H-D | C] -- C:\Users\Ägaren\AppData
[2012-05-15 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Temp
[2012-05-15 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Local\Microsoft
[2012-05-15 12:57:12 | 000,000,000 | ---D | C] -- C:\Users\Ägaren\AppData\Roaming\Media Center Programs
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start-meny
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Skrivbord
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Programdata
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mina videoklipp
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mina bilder
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Min musik
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Mallar
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriter
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokument
[2012-05-15 12:57:04 | 000,000,000 | -HSD | C] -- C:\Program Files\Delade filer
[2012-05-15 12:57:01 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-05-15 12:42:22 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012-05-15 12:42:04 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012-05-13 19:40:06 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-06-03 19:36:13 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-03 19:36:13 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-03 19:35:41 | 001,466,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-03 19:35:41 | 000,625,534 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012-06-03 19:35:41 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-03 19:35:41 | 000,123,688 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012-06-03 19:35:41 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-03 19:28:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-06-03 19:28:35 | 2132,725,759 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-03 19:23:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-03 18:37:45 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\your_name.exe
[2012-06-03 18:12:19 | 001,012,656 | ---- | M] () -- C:\Users\Ägaren\Desktop\rkill.scr
[2012-06-03 18:08:58 | 001,012,656 | ---- | M] () -- C:\Users\Ägaren\Desktop\rkill.exe
[2012-06-03 18:08:19 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\something.exe
[2012-06-03 18:04:53 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\ComboFix.exe
[2012-06-03 17:50:16 | 000,003,211 | ---- | M] () -- C:\Users\Ägaren\Desktop\Sophos Virus Removal Tool.lnk
[2012-06-03 16:20:55 | 000,000,512 | ---- | M] () -- C:\Users\Ägaren\Documents\MBR.dat
[2012-06-03 12:47:49 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012-06-03 11:45:55 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\Combo--Fix.exe
[2012-06-03 10:18:40 | 000,442,883 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-06-03 10:15:15 | 000,001,292 | ---- | M] () -- C:\Users\Ägaren\Desktop\Spybot - Search & Destroy.lnk
[2012-06-03 01:04:26 | 004,534,467 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\Combo-Fix.exe
[2012-06-03 01:00:09 | 000,001,747 | ---- | M] () -- C:\Users\Ägaren\Documents\Attach.zip
[2012-06-03 00:59:34 | 000,001,712 | ---- | M] () -- C:\Users\Ägaren\Documents\Attach.rar
[2012-06-02 22:28:48 | 000,000,933 | ---- | M] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
[2012-06-02 22:17:52 | 000,000,973 | ---- | M] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39377219.lnk
[2012-06-02 22:17:50 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\39377219.sys
[2012-06-02 19:37:28 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-02 13:10:43 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2012-06-01 14:10:00 | 000,000,986 | ---- | M] () -- C:\Users\Ägaren\Desktop\European Bus Simulator High 2012.lnk
[2012-06-01 14:10:00 | 000,000,986 | ---- | M] () -- C:\Users\Ägaren\Desktop\European Bus Simulator Basic 2012.lnk
[2012-06-01 12:35:43 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-06-01 12:35:43 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-30 21:23:13 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-29 16:11:20 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\Ship Simulator Extremes.lnk
