OTL logfile created on: 4/13/2013 10:21:56 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gurminder\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: India | Language: ENN | Date Format: dd-MM-yyyy 1.75 Gb Total Physical Memory | 0.95 Gb Available Physical Memory | 54.18% Memory free 3.50 Gb Paging File | 2.50 Gb Available in Paging File | 71.42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 38.96 Gb Total Space | 16.50 Gb Free Space | 42.35% Space Free | Partition Type: NTFS Drive D: | 96.68 Gb Total Space | 8.65 Gb Free Space | 8.95% Space Free | Partition Type: NTFS Drive E: | 97.14 Gb Total Space | 34.09 Gb Free Space | 35.09% Space Free | Partition Type: NTFS Drive F: | 3.48 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: GURMINDER-PC | User Name: gurminder | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/13 10:21:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gurminder\Downloads\OTL.exe PRC - [2013/03/21 07:22:22 | 000,491,008 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2013/03/21 07:21:44 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2013/03/20 22:33:06 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe PRC - [2013/03/07 20:00:42 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/09/28 13:57:56 | 000,164,848 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\ONLINENT.EXE PRC - [2012/08/14 12:14:48 | 000,306,656 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe PRC - [2012/08/08 13:32:42 | 000,243,320 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE PRC - [2012/07/27 13:22:18 | 000,206,320 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE PRC - [2012/07/27 13:21:32 | 000,025,584 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\OPSSVC.EXE PRC - [2012/07/27 13:20:48 | 000,091,120 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\QUHLPSVC.EXE PRC - [2012/07/27 13:20:16 | 000,029,680 | ---- | M] (Quick Heal Technologies (P) Ltd.) -- C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE PRC - [2009/07/14 06:44:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/07/14 06:44:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/03/30 12:37:43 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\bf56bd4e9996950950b4685dac7f2156\WindowsFormsIntegration.ni.dll MOD - [2013/03/30 12:35:57 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\b56a80a51f412ce3832eddecb9bf1580\UIAutomationProvider.ni.dll MOD - [2013/03/30 12:35:56 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\3f1613bcf5b9cf536359bfff7bd18a5a\System.ServiceProcess.ni.dll MOD - [2013/03/30 12:35:53 | 011,912,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\82087f17d3b3f9c493e7261d608a6af4\System.Web.ni.dll MOD - [2013/03/30 12:35:48 | 000,767,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\9a7bb1e3cbae28550d7e796e9162dc58\System.Runtime.Remoting.ni.dll MOD - [2013/03/30 12:35:25 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d85a3d6ed5bb77f5603e098cccf60bfa\System.Xaml.ni.dll MOD - [2013/03/29 15:55:26 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f3cdd09fc0acc85c7febbd2e2ef9c4e5\System.Windows.Forms.ni.dll MOD - [2013/03/29 15:55:23 | 017,629,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8357ade60159c25ee88db0aab8686e6d\PresentationFramework.ni.dll MOD - [2013/03/29 15:55:19 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\2fe09cc54a8390b20e380239db34228f\System.Drawing.ni.dll MOD - [2013/03/29 15:55:18 | 000,450,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b4e58d1a3e0ee75b6b107585c92c68e8\PresentationFramework.Aero.ni.dll MOD - [2013/03/29 15:55:12 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2d7c29ad77c15abfa6a8fe6d24840a91\System.Xml.ni.dll MOD - [2013/03/29 15:55:11 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7a1eeb425f9318f432afead4b2da965a\PresentationCore.ni.dll MOD - [2013/03/29 15:55:09 | 000,973,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac2cd19f2159d48684e17cbdecfaa3b7\System.Configuration.ni.dll MOD - [2013/03/29 15:55:07 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\85693dfd9ba4905b0fd947fdb51446d5\System.Core.ni.dll MOD - [2013/03/29 15:55:04 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\f1f3a74eb37b27b7d05b8ffa941f8473\WindowsBase.ni.dll MOD - [2013/03/29 15:55:02 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\161c6f80ad93b0505054d244f1c6243c\System.ni.dll MOD - [2013/03/29 15:54:57 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\4ff1f12a08d455f195ba996fe77497c6\mscorlib.ni.dll MOD - [2013/03/20 22:33:24 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll MOD - [2013/03/07 20:00:45 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013/03/28 20:09:29 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/03/21 07:21:44 | 000,219,136 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013/03/20 22:33:06 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2013/03/07 20:00:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/08/14 12:14:48 | 000,306,656 