OffersWizard Ads Browser Virus

I currently have the Offerswizard ad virus and I can't seem to permanently remove it. I have followed instructions from multiple sites on how to remove it, but the virus keeps on coming back. I have downloaded and used AdwCleaner, Junkware Removal Tool, and MalwareAnti-Malware, but they all just temporarily "deletes" the virus. Within a few minutes the virus is back. It also comes with a "Search with Bing" toolbar. This happens in Chrome and IE.

Previously, I have similar ad-based viruses appear on my browser (not sure if they're all from Offerswizard) like conduit, but I could always delete the extension every time it appears. With Offerswizard, however, I can't find any extension/add-on to delete or any weird programs from the "uninstall program" in the control panel.

Symptoms of virus:
- The virus changes the options that appear when I right-click inside a browser on any site.
- Changes some words to a green link which leads to a site of malware removal
- The ads on the sides of the webpages lead to sites with malware
- Fake Bing search tool bar
- Clicking in white space or on anything in a browser typically pops up and OffersWizard ad or Offers By Context ad.

I do have access to a Windows Install disc.

Below is the text from DDS.txt and my Attach.zip file is attached.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16921
Run by coleichty at 13:30:58 on 2014-06-23
Microsoft Windows 8 Enterprise 6.2.9200.0.1252.1.1033.18.8062.5790 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files (x86)\Input Director\IDWinService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
C:\Program Files (x86)\Input Director\InputDirectorSessionHelper.exe
C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
C:\Windows\system32\mqsvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
c:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe
C:\Windows\SysWOW64\nethtsrv.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Windows\SysWOW64\netupdsrv.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Team Foundation Server 2012 Power Tools\TfsComProviderSvr.exe
C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Input Director\IDVistaService.exe
C:\Program Files (x86)\Input Director\InputDirector.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Quartz\Quartz.Server.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.bing.com
uProxyServer = hxxp=127.0.0.1:49273;https=127.0.0.1:49273
uProxyOverride = <-loopback>
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
uRun: [SkyDrive] "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [InputDirector] "C:\Program Files (x86)\Input Director\InputDirector.exe" /hide
uRun: [GoogleChromeAutoLaunch_7854C8A689153F525472198B7D8E303F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRunOnce: [Uninstall C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
uRunOnce: [Uninstall C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
uRunOnce: [Uninstall C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
uRunOnce: [Uninstall C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
uRunOnce: [Uninstall C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\coleichty\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WsmUpdater] "C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe"
StartupFolder: C:\Users\COLEIC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\COLEIC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: SoftwareSASGeneration = dword:3
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} - hxxp://sdt-sql-02.sdtest.local/Reports_SQLSERVER2012/Reserved.ReportViewerWebControl.axd?ReportSession=ptpaz2r5gqy0ge553woiazic&Culture=1033&CultureOverrides=False&UICulture=9&UICultureOverrides=False&ReportStack=1&ControlID=c14d909e6a7c45c9ba44e326d2f39c19&OpType=PrintCab&Arch=X86
TCP: NameServer = 10.1.200.175 10.1.200.156
TCP: Interfaces\{8606B555-FFAA-4B11-B059-6E1F01DCF048} : DHCPNameServer = 10.1.200.175 10.1.200.156
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = hxxp://www.bing.com
x64-mDefault_Page_URL = hxxp://www.bing.com
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: SoftwareSASGeneration = dword:3
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 Spyware Info | Spyware Info
.
============= SERVICES / DRIVERS ===============
.
R1 nethfdrv;nethfdrv;C:\Windows\System32\Drivers\nethfdrv.sys [2014-6-16 46160]
R2 InputDirector;Input Director Service;C:\Program Files (x86)\Input Director\IDWinService.exe [2010-2-1 36864]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [2013-1-1 14760]
R2 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2012-6-12 220104]
R2 MsDtsServer110;SQL Server Integration Services 11.0;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [2013-3-9 218688]
R2 NetHttpService;Network HTTP Support Service;C:\Windows\SysWOW64\nethtsrv.exe [2014-6-16 180224]
R2 QuartzServer;Quartz Server;C:\Quartz\Quartz.Server.exe [2013-7-24 61440]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2013-3-9 2422336]
R2 ServiceUpdater;Network Support Service Updater;C:\Windows\SysWOW64\netupdsrv.exe [2014-6-16 159744]
R3 IDVistaService;Input Director Vista Service;C:\Program Files (x86)\Input Director\IDVistaService.exe [2009-2-7 13824]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2012-2-11 49752]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2012-7-25 5632]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-8-22 119808]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 VsEtwService120;Visual Studio ETW Event Collection Service;C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-5 87728]