[2012-05-29 14:21:57 | 000,001,208 | ---- | M] () -- C:\Users\Public\Desktop\Off-Road Drive.lnk
[2012-05-29 13:57:20 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\MOTORM4X.lnk
[2012-05-28 17:51:17 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-05-28 17:51:16 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-05-27 22:33:24 | 000,000,999 | ---- | M] () -- C:\Users\Ägaren\Desktop\NodLogin Force.lnk
[2012-05-27 22:33:24 | 000,000,985 | ---- | M] () -- C:\Users\Ägaren\Desktop\NodLogin normal.lnk
[2012-05-27 22:21:29 | 000,184,805 | ---- | M] () -- C:\ProgramData\1338149966.bdinstall.bin
[2012-05-26 22:02:13 | 000,000,250 | ---- | M] () -- C:\Users\Ägaren\Documents\rendersettings.ini
[2012-05-26 20:11:53 | 000,000,207 | ---- | M] () -- C:\Users\Ägaren\Desktop\Dota 2.url
[2012-05-26 18:26:40 | 000,000,798 | ---- | M] () -- C:\Users\Ägaren\Desktop\DiRT Showdown.lnk
[2012-05-26 17:55:38 | 000,001,090 | ---- | M] () -- C:\Users\Ägaren\Desktop\MSI Afterburner.lnk
[2012-05-25 13:25:23 | 000,000,323 | ---- | M] () -- C:\Windows\SysNative\checkdnsid.xml
[2012-05-24 16:20:52 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-05-24 13:42:57 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-05-23 13:59:26 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-05-23 13:58:41 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012-05-21 15:59:27 | 000,293,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-05-20 18:20:27 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-20 16:41:31 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
[2012-05-19 15:56:28 | 000,000,207 | ---- | M] () -- C:\Users\Ägaren\Desktop\Counter-Strike Global Offensive Beta.url
[2012-05-18 23:51:59 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-18 21:54:35 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012-05-17 23:34:19 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012-05-17 10:55:25 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2012-05-16 21:28:55 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-05-16 17:59:23 | 000,000,071 | ---- | M] () -- C:\Users\Ägaren\AppData\Roaming\programs.vc
[2012-05-16 17:19:48 | 000,203,746 | ---- | M] () -- C:\ProgramData\1337181385.bdinstall.bin
[2012-05-16 17:18:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012-05-16 17:12:32 | 000,000,473 | ---- | M] () -- C:\Users\Ägaren\Documents\rarreg.key
[2012-05-16 13:16:40 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012-05-15 22:52:47 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-05-15 22:52:47 | 000,000,027 | ---- | M] () -- C:\Program Files\plugins.dat
[2012-05-15 22:47:51 | 000,002,012 | ---- | M] () -- C:\Users\Ägaren\Desktop\Media Player Classic - Home Cinema x64.lnk
[2012-05-15 22:08:21 | 000,001,011 | ---- | M] () -- C:\Users\Ägaren\Desktop\VPNCheck.lnk
[2012-05-15 22:02:05 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk
[2012-05-15 21:17:58 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-05-15 14:55:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-05-15 14:55:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012-05-15 13:14:58 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012-05-15 13:11:52 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012-05-15 13:09:52 | 000,028,660 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012-05-15 12:57:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-05-15 12:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012-05-15 12:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012-05-15 12:48:00 | 000,014,324 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012-05-15 12:45:18 | 000,050,658 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012-05-15 12:45:18 | 000,050,658 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012-05-15 11:29:45 | 002,621,723 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-05-15 02:21:50 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-05-12 23:56:36 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\Launch Hitman Blood Money.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-03 18:12:13 | 001,012,656 | ---- | C] () -- C:\Users\Ägaren\Desktop\rkill.scr