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe -- (ScSecSvc) SRV - [2012/08/08 13:32:42 | 000,243,320 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE -- (ScanWscS) SRV - [2012/07/27 13:22:18 | 000,206,320 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Stopped] -- C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE -- (Core Scanning ServerEx) SRV - [2012/07/27 13:22:18 | 000,206,320 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE -- (Core Scanning Server) SRV - [2012/07/27 13:21:32 | 000,025,584 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\OPSSVC.EXE -- (Online Protection System) SRV - [2012/07/27 13:20:48 | 000,091,120 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\QUHLPSVC.EXE -- (Quick Update Service) SRV - [2012/07/27 13:20:16 | 000,029,680 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Auto | Running] -- C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE -- (Core Mail Protection) SRV - [2009/07/14 06:46:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 06:46:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 06:45:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2013/03/21 12:01:40 | 009,951,744 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2013/03/21 06:55:08 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2013/01/17 19:47:56 | 000,050,344 | ---- | M] (Quick Heal Technologies (P) Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\ggc.sys -- (ggc) DRV - [2013/01/15 15:41:20 | 000,080,384 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2012/09/07 19:39:00 | 000,040,416 | ---- | M] (Quick Heal Technologies (P) Ltd.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\catflt.sys -- (catflt) DRV - [2012/08/05 12:17:30 | 000,068,448 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\wstif.sys -- (wstif) DRV - [2012/08/03 13:34:34 | 000,029,424 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\EMLTDI.SYS -- (EMLSS) DRV - [2012/07/27 13:49:18 | 000,033,136 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\mscank.sys -- (mscank) DRV - [2012/07/09 20:29:06 | 000,038,856 | ---- | M] (Quick Heal Technologies (P) Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\wsnf.sys -- (wsnf) DRV - [2012/04/09 10:13:58 | 000,048,256 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.2) DRV - [2009/07/14 06:49:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009/07/14 06:49:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009/07/14 06:49:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009/07/14 04:58:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009/07/14 04:58:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/14 03:32:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD) DRV - [2009/06/11 02:49:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-in IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 DA BD B8 46 2C CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/28 15:09:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/28 15:09:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gurminder\AppData\Roaming\Mozilla\Extensions [2013/04/07 11:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gurminder\AppData\Roaming\Mozilla\Firefox\Profiles\qj150eer.default\extensions [2013/04/12 09:21:10 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\gurminder\AppData\Roaming\Mozilla\Firefox\Profiles\qj150eer.default\extensions\ffxtlbr@delta.com [2013/04/06 15:55:15 | 000,001,294 | ---- | M] () -- C:\Users\gurminder\AppData\Roaming\Mozilla\Firefox\Profiles\qj150eer.default\searchplugins\delta.xml [2013/03/28 15:09:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013/03/07 20:01:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013/04/06 15:54:26 | 000,006,468 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2013/03/07 20:00:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/03/07 20:00:20 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2013/04/13 10:06:17 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O4 - HKLM..\Run: [Quick Heal Core UI] C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe (Quick Heal Technologies (P) Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5024189C-BD2B-4377-B871-034CB3BE52C4}: DhcpNameServer = 10.0.0.1 O20 - AppInit_DLLs: (scdetour.dll) - C:\Windows\System32\ScDetour.Dll (Quick Heal Technologies (P) Ltd.) O20 - HKLM Winlogon: Shell - (EXPLORER.EXE) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013/04/01 17:25:46 | 000,000,024 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/13 09:58:50 | 000,000,000 | -H-D | C] -- C:\Users\gurminder\ScStore [2013/04/13 09:20:15 | 000,000,000 | -HSD | C] -- C:\found.006 [2013/04/11 13:03:04 | 000,000,000 | -HSD | C] -- C:\found.005 [2013/04/10 13:12:03 | 000,000,000 | -HSD | C] -- C:\found.004 [2013/04/07 17:17:23 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\WinRAR [2013/04/07 17:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013/04/07 11:44:02 | 000,000,000 | -HSD | C] -- C:\found.003 [2013/04/06 15:56:05 