mobilewitch problems

hi all

my family came to stay for a while and now that they are gone i had a mobilewitch toolbar installed.

i uninstalled it but when i search or type in a partial web address in the address bar my browser uses mobilewitch rather than google

how on earth do i get rid of this rubbish?

here is my DDS



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Gary at 13:45:26 on 2013-01-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4095.1386 [GMT 0:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\Gary\AppData\Local\Apps\2.0\4AW9QOV4.1ET\A072G5Q9.ELX\curs..tion_9e9e83ddf3ed3ead_0005.0001_f88ee66177b243ac\CurseClient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
C:\Program Files\Common Files\Motive\pcControlHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Users\Gary\Desktop\gmer\gmer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1605787
uURLSearchHooks: {fcbf663e-8530-46f8-a880-ac5abe9d2b23} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: ShareZilla Web Download Hook: {0EEDB912-C5FA-486F-8334-57288578C627} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Gary\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -update plugin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\Gary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\curseclientstartup.ccip
StartupFolder: C:\Users\Gary\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download with &ShareZilla - C:\Program Files (x86)\ShareZilla\RazaWebHook32.dll/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{F0AC09E3-DA36-4D0F-A605-AF9668CA6F3A} : DHCPNameServer = 192.168.1.254 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [btbb_McciTrayApp] "C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-STS: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
Hosts: 127.0.0.1 Spyware Info | Spyware Info | spyware software | spyware program | protection spyware
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\8latqqjo.default\
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1605787&SearchSource=2&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Gary\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-12-20 19:53; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Gary\AppData\Roaming\Mozilla\Firefox\Profiles\8latqqjo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-22 14:44; mcciwbch@motive.com; C:\Program Files (x86)\Mozilla Firefox\extensions\mcciwbch@motive.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-11-6 21136]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-13 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-13 370288]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-13 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-13 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-6 44808]
R2 pcCMService;pcCMService;C:\Program Files (x86)\Common Files\Motive\pcCMService.exe [2012-12-22 369152]
R2 pcCMService64;pcCMService64;C:\Program Files\Common Files\Motive\pcCMService.exe [2012-12-22 460288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2012-10-11 36328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-16 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2012-10-11 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2012-10-11 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2012-10-11 177640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-16 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-14 1255736]
.
=============== Created Last 30 ================
.
2013-01-15 09:27:45 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{251E0E8B-DC6F-4BAD-8CC4-78E27CE899C4}\offreg.dll
2013-01-15 09:26:57 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{251E0E8B-DC6F-4BAD-8CC4-78E27CE899C4}\mpengine.dll
2013-01-11 15:37:46 -------- d-----w- C:\Users\Gary\AppData\Roaming\Ubisoft
2013-01-11 14:41:48 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2013-01-11 14:41:45 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2013-01-09 03:12:50 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-06 14:45:26 -------- d-----w- C:\Incomplete
2013-01-06 14:45:04 -------- d-----w- C:\Users\Gary\Incomplete
2013-01-06 14:44:31 -------- d-----w- C:\Users\Gary\Shared
2013-01-06 14:44:31 -------- d-----w- C:\Users\Gary\AppData\Roaming\LimeZilla
2013-01-06 14:44:31 -------- d-----w- C:\ProgramData\LimeZilla
2013-01-06 14:33:07 -------- d-----w- C:\Users\Gary\AppData\Roaming\ShareZilla
2013-01-06 14:33:07 -------- d-----w- C:\Users\Gary\AppData\Local\ShareZilla
2013-01-06 14:32:53 -------- d-----w- C:\Program Files (x86)\Conduit
2013-01-06 14:32:51 -------- d-----w- C:\Users\Gary\AppData\Local\Conduit
2013-01-06 14:32:38 -------- d-----w- C:\Users\Gary\AppData\Local\CRE
2013-01-06 12:31:54 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2013-01-02 09:39:25 -------- d-----w- C:\Program Files (x86)\StarCraft II
2013-01-02 09:11:01 -------- d-----r- C:\Users\Gary\Dropbox
2013-01-02 09:02:11 -------- d-----w- C:\Users\Gary\Library
2013-01-02 09:02:11 -------- d-----w- C:\Users\Gary\AppData\Roaming\com.ynab.YNAB4.LiveCaptive
2012-12-27 14:02:24 -------- d-----w- C:\Program Files (x86)\Beamdog
2012-12-24 22:50:12 -------- d-----w- C:\Users\Gary\AppData\Local\DayZCommander
2012-12-24 22:49:25 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
2012-12-24 16:10:42 -------- d-----w- C:\Users\Gary\AppData\Roaming\Play withSIX
2012-12-24 16:10:42 -------- d-----w- C:\Users\Gary\AppData\Local\Play withSIX
2012-12-24 16:10:24 -------- d-----w- C:\Program Files (x86)\SIX Networks
2012-12-24 15:47:10 -------- d-----w- C:\Users\Gary\AppData\Local\ArmA 2 OA
2012-12-22 14:43:42 -------- d-----w- C:\Program Files\BT Broadband Desktop Help
2012-12-22 14:43:12 -------- d-----w- C:\Program Files (x86)\Common Files\Motive
2012-12-22 14:43:10 -------- d-----w- C:\Program Files\Common Files\Motive
2012-12-22 14:41:31 -------- d-----w- C:\Program Files (x86)\BT Broadband Desktop Help
2012-12-21 08:19:17 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-21 08:19:17 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-21 08:19:14 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-21 08:19:14 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-21 08:17:22 -------- d-----w- C:\Program Files (x86)\FTL
2012-12-16 18:55:40 -------- d-----w- C:\Users\Gary\AppData\Roaming\RIFT
2012-12-16 18:55:38 -------- d-----w- C:\Program Files (x86)\RIFT
.
==================== Find3M ====================
.
2012-12-31 09:50:22 275360 ----a-w- C:\Windows\System32\DreamScene.dll
2012-12-17 08:40:32 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-17 08:40:32 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-12-03 15:47:14 983936 ----a-w- C:\Windows\System32\nvumdshimx.dll
2012-12-01 05:49:26 3663213 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-12-01 05:49:25 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-12-01 05:49:25 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-12-01 05:49:24 890216 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-12-01 05:48:41 6223208 ----a-w- C:\Windows\System32\nvcpl.dll
2012-12-01 05:48:37 3311464 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-11-30 08:56:11 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-11-30 08:56:11 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-29 16:29:53 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-11-29 16:15:49 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\Windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:42 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2012-11-01 05:43:42 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2012-11-01 04:47:54 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:54 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-10-30 22:51:55 21136 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr
.
============= FINISH: 13:45:51.28 ===============

Attached Files

attach.zip (7.7 KB)