[2012-06-03 18:08:52 | 001,012,656 | ---- | C] () -- C:\Users\Ägaren\Desktop\rkill.exe
[2012-06-03 17:50:16 | 000,003,211 | ---- | C] () -- C:\Users\Ägaren\Desktop\Sophos Virus Removal Tool.lnk
[2012-06-03 16:20:55 | 000,000,512 | ---- | C] () -- C:\Users\Ägaren\Documents\MBR.dat
[2012-06-03 12:47:49 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2012-06-03 10:12:35 | 000,001,292 | ---- | C] () -- C:\Users\Ägaren\Desktop\Spybot - Search & Destroy.lnk
[2012-06-03 01:00:09 | 000,001,747 | ---- | C] () -- C:\Users\Ägaren\Documents\Attach.zip
[2012-06-03 00:59:34 | 000,001,712 | ---- | C] () -- C:\Users\Ägaren\Documents\Attach.rar
[2012-06-02 22:28:48 | 000,000,933 | ---- | C] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
[2012-06-02 22:17:52 | 000,000,973 | ---- | C] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39377219.lnk
[2012-06-02 19:35:06 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-02 13:10:43 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 3.lnk
[2012-06-01 14:10:00 | 000,000,986 | ---- | C] () -- C:\Users\Ägaren\Desktop\European Bus Simulator High 2012.lnk
[2012-06-01 14:10:00 | 000,000,986 | ---- | C] () -- C:\Users\Ägaren\Desktop\European Bus Simulator Basic 2012.lnk
[2012-05-29 16:11:20 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\Ship Simulator Extremes.lnk
[2012-05-29 14:21:57 | 000,001,208 | ---- | C] () -- C:\Users\Public\Desktop\Off-Road Drive.lnk
[2012-05-29 13:57:20 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\MOTORM4X.lnk
[2012-05-27 22:33:24 | 000,000,999 | ---- | C] () -- C:\Users\Ägaren\Desktop\NodLogin Force.lnk
[2012-05-27 22:33:24 | 000,000,985 | ---- | C] () -- C:\Users\Ägaren\Desktop\NodLogin normal.lnk
[2012-05-27 22:21:29 | 000,184,805 | ---- | C] () -- C:\ProgramData\1338149966.bdinstall.bin
[2012-05-26 22:02:09 | 000,000,250 | ---- | C] () -- C:\Users\Ägaren\Documents\rendersettings.ini
[2012-05-26 20:11:53 | 000,000,207 | ---- | C] () -- C:\Users\Ägaren\Desktop\Dota 2.url
[2012-05-26 18:26:39 | 000,000,798 | ---- | C] () -- C:\Users\Ägaren\Desktop\DiRT Showdown.lnk
[2012-05-26 17:55:38 | 000,001,090 | ---- | C] () -- C:\Users\Ägaren\Desktop\MSI Afterburner.lnk
[2012-05-24 16:20:52 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012-05-24 13:42:57 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2012-05-23 13:59:26 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012-05-21 16:15:04 | 000,000,323 | ---- | C] () -- C:\Windows\SysNative\checkdnsid.xml
[2012-05-20 16:41:31 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
[2012-05-20 11:53:20 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-05-19 15:56:28 | 000,000,207 | ---- | C] () -- C:\Users\Ägaren\Desktop\Counter-Strike Global Offensive Beta.url
[2012-05-18 23:51:29 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-05-18 23:51:29 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-05-18 23:51:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012-05-17 23:22:01 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012-05-17 10:55:25 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2012-05-16 21:28:55 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012-05-16 17:19:48 | 000,203,746 | ---- | C] () -- C:\ProgramData\1337181385.bdinstall.bin
[2012-05-16 17:18:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2012-05-16 17:12:32 | 000,000,473 | ---- | C] () -- C:\Users\Ägaren\Documents\rarreg.key
[2012-05-15 22:52:47 | 000,000,027 | ---- | C] () -- C:\Program Files\plugins.dat
[2012-05-15 22:50:19 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-05-15 22:47:51 | 000,002,012 | ---- | C] () -- C:\Users\Ägaren\Desktop\Media Player Classic - Home Cinema x64.lnk
[2012-05-15 22:08:35 | 000,000,071 | ---- | C] () -- C:\Users\Ägaren\AppData\Roaming\programs.vc
[2012-05-15 22:08:21 | 000,001,011 | ---- | C] () -- C:\Users\Ägaren\Desktop\VPNCheck.lnk
[2012-05-15 21:17:58 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-05-15 21:17:58 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-05-15 21:03:05 | 000,000,032 | ---- | C] () -- C:\Program Files\plugins-04041e-1f8.dat