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\BabSolution [2013/04/06 15:55:14 | 000,000,000 | ---D | C] -- C:\Program Files\Delta [2013/04/06 15:54:15 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Babylon [2013/04/06 15:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013/04/06 15:54:11 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Babylon [2013/04/06 08:40:20 | 000,000,000 | -HSD | C] -- C:\found.002 [2013/04/03 15:30:28 | 000,000,000 | ---D | C] -- C:\Users\gurminder\Documents\Battlefield 3 [2013/03/31 22:50:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2013/03/31 22:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2013/03/31 22:50:12 | 000,000,000 | ---D | C] -- C:\Users\gurminder\Documents\My Games [2013/03/31 22:48:20 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/03/31 22:48:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2013/03/31 22:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2013/03/31 22:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2013/03/31 22:44:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2013/03/31 22:44:42 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\System32\mkl_blueripple.dll [2013/03/31 22:44:42 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll [2013/03/31 22:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\BRS [2013/03/31 22:44:38 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL [2013/03/31 22:44:37 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2013/03/31 22:44:37 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2013/03/31 14:05:32 | 000,000,000 | -HSD | C] -- C:\found.001 [2013/03/31 13:15:41 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\DriverCure [2013/03/31 13:15:37 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\ParetoLogic [2013/03/31 13:14:04 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic [2013/03/31 13:13:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic [2013/03/31 13:13:22 | 000,000,000 | ---D | C] -- C:\Program Files\ParetoLogic [2013/03/31 13:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ParetoLogic [2013/03/31 12:35:45 | 000,000,000 | -HSD | C] -- C:\found.000 [2013/03/30 20:12:07 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\vlc [2013/03/30 13:00:35 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\uTorrent [2013/03/30 12:52:11 | 000,033,136 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\drivers\mscank.sys [2013/03/30 12:52:03 | 000,029,424 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\drivers\EMLTDI.SYS [2013/03/30 12:51:43 | 000,068,448 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\drivers\wstif.sys [2013/03/30 12:51:43 | 000,038,856 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\drivers\wsnf.sys [2013/03/30 12:51:42 | 000,283,104 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\ScDetour.Dll [2013/03/30 12:51:42 | 000,130,528 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\ScSecAuth.Dll [2013/03/30 12:51:42 | 000,119,776 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\ScSandboxApi.dll [2013/03/30 12:51:42 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Detoured.dll [2013/03/30 12:51:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal Total Security [2013/03/30 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Heal [2013/03/30 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Quick Heal [2013/03/30 12:48:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\gprodat [2013/03/30 12:48:18 | 000,050,344 | ---- | C] (Quick Heal Technologies (P) Ltd.) -- C:\Windows\System32\drivers\ggc.sys [2013/03/30 09:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader [2013/03/30 09:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader [2013/03/30 09:54:18 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications [2013/03/29 16:16:59 | 000,000,000 | ---D | C] -- C:\Users\gurminder\Desktop\Criterion Games [2013/03/29 15:56:29 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\AMD [2013/03/29 15:56:26 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\ATI [2013/03/29 15:56:26 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\ATI [2013/03/29 15:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013/03/29 15:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013/03/29 15:33:28 | 000,000,000 | ---D | C] -- C:\Users\gurminder\Documents\Criterion Games [2013/03/29 15:33:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2013/03/29 15:33:05 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2013/03/29 15:33:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2013/03/29 15:33:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2013/03/29 15:33:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2013/03/29 15:33:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2013/03/29 15:33:04 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2013/03/29 15:33:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2013/03/29 15:33:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2013/03/29 15:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2013/03/29 15:28:30 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2013/03/29 15:28:30 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2013/03/29 15:28:30 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2013/03/29 15:20:29 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Programs [2013/03/29 01:29:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013/03/29 00:30:17 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013/03/28 20:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT [2013/03/28 20:13:32 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP [2013/03/28 20:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013/03/28 20:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2013/03/28 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Macromedia [2013/03/28 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Macromedia [2013/03/28 20:13:23 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Adobe [2013/03/28 20:12:56 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013/03/28 20:12:11 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013/03/28 20:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013/03/28 20:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013/03/28 20:09:29 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/03/28 20:09:29 | 000,073,432 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/03/28 20:09:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2013/03/28 20:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013/03/28 15:09:39 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Mozilla [2013/03/28 15:09:39 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Mozilla [2013/03/28 15:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013/03/28 15:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013/03/28 15:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013/03/28 12:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/03/28 12:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013/03/28 12:08:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013/03/28 12:06:42 | 000,000,000 | R--D | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013/03/28 12:06:42 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Searches [2013/03/28 12:06:42 | 000,000,000 | R--D | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013/03/28 12:06:42 | 000,000,000 | -H-D | C] -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2013/03/28 12:06:34 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Identities [2013/03/28 12:06:32 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Contacts [2013/03/28 12:06:26 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\VirtualStore [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\AppData\Local\Temporary Internet Files [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Templates [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Start Menu [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\SendTo [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Recent [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\PrintHood [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\NetHood [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Documents\My Videos [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Documents\My Pictures [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Documents\My Music [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\My Documents [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Local Settings [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\AppData\Local\History [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Cookies [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\Application Data [2013/03/28 12:06:23 | 000,000,000 | -HSD | C] -- C:\Users\gurminder\AppData\Local\Application Data [2013/03/28 12:06:21 | 000,000,000 | --SD | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Videos [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Saved Games [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Pictures [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Music [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Links [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Favorites [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Downloads [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Documents [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\Desktop [2013/03/28 12:06:21 | 000,000,000 | R--D | C] -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013/03/28 12:06:21 | 000,000,000 | -H-D | C] -- C:\Users\gurminder\AppData [2013/03/28 12:06:21 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Temp [2013/03/28 12:06:21 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Local\Microsoft [2013/03/28 12:06:21 | 000,000,000 | ---D | C] -- C:\Users\gurminder\AppData\Roaming\Media Center Programs [2013/03/28 12:05:02 | 000,000,000 | -HSD | C] -- C:\Recovery [2013/03/28 11:25:30 | 000,000,000 | ---D | C] -- C:\AMD [2013/03/28 11:22:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013/03/21 12:12:32 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2013/03/21 12:12:32 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2013/03/21 12:12:16 | 000,118,584 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2013/03/21 12:12:10 | 000,092,304 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2013/03/21 12:12:02 | 000,968,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2013/03/21 12:11:42 | 007,233,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2013/03/21 12:11:34 | 004,474,984 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2013/03/21 12:11:20 | 005,940,656 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2013/03/21 12:01:40 | 009,951,744 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2013/03/21 07:46:50 | 000,163,840 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2013/03/21 07:44:30 | 000,077,824 | ---- | C] (AMD) -- C:\Windows\System32\coinst_12.10.17.dll [2013/03/21 07:44:18 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2013/03/21 07:44:10 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2013/03/21 07:39:36 | 013,703,168 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2013/03/21 07:35:54 | 019,755,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2013/03/21 07:22:52 | 000,442,368 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atidemgy.dll [2013/03/21 07:22:22 | 000,491,008 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2013/03/21 07:21:44 | 000,219,136 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2013/03/21 07:20:28 | 000,163,840 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2013/03/21 07:20:20 | 000,025,088 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2013/03/21 07:20:12 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2013/03/21 06:56:34 | 000,425,984 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2013/03/21 06:56:18 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2013/03/21 06:56:08 | 000,034,816 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2013/03/21 06:55:08 | 000,460,288 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2013/03/21 06:53:08 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2013/03/20 22:29:06 | 000,065,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll [2013/03/20 22:28:58 | 000,056,320 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll [2013/03/20 22:26:56 | 023,810,048 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll [2013/03/20 22:25:12 | 000,050,176 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2013/03/20 22:19:08 | 004,083,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdsc.dll [2013/03/17 14:08:28 | 000,000,000 | ---D | C] -- C:\Mere Dad Ki Maruti 2013 Hindi CAMRip MPEG1 NiCkkkDoN [1 C:\Users\gurminder\Documents\*.tmp files -> C:\Users\gurminder\Documents\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/13 10:15:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/04/13 10:06:17 | 000,000,824 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013/04/13 10:05:39 | 000,667,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/04/13 10:05:39 | 000,128,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/04/13 10:03:52 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/04/13 10:03:52 | 000,010,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/04/13 10:01:14 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job [2013/04/13 09:57:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/04/13 09:56:33 | 1408,077,824 | -HS- | M] () -- C:\hiberfil.sys [2013/04/11 13:09:11 | 000,006,190 | ---- | M] () -- C:\Users\gurminder\Desktop\WordDocument [2013/04/11 13:09:11 | 000,004,813 | ---- | M] () -- C:\Users\gurminder\Desktop\1Table [2013/04/11 13:09:11 | 000,004,096 | ---- | M] () -- C:\Users\gurminder\Desktop\[5]SummaryInformation [2013/04/11 13:09:11 | 000,004,096 | ---- | M] () -- C:\Users\gurminder\Desktop\[5]DocumentSummaryInformation [2013/04/11 13:09:11 | 000,000,113 | ---- | M] () -- C:\Users\gurminder\Desktop\[1]CompObj [2013/04/06 15:51:47 | 000,095,838 | ---- | M] () -- C:\Users\gurminder\Desktop\Photo-0201.jpg [2013/04/06 15:49:28 | 000,096,173 | ---- | M] () -- C:\Users\gurminder\Desktop\Photo-0201 - Copy.jpg [2013/04/05 22:49:57 | 001,189,595 | ---- | M] () -- C:\Users\gurminder\Desktop\DSC_0440.jpg [2013/04/05 22:05:40 | 001,163,013 | ---- | M] () -- C:\Users\gurminder\Desktop\DSC_0444.jpg [2013/04/03 15:41:40 | 000,020,240 | ---- | M] () -- C:\bootsqm.dat [2013/04/01 17:25:46 | 000,000,024 | ---- | M] () -- C:\AUTOEXEC.BAT [2013/03/31 22:44:37 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2013/03/31 22:44:37 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2013/03/31 21:20:25 | 001,056,315 | ---- | M] () -- C:\Users\gurminder\Desktop\DSC_0437.jpg [2013/03/31 20:52:11 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Quick Heal AntiMalware Scan.job [2013/03/31 20:51:00 | 000,000,450 | ---- | M] () -- C:\Windows\tasks\Resume