S3 WMSVC;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2012-7-25 10752]
S4 Heartbeat Windows Service;Heartbeat Windows Service;C:\HeartbeatWindowsService\HeartbeatWindowsService.exe [2014-1-16 18944]
S4 Report Archive Expiration;Report Archive Expiration;C:\ReportArchiveExpirationWindowsService\ReportArchiveExpirationWindowsService.exe [2014-1-16 13312]
S4 RsFx0151;RsFx0151 Driver;C:\Windows\System32\Drivers\RsFx0151.sys [2011-6-17 313696]
S4 RsFx0201;RsFx0201 Driver;C:\Windows\System32\Drivers\RsFx0201.sys [2013-3-9 336960]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-06-23 17:30:08 687 ----a-w- C:\awhCA6F.tmp
2014-06-23 14:01:24 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3617064C-BE0C-43C1-B444-38D8B1022182}\mpengine.dll
2014-06-22 08:35:36 687 ----a-w- C:\awh5343.tmp
2014-06-20 17:56:46 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2014-06-20 17:56:40 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-20 17:23:36 -------- d-----w- C:\Program Files\Enigma Software Group
2014-06-20 17:23:12 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-06-19 20:10:31 290304 ----a-w- C:\Windows\SysWow64\subinacl.exe
2014-06-19 20:09:40 -------- d-----w- C:\Program Files\Common Files\Microsoft
2014-06-19 20:09:40 -------- d-----w- C:\Program Files\Adware-Removal-Tool
2014-06-19 19:58:26 687 ----a-w- C:\awhB4EC.tmp
2014-06-19 19:18:16 -------- d-----w- C:\Users\coleichty\AppData\Roaming\eCyber
2014-06-19 19:18:00 44544 ----a-w- C:\Windows\System32\drivers\iSafeKrnlBoot.sys
2014-06-19 19:18:00 -------- d-----w- C:\Windows\System32\log
2014-06-19 18:57:59 687 ----a-w- C:\awhDD05.tmp
2014-06-19 18:55:08 -------- d-----w- C:\Windows\ERUNT
2014-06-19 18:48:31 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-06-19 18:47:55 -------- d-----w- C:\AdwCleaner
2014-06-19 15:56:19 687 ----a-w- C:\awhA4C4.tmp
2014-06-19 15:51:15 -------- d-----w- C:\Program Files (x86)\Common Files\Config
2014-06-16 18:46:03 10702536 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-06-16 18:39:46 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2014-06-16 18:39:39 2862080 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-06-16 18:39:39 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-06-16 18:39:21 3246592 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-06-16 18:39:21 235520 ----a-w- C:\Windows\System32\rdpudd.dll
2014-06-16 18:39:20 1301504 ----a-w- C:\Windows\System32\gdi32.dll
2014-06-16 18:39:20 1023488 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-06-16 18:38:38 2233176 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-16 18:38:19 1845760 ----a-w- C:\Windows\System32\msxml3.dll
2014-06-16 18:38:19 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-06-16 12:23:12 46160 ----a-w- C:\Windows\System32\drivers\nethfdrv.sys
2014-06-16 12:22:56 159744 ----a-w- C:\Windows\SysWow64\netupdsrv.exe
2014-06-16 12:22:46 108544 ----a-w- C:\Windows\SysWow64\installd.exe
2014-06-16 12:22:36 180224 ----a-w- C:\Windows\SysWow64\nethtsrv.exe
2014-06-16 12:22:26 108544 ----a-w- C:\Windows\SysWow64\hfnapi.dll
2014-06-16 12:22:16 246784 ----a-w- C:\Windows\SysWow64\hfpapi.dll
2014-06-10 20:10:13 283312 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10242.bin
.
==================== Find3M ====================
.
2014-05-31 05:16:07 703992 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-31 05:16:07 105464 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-24 02:47:54 2239488 ----a-w- C:\Windows\System32\wininet.dll
2014-05-24 02:47:45 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-05-24 02:47:44 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-05-24 02:46:07 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-05-24 02:46:07 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-05-24 02:45:26 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-05-24 01:26:54 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-24 01:26:46 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-05-24 01:25:49 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-05-24 01:25:49 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-05-24 01:25:25 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-05-24 01:09:41 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-24 01:03:36 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-23 22:37:13 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2014-04-19 09:39:36 628024 ----a-w- C:\Windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\Windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 09:27:03 172888 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\Windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\Windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\Windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\Windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\Windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\Windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\Windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\Windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\Windows\System32\workerdd.dll
2014-04-03 11:19:16 328024 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2014-04-03 03:44:10 619008 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-04-01 02:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-28 19:19:38 35856 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2014-03-28 08:23:00 1287168 ----a-w- C:\Windows\System32\schedsvc.dll
.
============= FINISH: 13:33:49.61 ===============

Attached Files

Attach.zip (7.2 KB)