[2012-05-15 21:00:54 | 000,002,617 | ---- | C] () -- C:\Users\Public\Desktop\Brave Arms.lnk
[2012-05-15 21:00:54 | 000,002,383 | ---- | C] () -- C:\Users\Public\Desktop\HDDlife Pro.lnk
[2012-05-15 21:00:54 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012-05-15 21:00:54 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Evolve.lnk
[2012-05-15 21:00:54 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Eraser.lnk
[2012-05-15 21:00:54 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 3.lnk
[2012-05-15 21:00:54 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\OpenVPN GUI.lnk
[2012-05-15 21:00:54 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012-05-15 21:00:54 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Project CARS -DX11.lnk
[2012-05-15 21:00:54 | 000,001,061 | ---- | C] () -- C:\Users\Public\Desktop\ACR Launcher.lnk
[2012-05-15 21:00:54 | 000,001,056 | ---- | C] () -- C:\Users\Public\Desktop\Project CARS.lnk
[2012-05-15 21:00:54 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\3D Èíñòðóêòîð 2.2. Äîìàøíÿÿ âåðñèÿ.lnk
[2012-05-15 21:00:54 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Sniper Elite V2.lnk
[2012-05-15 21:00:54 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2012-05-15 21:00:54 | 000,000,984 | ---- | C] () -- C:\Users\Public\Desktop\City Car Driving.lnk
[2012-05-15 21:00:54 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012-05-15 21:00:54 | 000,000,982 | ---- | C] () -- C:\Users\Public\Desktop\GetNZB.lnk
[2012-05-15 21:00:54 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2012-05-15 21:00:54 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012-05-15 21:00:54 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Ridge Racer Unbounded.lnk
[2012-05-15 21:00:54 | 000,000,878 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2012-05-15 21:00:54 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Alan Wake.lnk
[2012-05-15 21:00:54 | 000,000,842 | ---- | C] () -- C:\Users\Public\Desktop\Uninstall ACR.lnk
[2012-05-15 21:00:54 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-05-15 21:00:54 | 000,000,755 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2012-05-15 21:00:54 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\Launch Hitman Blood Money.lnk
[2012-05-15 21:00:54 | 000,000,651 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012-05-15 21:00:54 | 000,000,601 | ---- | C] () -- C:\Users\Public\Desktop\Addon characters MOD.lnk
[2012-05-15 20:48:27 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012-05-15 20:21:04 | 000,001,024 | ---- | C] () -- C:\.rnd
[2012-05-15 16:54:13 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-05-15 15:43:44 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012-05-15 15:43:35 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012-05-15 15:42:39 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012-05-15 15:42:34 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012-05-15 15:42:34 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012-05-15 15:42:30 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012-05-15 15:42:30 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012-05-15 14:55:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012-05-15 14:55:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012-05-15 13:14:04 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012-05-15 13:09:43 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012-05-15 13:09:38 | 000,028,660 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012-05-15 12:57:50 | 000,001,417 | ---- | C] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012-05-15 12:57:47 | 000,001,451 | ---- | C] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-05-15 12:57:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012-05-15 12:45:09 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012-05-15 12:45:09 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012-05-15 12:42:04 | 2132,725,759 | -HS- | C] () -- C:\hiberfil.sys
[2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-09-19 15:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2010-09-29 12:21:43 | 000,441,344 | ---- | C] ( ) -- C:\Windows\SetACL.exe

========== LOP Check ==========

[2012-02-20 00:54:54 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\3G Studios
[2012-05-15 20:24:17 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\BitTorrent
[2012-05-15 20:24:19 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\DAEMON Tools Lite
[2012-01-21 17:35:16 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\JAM Software
[2012-05-15 20:24:29 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\NeoDownloader
[2012-05-15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\Notepad++
[2012-01-21 18:10:46 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\OfficeRecovery
[2012-05-15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\OfficeRecovery.23629373
[2012-05-15 20:24:30 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\Origin
[2012-05-15 20:24:13 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\RotMG.Production
[2012-05-15 20:24:54 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\Simraceway
[2012-05-15 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\TeraCopy
[2012-02-11 21:45:08 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\thriXXX
[2012-05-15 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\TrueCrypt
[2012-05-15 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\Tunngle
[2012-02-09 16:13:02 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\Unity
[2012-05-15 20:24:55 | 000,000,000 | ---D | M] -- C:\Users\Chrilles\AppData\Roaming\’O‰ºŒ“¬‹äŠy•”
[2012-05-20 11:56:00 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\.minecraft
[2012-06-03 19:05:46 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\BitTorrent
[2012-06-02 23:33:05 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\DAEMON Tools Lite
[2012-05-25 20:17:32 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\FlashGet
[2012-06-03 13:03:37 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Need for Speed World
[2012-05-22 17:14:08 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\NeoDownloader
[2012-05-21 21:27:14 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Notepad++
[2012-05-20 16:41:51 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\OpenOffice.org
[2012-05-18 21:55:38 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Origin
[2012-05-29 16:31:37 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Quest3D
[2012-05-16 17:16:38 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\QuickScan
[2012-05-29 16:31:37 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Roaming
[2012-05-15 20:18:31 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\TeraCopy
[2012-05-19 18:30:32 | 000,000,000 | ---D | M] -- C:\Users\Ägaren\AppData\Roaming\Unity
[2012-06-03 19:24:03 | 000,012,926 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2012-03-06 19:41:46 | 000,001,024 | ---- | M] () -- C:\.rnd
[2012-05-27 22:19:40 | 000,007,042 | ---- | M] () -- C:\bdlog.txt
[2008-04-11 10:07:18 | 000,003,820 | ---- | M] () -- C:\eula.1028.txt
[2008-04-11 10:07:18 | 000,015,428 | ---- | M] () -- C:\eula.1031.txt
[2008-04-11 10:07:18 | 000,010,058 | ---- | M] () -- C:\eula.1033.txt
[2008-04-11 10:07:18 | 000,012,246 | ---- | M] () -- C:\eula.1036.txt
[2008-04-11 10:07:18 | 000,013,912 | ---- | M] () -- C:\eula.1040.txt
[2008-04-11 10:07:18 | 000,005,868 | ---- | M] () -- C:\eula.1041.txt
[2008-04-11 10:07:18 | 000,005,970 | ---- | M] () -- C:\eula.1042.txt
[2008-04-11 10:07:18 | 000,010,134 | ---- | M] () -- C:\eula.1049.txt
[2008-04-11 10:07:18 | 000,003,814 | ---- | M] () -- C:\eula.2052.txt
[2008-04-11 10:07:18 | 000,012,936 | ---- | M] () -- C:\eula.3082.txt
[2008-04-11 10:07:18 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012-06-03 19:28:35 | 2132,725,759 | -HS- | M] () -- C:\hiberfil.sys
[2008-04-11 08:03:48 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2008-04-11 10:07:18 | 000,000,843 | ---- | M] () -- C:\install.ini
[2008-04-11 08:03:48 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2008-04-11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2008-04-11 08:03:48 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2008-04-11 08:03:48 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2008-04-11 08:03:48 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2008-04-11 08:03:48 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2008-04-11 08:03:48 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2008-04-11 10:09:24 | 000,093,200 | ---- | M] (Microsoft Corporation) -- C:\install.res.1049.dll
[2008-04-11 08:03:48 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2008-04-11 08:03:48 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2012-06-03 19:28:36 | 4275,290,111 | -HS- | M] () -- C:\pagefile.sys
[2012-06-03 18:39:07 | 000,000,392 | ---- | M] () -- C:\rkill.log
[2012-04-16 20:57:09 | 000,053,650 | ---- | M] () -- C:\Simraceway.log
[2012-03-21 18:23:43 | 000,081,300 | ---- | M] () -- C:\TDSSKiller.2.7.21.0_21.03.2012_17.21.00_log.txt
[2012-06-02 22:48:58 | 000,120,102 | ---- | M] () -- C:\TDSSKiller.2.7.36.0_02.06.2012_22.48.30_log.txt
[2012-06-03 19:03:15 | 000,121,622 | ---- | M] () -- C:\TDSSKiller.2.7.36.0_03.06.2012_18.58.54_log.txt
[2008-04-11 10:07:18 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2008-04-11 10:09:38 | 003,797,292 | ---- | M] () -- C:\VC_RED.cab
[2008-04-11 10:11:40 | 000,233,472 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\Fonts\*.com >
[2009-07-14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009-07-14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009-07-14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009-07-14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009-06-10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009-07-14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2012-05-15 15:28:15 | 000,000,221 | -HS- | M] () -- C:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012-06-03 11:45:55 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\Combo--Fix.exe
[2012-06-03 01:04:26 | 004,534,467 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\Combo-Fix.exe
[2012-06-03 18:04:53 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\ComboFix.exe
[2012-06-03 18:08:58 | 001,012,656 | ---- | M] () -- C:\Users\Ägaren\Desktop\rkill.exe
[2012-06-03 18:08:19 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\something.exe
[2012-06-03 18:37:45 | 004,535,659 | R--- | M] (Swearware) -- C:\Users\Ägaren\Desktop\your_name.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012-06-03 19:23:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-06-03 19:28:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-06-03 19:24:03 | 000,012,926 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >
[2003-06-13 17:23:00 | 000,004,304 | ---- | M] () -- C:\Windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009-06-10 23:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2012-05-15 16:04:41 | 000,000,402 | -HS- | M] () -- C:\Users\Ägaren\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012-05-16 17:19:48 | 000,203,746 | ---- | M] () -- C:\ProgramData\1337181385.bdinstall.bin
[2012-05-27 22:21:29 | 000,184,805 | ---- | M] () -- C:\ProgramData\1338149966.bdinstall.bin

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >
No captured output from command...

< dir /b "%systemroot%\*.exe" | find /I " " /c >
No captured output from command...

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >
[2003-06-13 17:23:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AppLoc.exe
[1 C:\Windows\AppPatch\*.tmp files -> C:\Windows\AppPatch\*.tmp -> ]

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >

< End of report >

OTL Extras logfile created on: 2012-06-03 19:51:00 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Users\Ägaren\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

7,98 Gb Total Physical Memory | 6,17 Gb Available Physical Memory | 77,27% Memory free
15,96 Gb Paging File | 14,18 Gb Available in Paging File | 88,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 478,05 Gb Total Space | 346,55 Gb Free Space | 72,49% Space Free | Partition Type: NTFS
Drive E: | 2,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive X: | 453,36 Gb Total Space | 60,05 Gb Free Space | 13,25% Space Free | Partition Type: NTFS

Computer Name: ÄGAREN-DATOR | User Name: Ägaren | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\SysWow64\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{15AD6738-23E8-4AE6-93E9-434E717EECB2}" = System Requirements Lab CYRI (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema 1.6.1.4235 x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8646190D-4E70-471A-8956-C8BEB67B22CF}" = ESET NOD32 Antivirus
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{96CC6DCC-8EBA-3F85-899B-933F599C4142}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision drivrutin 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIAs kontrollpanel 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikdrivrutin 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision drivrutin för styrenhet 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systemprogramvara 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA-uppdatering 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD audiodrivrutin 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.60.1
"European Bus Simulator 2012_is1" = European Bus Simulator 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE
"Speccy" = Speccy
"TeraCopy_is1" = TeraCopy 2.27
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8CFA1D01-AECD-4913-9FB8-1E8A82F47824}_is1" = DNS Leak Fix for OpenVPN version 1.2
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1053-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Svenska
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1" = NeoDownloader 2.9.1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Afterburner" = MSI Afterburner 2.2.1
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"DiRT Showdown_is1" = DiRT Showdown
"ESN Sonar-0.70.4" = ESN Sonar
"FlashGet" = FlashGet 1.9.6.1073
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"MOTORM4X" = MOTORM4X
"Mozilla Firefox 12.0 (x86 sv-SE)" = Mozilla Firefox 12.0 (x86 sv-SE)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Off-Road Drive_is1" = Off-Road Drive
"OpenAL" = OpenAL
"OpenVPN" = OpenVPN 2.2.1
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Rigs of Rods 0.38.67" = Rigs of Rods 0.38.67
"Rockstar Games Social Club" = Rockstar Games Social Club
"Ship Simulator Extremes_is1" = Ship Simulator Extremes
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive Beta
"VLC media player" = VLC media player 2.0.1
"VPNCheck_is1" = VPNCheck 1.5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3856055600-2435477386-2425398921-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2012-06-02 17:55:08 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 9000
Description =

Error - 2012-06-02 17:55:08 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 7040
Description =

Error - 2012-06-02 17:55:08 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 9002
Description =

Error - 2012-06-02 17:55:08 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-06-02 17:55:13 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-06-02 17:55:13 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 3028
Description =

Error - 2012-06-02 17:55:13 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 3058
Description =

Error - 2012-06-02 17:55:13 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 7010
Description =

Error - 2012-06-02 17:55:13 | Computer Name = Ägaren-Dator | Source = Windows Search Service | ID = 7042
Description =

Error - 2012-06-03 11:47:03 | Computer Name = Ägaren-Dator | Source = Application Error | ID = 1000
Description = Felet uppstod I programmet med namn: fsbl.exe, version 2.2.1092.0,
tidsstämpel 0x48a543e2 , felet uppstod I modulen med namn: unknown, version 0.0.0.0,
tidsstämpel 0x00000000 Undantagskod: 0xc0000005 Felförskjutning: 0x000d0000 Process-ID:
0xc34 Programmets starttid: 0x01cd41a019df5cd4 Sökväg till program: C:\Users\Ägaren\Downloads\fsbl.exe
Sökväg
till modul: unknown Rapport-ID: 5c9baa06-ad93-11e1-a136-14dae9ebf681

[ System Events ]
Error - 2012-06-03 13:28:47 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7003
Description = Tjänsten epfwwfpr är beroende av följande tjänst: BFE. Tjänsten är
kanske inte installerad.

Error - 2012-06-03 13:28:47 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7003
Description = Tjänsten IKE and AuthIP IPsec Keying Modules är beroende av följande
tjänst: BFE. Tjänsten är kanske inte installerad.

Error - 2012-06-03 13:28:48 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7003
Description = Tjänsten IPsec Policy Agent är beroende av följande tjänst: BFE. Tjänsten
är kanske inte installerad.

Error - 2012-06-03 13:28:48 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7023
Description = Tjänsten Windows Defender avbröts med följande fel: %%126

Error - 2012-06-03 13:28:49 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7023
Description = Tjänsten Computer Browser avbröts med följande fel: %%1060

Error - 2012-06-03 13:29:06 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7034
Description = Tjänsten PEVSystemStart avslutades oväntat. Detta har skett 1 gånger.

Error - 2012-06-03 13:29:06 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7026
Description = Följande start- eller systemstartdrivrutin(er) avbröts på grund av
fel under start: 1052426drv

Error - 2012-06-03 13:29:06 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7003
Description = Tjänsten epfwwfpr är beroende av följande tjänst: BFE. Tjänsten är
kanske inte installerad.

Error - 2012-06-03 13:29:34 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7023
Description = Tjänsten Function Discovery Resource Publication avbröts med följande
fel: %%-2147024891

Error - 2012-06-03 13:29:34 | Computer Name = Ägaren-Dator | Source = Service Control Manager | ID = 7001
Description = Tjänsten HomeGroup Provider är beroende av tjänsten Function Discovery
Resource Publication. Den sistnämnda kunde inte starta på grund av följande fel:
%%-2147024891


< End of report >

All processes killed
========== OTL ==========
Service PEVSystemStart stopped successfully!
Service PEVSystemStart deleted successfully!
C:\32788R22FWJFW\pev.3XE moved successfully.
Registry value HKEY_USERS\S-1-5-21-3856055600-2435477386-2425398921-1000\Software\Microsoft\Windows\CurrentVersion\Run\\VPNCheck deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3856055600-2435477386-2425398921-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk moved successfully.
C:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_39377219.lnk moved successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Chrilles\AppData\Roaming\’O‰ºŒ“¬‹äŠy•”\LuckyCosplay folder moved successfully.
C:\Users\Chrilles\AppData\Roaming\’O‰ºŒ“¬‹äŠy•” folder moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
File\Folder C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\80000064.@ not found.
C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\80000032.@ moved successfully.
File\Folder C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\80000000.@ not found.
File\Folder C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\L\00000008.@ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Chrilles
->Temp folder emptied: 3483332550 bytes
->Temporary Internet Files folder emptied: 4588117 bytes
->Java cache emptied: 3436302 bytes
->FireFox cache emptied: 515137509 bytes
->Google Chrome cache emptied: 105184914 bytes
->Flash cache emptied: 8575 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Ägaren
->Temp folder emptied: 1502405900 bytes
->Temporary Internet Files folder emptied: 59385828 bytes
->Java cache emptied: 981797 bytes
->FireFox cache emptied: 250942878 bytes
->Flash cache emptied: 60338 bytes

User: �garen

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1618992 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5140 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50416 bytes
RecycleBin emptied: 48862408 bytes

Total Files Cleaned = 5 699,00 mb


[EMPTYJAVA]

User: All Users

User: Chrilles
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

User: Ägaren
->Java cache emptied: 0 bytes

User: �garen

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: Chrilles
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

User: Ägaren
->Flash cache emptied: 0 bytes

User: �garen

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.46.0 log created on 06032012_202914

Files\Folders moved on Reboot...
C:\Users\Ägaren\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is disabled!)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Sophos Virus Removal Tool
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
MVPS Hosts File
Spybot - Search & Destroy
JavaFX 2.1.0
Java(TM) 7 Update 4
Out of date Java installed!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox (x86 sv-SE..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

Farbar Service Scanner Version: 27-05-2012
Ran by Ägaren (administrator) on 03-06-2012 at 20:34:27
Running from "C:\Users\Ägaren\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

It takes forever to finish, I would estimate it to about 15 minutes left, dont worry.

BTW, should I scan some of logs in my real ESET Nod32 AV aswell, or just from the online scanner?

C:\Users\Chrilles\Downloads\nbg12.rar a variant of Win32/Packed.ZipCoin.A application deleted - quarantined
C:\Users\Chrilles\Downloads\shift2u.rar a variant of Win32/Packed.NoobyProtect.C application deleted - quarantined
C:\Users\Chrilles\Downloads\Unlocker1.9.1-x64.exe a variant of Win32/Toolbar.Babylon application deleted - quarantined
C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U\80000032.@ probably a variant of Win32/Sirefef.EU trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\06032012_202914\C_Windows\assembly\GAC_32\Desktop.ini Win32/Sirefef.EZ trojan deleted - quarantined
C:\_OTL\MovedFiles\06032012_202914\C_Windows\assembly\GAC_64\Desktop.ini Win64/Sirefef.AD trojan deleted - quarantined

Farbar Service Scanner Version: 27-05-2012
Ran by Ägaren (administrator) on 04-06-2012 at 00:08:42
Running from "C:\Users\Ägaren\Desktop"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Is it really clean, cause Nod32 keeps blocking some Agent.ba and Sirefef located in C:\Windows\Installer\random numbers and letters. Says its in quarantine but I have 420+ Sirefef.AE trojans blocked from that location, 2 new blocks each minute.