Quickup Download.job [2013/03/31 18:00:00 | 000,000,452 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2013/03/31 16:25:34 | 000,130,699 | ---- | M] () -- C:\Users\gurminder\Documents\Untitled.wma [2013/03/31 13:49:51 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2013/03/31 13:49:51 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job [2013/03/31 13:49:51 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job [2013/03/31 13:23:35 | 000,000,025 | ---- | M] () -- C:\0.bak [2013/03/31 13:14:01 | 000,001,061 | ---- | M] () -- C:\Users\gurminder\Desktop\ParetoLogic PC Health Advisor.lnk [2013/03/30 13:01:49 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2013/03/30 13:01:49 | 000,000,797 | ---- | M] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/03/30 12:55:29 | 000,006,305 | ---- | M] () -- C:\Windows\regact.dat [2013/03/30 12:51:43 | 000,001,222 | ---- | M] () -- C:\Users\Public\Desktop\Quick Heal Secure Browse.lnk [2013/03/30 09:54:18 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk [2013/03/29 15:55:28 | 002,388,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2013/03/29 15:32:47 | 000,000,459 | ---- | M] () -- C:\Users\gurminder\Desktop\Need for Speed Most Wanted.lnk [2013/03/29 11:56:00 | 000,001,407 | ---- | M] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/03/29 11:29:44 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013/03/29 00:34:04 | 000,266,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/03/29 00:32:33 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf [2013/03/28 20:47:09 | 000,000,391 | ---- | M] () -- C:\0 [2013/03/28 20:09:29 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013/03/28 20:09:29 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013/03/28 15:09:37 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/03/28 15:04:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013/03/21 12:12:32 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2013/03/21 12:12:32 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2013/03/21 12:12:16 | 000,118,584 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2013/03/21 12:12:10 | 000,092,304 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2013/03/21 12:12:02 | 000,968,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\aticfx32.dll [2013/03/21 12:11:42 | 007,233,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atidxx32.dll [2013/03/21 12:11:34 | 004,474,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll [2013/03/21 12:11:20 | 005,940,656 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdag.dll [2013/03/21 12:01:40 | 009,951,744 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2013/03/21 07:48:14 | 000,364,080 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb [2013/03/21 07:46:50 | 000,163,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2013/03/21 07:44:30 | 000,077,824 | ---- | M] (AMD) -- C:\Windows\System32\coinst_12.10.17.dll [2013/03/21 07:44:18 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2013/03/21 07:44:10 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2013/03/21 07:39:36 | 013,703,168 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2013/03/21 07:35:54 | 019,755,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2013/03/21 07:22:52 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atidemgy.dll [2013/03/21 07:22:22 | 000,491,008 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe [2013/03/21 07:21:44 | 000,219,136 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe [2013/03/21 07:20:28 | 000,163,840 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll [2013/03/21 07:20:20 | 000,025,088 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll [2013/03/21 07:20:12 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2013/03/21 07:09:20 | 003,330,608 | ---- | M] () -- C:\Windows\System32\atiumdva.cap [2013/03/21 07:09:20 | 000,204,952 | ---- | M] () -- C:\Windows\System32\ativvsvl.dat [2013/03/21 07:09:20 | 000,157,144 | ---- | M] () -- C:\Windows\System32\ativvsva.dat [2013/03/21 06:56:34 | 000,425,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2013/03/21 06:56:18 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2013/03/21 06:56:08 | 000,034,816 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2013/03/21 06:55:08 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2013/03/21 06:53:08 | 000,053,248 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2013/03/20 22:29:22 | 000,180,224 | ---- | M] () -- C:\Windows\System32\clinfo.exe [2013/03/20 22:29:06 | 000,065,536 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OpenVideo.dll [2013/03/20 22:28:58 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\OVDecode.dll [2013/03/20 22:26:56 | 023,810,048 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdocl.dll [2013/03/20 22:25:12 | 000,050,176 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2013/03/20 22:19:08 | 004,083,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\amdsc.dll [2013/03/20 11:12:52 | 000,043,588 | ---- | M] () -- C:\Windows\atiogl.xml [1 C:\Users\gurminder\Documents\*.tmp files -> C:\Users\gurminder\Documents\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/11 15:06:55 | 000,006,190 | ---- | C] () -- C:\Users\gurminder\Desktop\WordDocument [2013/04/11 15:06:55 | 000,004,813 | ---- | C] () -- C:\Users\gurminder\Desktop\1Table [2013/04/11 15:06:55 | 000,004,096 | ---- | C] () -- C:\Users\gurminder\Desktop\[5]SummaryInformation [2013/04/11 15:06:55 | 000,004,096 | ---- | C] () -- C:\Users\gurminder\Desktop\[5]DocumentSummaryInformation [2013/04/11 15:06:55 | 000,000,113 | ---- | C] () -- C:\Users\gurminder\Desktop\[1]CompObj [2013/04/06 15:49:30 | 000,096,173 | ---- | C] () -- C:\Users\gurminder\Desktop\Photo-0201 - Copy.jpg [2013/04/06 15:48:41 | 000,095,838 | ---- | C] () -- C:\Users\gurminder\Desktop\Photo-0201.jpg [2013/04/05 22:49:39 | 001,189,595 | ---- | C] () -- C:\Users\gurminder\Desktop\DSC_0440.jpg [2013/04/05 22:49:37 | 001,056,315 | ---- | C] () -- C:\Users\gurminder\Desktop\DSC_0437.jpg [2013/04/05 22:48:46 | 001,163,013 | ---- | C] () -- C:\Users\gurminder\Desktop\DSC_0444.jpg [2013/04/03 15:41:40 | 000,020,240 | ---- | C] () -- C:\bootsqm.dat [2013/03/31 22:47:55 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2013/03/31 16:25:34 | 000,130,699 | ---- | C] () -- C:\Users\gurminder\Documents\Untitled.wma [2013/03/31 13:23:35 | 000,000,025 | ---- | C] () -- C:\0.bak [2013/03/31 13:16:07 | 000,000,452 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job [2013/03/31 13:14:01 | 000,001,061 | ---- | C] () -- C:\Users\gurminder\Desktop\ParetoLogic PC Health Advisor.lnk [2013/03/31 13:13:58 | 000,000,478 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job [2013/03/31 13:13:57 | 000,000,426 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job [2013/03/31 13:13:55 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor Defrag.job [2013/03/31 13:13:47 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor.job [2013/03/30 13:01:49 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2013/03/30 13:01:49 | 000,000,797 | ---- | C] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2013/03/30 12:55:29 | 000,006,305 | ---- | C] () -- C:\Windows\regact.dat [2013/03/30 12:52:20 | 000,000,474 | ---- | C] () -- C:\Windows\tasks\Quick Heal AntiMalware Scan.job [2013/03/30 12:51:49 | 000,000,450 | ---- | C] () -- C:\Windows\tasks\Resume Quickup Download.job [2013/03/30 12:51:43 | 000,001,222 | ---- | C] () -- C:\Users\Public\Desktop\Quick Heal Secure Browse.lnk [2013/03/30 09:54:18 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk [2013/03/29 15:32:47 | 000,000,459 | ---- | C] () -- C:\Users\gurminder\Desktop\Need for Speed Most Wanted.lnk [2013/03/29 11:29:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013/03/29 00:32:24 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013/03/29 00:32:17 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013/03/29 00:29:43 | 1408,077,824 | -HS- | C] () -- C:\hiberfil.sys [2013/03/28 21:00:08 | 000,000,391 | ---- | C] () -- C:\0 [2013/03/28 20:09:30 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/03/28 15:09:37 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013/03/28 15:09:37 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013/03/28 15:04:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013/03/28 15:04:29 | 000,001,413 | ---- | C] () -- C:\Users\gurminder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/03/28 12:13:11 | 000,001,407 | ---- | C] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013/03/28 12:06:21 | 000,000,290 | ---- | C] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2013/03/28 12:06:21 | 000,000,272 | ---- | C] () -- C:\Users\gurminder\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2013/03/21 07:48:14 | 000,364,080 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2013/03/21 07:09:20 | 003,330,608 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2013/03/21 07:09:20 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2013/03/21 07:09:20 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2013/03/20 22:29:22 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2013/03/20 11:12:52 | 000,043,588 | ---- | C] () -- C:\Windows\atiogl.xml [2012/12/20 01:42:24 | 000,230,452 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik.dat [2012/12/19 22:12:08 | 000,665,329 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012/12/15 06:05:14 | 000,073,984 | ---- | C] () -- C:\Windows\System32\ativce02.dat [2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012/11/22 20:44:26 | 000,230,064 | ---- | C] () -- C:\Windows\System32\ativvaxy_cik_nd.dat [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011/09/13 03:36:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 10:12:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 06:46:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 06:45:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 06:46:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >