Jump to content

Rootkit.Fileless.MTGen + Trojan.SathurBot + others keep on coming back even after cleanup with MBAM


Recommended Posts

Hello everyone,

My name is Manny and I'm looking for some assistance with my machine which recently got infected with some virus/trojan that seemed to brought along bunch of his buddies...

Anyways, I have ran the MBAM a few times with FULL SCAN and after a 1-2 hours scan it finds and remove several entries but upon a reboot and a few hours of being ON all the entries seems to come back and I notice the increased of HDD space when I haven't even used the machine at all.

Tools ran:
- MBAM
- TDSSKiller
- AdwCleaner
- RogueKiller
- MBAR (anti-rootkit)
- MSERT.exe (Microsoft tool)

Would love to get some additional help to remove all these infections once and for all. Let me know what you may need, I will subscribe to this thread and thanks in advance ^_^

PC SPECS:
OS: Windows 7 SP1 64bit
RAM: 32GB
HDD: SSD 128GB
 

Link to post
Share on other sites

Hello locobans and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

user posted imageGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. user posted image
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

user posted imageMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. user posted image Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

user posted imageInternet Explorer - Click the Tools menu in the upper right-corner of the browser. user posted image Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

user posted imageChange default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Download RKill from here: http://www.bleepingcomputer.com/download/rkill/

There are three buttons to choose from with different names on, select the first one and save it to your desktop.
 
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7/8/10, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.


Next,

Tweaking.com Registry Backup
 
  • Download Tweaking.com Registry Backup from here, and save tweaking.com_registry_backup_portable.zip to your desktop.
  • Now we need to create a new folder to extract the zipped contents into. Right click on the zipped folder you just downloaded and select "Extract All".
  • Click the "Browse" button and from the list, expand "Computer", then expand "Windows (C:)", and click the "Make New Folder" button.
  • Call this folder something you will remember...like "RegBackup" then click "Ok", and then click "Extract".
  • From the newly extracted files, right click on hPxdDvj.png and select Run as Administrator (XP users just double click) to start Tweaking.com Registry Backup.(Windows Vista/7/8/10 users: Accept UAC warning if it is enabled.)
  • A screen like this should appear:
    user posted image
     
  • Type a custom name in Backup Name if you want, then choose Backup Now.
  • If backup is successful, a message will appear at the lower half of the screen with an option to view logs.
  • The registry backup will be created in %WindowsDrive%\RegBackup by default. You can customize the path in Settings.
  • Close Tweaking.com Registry Backup when done.


Next,
Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Recommend you use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…



If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....


Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs....

or,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.



Let me see those logs in your next reply....

Thanks,

Kevin...

 
 


 
Link to post
Share on other sites

Hey kevinf80,

Thanks for helping me out. Here are what you have requested:

RKill
 

Quote

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/16/2016 05:51:33 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity: 

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * TBS [Missing Service]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       localhost

Program finished at: 07/16/2016 05:51:43 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)
 

 

MalwareByte's

Quote

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/16/2016
Scan Time: 4:30 AM
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.16.03
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Manny

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 764677
Time Elapsed: 1 hr, 16 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

FRST
 

Quote

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by Manny (administrator) on MANNY-PC (16-07-2016 17:54:36)
Running from D:\Users Folders\Manny\Downloads
Loaded Profiles: Manny (Available Profiles: Manny & Julissa)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(American Megatrends Inc.) C:\Program Files\AMI\DuOS\AndServMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) D:\Programs\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) D:\Programs\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() D:\Programs\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Collobos Software) C:\Program Files\Collobos\Presto\PrestoService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) D:\Programs\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Solarwinds N-able) C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\NCentralRDLdr.exe
(Evernote) C:\Program Files (x86)\Evernote\Skitch\Skitch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Power Software Ltd) D:\Programs\Program Files\PowerISO\PWRISOVM.EXE
(Solarwinds N-able) C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\NCentralRDViewer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PrestoHelper] => C:\Program Files\Collobos\Presto\PrestoHelper.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8781568 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13716208 2016-06-30] (Zemana Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [PWRISOVM.EXE] => D:\Programs\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-12-16] (Power Software Ltd)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Command Center] => D:\Programs\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [797648 2014-11-11] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11336656 2016-03-16] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\Run: [MSPANCentralViewerPreLoad] => C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\NCentralRDLdr.exe [4261600 2016-07-05] (Solarwinds N-able)
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\Run: [Skitch] => C:\Program Files (x86)\Evernote\Skitch\Skitch.exe [4863296 2015-04-30] (Evernote)
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\Policies\system: [DisableLockWorkstation] 0
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{99229507-46BF-469B-929F-C4E88F6E3D4E}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{E40F2F94-AA6B-40A0-93F7-FFA8552A68D3}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2253813673-471012973-4132657189-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
SearchScopes: HKU\S-1-5-21-2253813673-471012973-4132657189-1000 -> DefaultScope {D92563C5-DDB2-496D-8F80-5A75B3C4CC7F} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2253813673-471012973-4132657189-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2253813673-471012973-4132657189-1000 -> {D92563C5-DDB2-496D-8F80-5A75B3C4CC7F} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Users\Manny\AppData\Roaming\LastPass\LPToolbar_x64.dll [2014-01-25] (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Users\Manny\AppData\Roaming\LastPass\LPToolbar.dll [2014-01-25] (LastPass)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\Manny\AppData\Roaming\LastPass\LPToolbar_x64.dll [2014-01-25] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Users\Manny\AppData\Roaming\LastPass\LPToolbar.dll [2014-01-25] (LastPass)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Manny\AppData\Roaming\Mozilla\Firefox\Profiles\gh1pm2p1.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF NetworkProxy: "backup.ftp", "104.227.49.10"
FF NetworkProxy: "backup.ftp_port", 80
FF NetworkProxy: "backup.socks", "104.227.49.10"
FF NetworkProxy: "backup.socks_port", 80
FF NetworkProxy: "backup.ssl", "104.227.49.10"
FF NetworkProxy: "backup.ssl_port", 80
FF NetworkProxy: "ftp", "23.94.243.118"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "23.94.243.118"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "23.94.243.118"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Users\Manny\AppData\Roaming\LastPass\nplastpass64.dll [2014-01-25] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Users\Manny\AppData\Roaming\LastPass\nplastpass.dll [2014-01-25] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2253813673-471012973-4132657189-1000: @acestream.net/acestreamplugin,version=3.1.2 -> C:\Users\Manny\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: LastPass - C:\Users\Manny\AppData\Roaming\Mozilla\Firefox\Profiles\gh1pm2p1.default\Extensions\support@lastpass.com [2016-01-04]
FF Extension: LogMeIn, Inc. Rescue Technician Console - C:\Users\Manny\AppData\Roaming\Mozilla\Firefox\Profiles\gh1pm2p1.default\Extensions\TechnicianConsole@logmeinrescue.com [2015-08-17] [not signed]
FF Extension: Device Pairing Handler Class - C:\Users\Manny\AppData\Roaming\Mozilla\Firefox\Profiles\gh1pm2p1.default\Extensions\{381766F3-6181-014B-E840-20873C522825} [2016-07-12] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Manny\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: Ace Stream Web Extension - C:\Users\Manny\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2015-12-18]

Chrome: 
=======
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-03]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Ebates Cash Back) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\chhjbpecpncaggjpdakmflnfcopglcmi [2016-07-14]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Tampermonkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-06-07]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2015-01-01]
CHR Extension: (Session Buddy) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2016-05-09]
CHR Extension: (Supreme Supercop) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\edbgaijjalabanhaadcapjhgefjlnfhg [2015-03-12]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (AdBlock) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-12]
CHR Extension: (DSM Auto Checkout) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkhdfapicjhgjcfjikolfeipajjfpbng [2015-04-18]
CHR Extension: (UberConference Screen Sharing) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcakmcggjddnhepfcajfcpkdjoggcnak [2016-02-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-07-15]
CHR Extension: (Referer Control) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2016-06-10]
CHR Extension: (Request Maker) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajfghlhfkcocafkcjlajldicbikpgnp [2015-11-18]
CHR Extension: (Skype) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-07]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Page Monitor) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogeebjpdeabhncjpfhgdibjajcajepgg [2016-01-05]
CHR Extension: (Visualping) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2016-05-09]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Auto Refresh Plus) - D:\Users Folders\Manny\Desktop\AddToCart\Auto Refresh Plus - Browser Addon [2015-02-05]
CHR Extension: (Supreme Checkout) - D:\Users Folders\Manny\Desktop\Supreme_apps\supreme_checkout [2016-04-21]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (Kithnyc Checkout) - D:\Users Folders\Manny\Desktop\Shopify\kithnyc [2016-05-20]
CHR Extension: (Supreme 2) - D:\Users Folders\Manny\Desktop\Supreme_apps\supreme_atc_with_size [2016-04-21]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-04]
CHR Extension: (Tampermonkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-04]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-26]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 11.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 11\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 10.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 12\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 8) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK8 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 6) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_6 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size 5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_5 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size UK 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK8.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 14\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 9) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK9 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 15\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 11.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 6) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_6 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 16\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 10.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 9) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size UK 10) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK10 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 17\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size UK 10.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK10.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 18\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 19\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 8) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK8 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size 6) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_6 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 20\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 7Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_7y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 11.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 6) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_6 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size UK 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK8.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 10.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 9) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK9 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 22\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 5.5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_5.5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 23\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 6.5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_6.5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_5 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 24\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 7) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_7 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size 6Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_6y [2014-10-31]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 25\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 6.5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_6.5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 26\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 27\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 7Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_7y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 10) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 7) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_7 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 28\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 11) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 29\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 11) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-10]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 30\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 11) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 7) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_7 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-11]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-12]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-05-28]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 31\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 11) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 32\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 6.5Y) - D:\Users Folders\Manny\Desktop\AddToCart\Youth Sizes\size_6.5y [2014-10-31]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size 9.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_9.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size UK 11) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK11 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 7) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_7 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-14]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-14]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-14]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-14]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-14]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-14]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-12]
CHR Extension: (Request Maker) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\kajfghlhfkcocafkcjlajldicbikpgnp [2016-04-12]
CHR Extension: (Skype) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 33\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-14]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tampermonkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-09]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-10]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 12) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-03]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_5 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size 11.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 10.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_10.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_5 [2015-01-29]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8.5 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 13) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_13 [2015-02-15]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 12.5) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12.5 [2015-02-15]
CHR Extension: (PreOrderHeat Bot Size UK 7) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 7) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_7 [2015-01-29]
CHR Profile: C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9
CHR Extension: (Google Slides) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Google Search) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Sheets) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Skype Click to Call) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-03]
CHR Extension: (Refresh Monkey) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2015-02-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11]
CHR Extension: (Gmail) - C:\Users\Manny\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (PreOrderHeat Bot Size 11) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_11 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size 8) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_8 [2015-01-25]
CHR Extension: (PreOrderHeat Bot Size UK 7.5) - D:\Users Folders\Manny\Desktop\AddToCart\UK Sizes\size_UK7.5 [2015-06-12]
CHR Extension: (PreOrderHeat Bot Size 12) - D:\Users Folders\Manny\Desktop\AddToCart\Men Sizes\Unpacked\size_12 [2015-02-15]
CHR HKU\S-1-5-21-2253813673-471012973-4132657189-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AndServMgr; C:\Program Files\AMI\DuOS\AndServMgr.exe [81872 2015-08-13] (American Megatrends Inc.)
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-08-18] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 MBAMScheduler; D:\Programs\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; D:\Programs\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MSIBIOSData_CC; D:\Programs\Program Files (x86)\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2099712 2014-10-21] (MSI) [File not signed]
S3 MSIClock_CC; D:\Programs\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4026880 2014-09-26] (MSI) [File not signed]
S3 MSICOMM_CC; D:\Programs\Program Files (x86)\MSI\Command Center\MSICommService.exe [2117632 2014-11-05] () [File not signed]
S3 MSICPU_CC; D:\Programs\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-09-26] () [File not signed]
R2 MSICTL_CC; D:\Programs\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1993216 2014-09-26] () [File not signed]
S3 MSIDDR_CC; D:\Programs\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2242048 2014-10-21] () [File not signed]
S3 MSISMB_CC; D:\Programs\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-07-28] () [File not signed]
S3 MSISuperIO_CC; D:\Programs\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [575488 2014-10-29] () [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1794000 2016-03-17] (Micro-Star INT'L CO., LTD.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Presto; C:\Program Files\Collobos\Presto\PrestoService.exe [4343064 2014-03-05] (Collobos Software)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13716208 2016-06-30] (Zemana Ltd.)
S2 Intel(R) ME Service; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84304 2015-10-01] (Asmedia Technology)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 cpuz137; D:\Programs\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
R1 DuoVMDrv; C:\Windows\System32\DRIVERS\DuoVMDrv.sys [239536 2015-08-06] (American Megatrends Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7850v180\NTIOLib_X64.sys [13808 2014-04-16] (MSI)
S3 NTIOLib_MSIClock_CC; D:\Programs\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; D:\Programs\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; D:\Programs\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; D:\Programs\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIFrequency_CC; D:\Programs\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; D:\Programs\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; D:\Programs\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; D:\Programs\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R2 PHYMEM; C:\Windows\system32\ami_ipower.sys [15992 2016-07-14] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-15] ()
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-07-15] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-07-15] (Zemana Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MFE_RR; \??\C:\Users\Manny\AppData\Local\Temp\mfe_rr.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_1; \??\C:\MSI\Super RAID\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 17:53 - 2016-07-16 17:54 - 00000000 ____D C:\FRST
2016-07-15 22:36 - 2016-07-16 17:54 - 00276177 _____ C:\Windows\ZAM.krnl.trace
2016-07-15 22:36 - 2016-07-16 17:54 - 00048618 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-07-15 22:36 - 2016-07-16 17:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-15 19:05 - 2016-07-15 19:05 - 00000000 ____D C:\ProgramData\Sophos
2016-07-15 19:02 - 2016-07-15 19:03 - 01168506 _____ C:\TDSSKiller.3.1.0.9_15.07.2016_19.02.41_log.txt
2016-07-15 19:01 - 2016-07-15 19:02 - 00170054 _____ C:\TDSSKiller.3.1.0.9_15.07.2016_19.01.54_log.txt
2016-07-15 18:59 - 2016-07-15 18:59 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2016-07-15 18:59 - 2016-07-15 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-07-15 18:59 - 2016-07-15 18:59 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-07-15 18:58 - 2016-07-15 18:58 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-07-15 18:58 - 2016-07-15 18:58 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-07-15 18:58 - 2016-07-15 18:58 - 00001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-07-15 18:58 - 2016-07-15 18:58 - 00000000 ____D C:\Users\Manny\AppData\Local\Zemana
2016-07-15 18:58 - 2016-07-15 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-07-15 18:58 - 2016-07-15 18:58 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-07-15 18:53 - 2016-07-15 18:59 - 00005044 _____ C:\TDSSKiller.3.1.0.9_15.07.2016_18.53.33_log.txt
2016-07-15 18:53 - 2016-07-15 18:53 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-07-15 18:53 - 2016-07-15 18:53 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-07-15 18:53 - 2016-07-15 18:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-07-15 18:41 - 2016-07-15 18:41 - 00038039 _____ C:\ComboFix.txt
2016-07-15 18:21 - 2016-07-15 18:41 - 00000000 ____D C:\Qoobox
2016-07-15 18:21 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe
2016-07-15 18:21 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe
2016-07-15 18:21 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-07-15 18:21 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-07-15 18:21 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-07-15 18:21 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe
2016-07-15 18:21 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe
2016-07-15 18:21 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe
2016-07-15 18:20 - 2016-07-15 18:38 - 00000000 ____D C:\Windows\erdnt
2016-07-15 18:00 - 2016-07-15 18:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-15 17:45 - 2016-07-15 17:46 - 00467446 _____ C:\TDSSKiller.3.1.0.9_15.07.2016_17.45.14_log.txt
2016-07-14 23:46 - 2016-03-17 15:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-07-14 23:46 - 2016-03-17 15:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-07-14 23:46 - 2016-03-16 11:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-07-14 23:46 - 2016-03-16 11:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-07-14 23:46 - 2016-03-16 11:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-07-14 23:46 - 2016-03-15 17:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-07-14 23:46 - 2016-03-15 17:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-07-14 23:46 - 2016-03-15 16:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-07-14 23:46 - 2016-03-06 11:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-07-14 23:46 - 2016-03-06 11:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-07-14 23:46 - 2016-03-06 11:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-07-14 23:46 - 2016-03-06 11:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-07-14 23:46 - 2016-02-12 11:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-07-14 23:46 - 2016-02-12 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-07-14 23:46 - 2016-02-12 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-07-14 23:46 - 2016-02-12 11:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-07-14 23:46 - 2016-02-12 11:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-07-14 23:46 - 2016-02-12 11:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-07-14 23:46 - 2016-02-12 11:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-07-14 23:46 - 2016-02-12 11:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-07-14 23:46 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-07-14 23:46 - 2016-02-12 11:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-07-14 23:46 - 2016-02-12 11:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-07-14 23:46 - 2016-02-12 11:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-07-14 23:46 - 2016-02-12 11:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-07-14 23:46 - 2016-02-12 11:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-07-14 23:46 - 2016-02-12 11:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-07-14 23:46 - 2016-02-12 11:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-07-14 23:46 - 2016-02-05 11:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-07-14 23:46 - 2016-02-05 11:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-07-14 23:46 - 2016-02-05 10:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-07-14 23:46 - 2016-02-04 18:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-07-14 23:46 - 2016-02-04 11:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-07-14 23:46 - 2016-02-03 11:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-07-14 23:46 - 2016-02-03 11:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-07-14 23:46 - 2016-02-03 11:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-07-14 23:46 - 2016-02-03 11:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-07-14 23:46 - 2016-02-03 11:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-07-14 23:46 - 2016-02-02 11:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-07-14 23:46 - 2016-01-20 17:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-07-14 23:46 - 2016-01-11 12:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-07-14 23:46 - 2016-01-07 10:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-07-14 23:46 - 2015-12-20 11:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-07-14 23:46 - 2015-12-20 11:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-07-14 23:46 - 2015-12-20 07:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-07-14 23:46 - 2015-12-08 14:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-07-14 23:46 - 2015-12-08 14:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-07-14 23:46 - 2015-12-08 14:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-07-14 23:46 - 2015-12-08 14:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-07-14 23:46 - 2015-12-08 12:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-07-14 23:46 - 2015-12-08 12:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-07-14 23:46 - 2015-12-08 12:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-07-14 23:46 - 2015-12-08 12:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-07-14 23:46 - 2015-12-08 12:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-07-14 23:46 - 2015-12-08 12:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-07-14 23:46 - 2015-12-08 12:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-07-14 23:46 - 2015-11-19 07:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-07-14 23:46 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-07-14 23:46 - 2015-11-13 16:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-07-14 23:46 - 2015-11-13 16:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-07-14 23:46 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-07-14 23:46 - 2015-11-13 15:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-07-14 23:46 - 2015-11-13 15:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-07-14 23:46 - 2015-06-03 13:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-07-14 23:45 - 2016-02-09 02:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-07-14 23:45 - 2016-02-09 02:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-07-14 23:45 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-07-14 23:45 - 2016-02-09 02:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-07-14 23:45 - 2016-02-09 02:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-07-14 23:45 - 2016-02-09 02:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-07-14 23:45 - 2016-02-09 02:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-07-14 23:45 - 2016-02-09 02:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-07-14 23:45 - 2016-02-09 02:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-07-14 23:45 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-07-14 23:45 - 2016-02-09 02:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-07-14 23:45 - 2016-01-21 23:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-07-14 23:45 - 2016-01-21 23:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-07-14 23:45 - 2016-01-21 23:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-07-14 23:45 - 2016-01-21 23:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-07-14 23:45 - 2015-12-08 14:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-07-14 23:45 - 2015-12-08 14:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-07-14 23:45 - 2015-12-08 14:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-07-14 23:45 - 2015-12-08 14:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-07-14 23:45 - 2015-12-08 14:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-07-14 23:45 - 2015-12-08 14:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-07-14 23:45 - 2015-12-08 14:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-07-14 23:45 - 2015-12-08 14:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-07-14 23:45 - 2015-12-08 14:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-07-14 23:45 - 2015-12-08 14:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-07-14 23:45 - 2015-12-08 12:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-07-14 23:45 - 2015-12-08 12:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-07-14 23:45 - 2015-12-08 12:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-07-14 23:45 - 2015-12-08 12:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-07-14 23:45 - 2015-12-08 12:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-07-14 23:45 - 2015-12-08 12:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-07-14 23:45 - 2015-12-08 11:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-07-14 23:45 - 2015-12-08 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-07-14 23:45 - 2015-12-08 11:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-07-14 22:51 - 2016-07-14 22:51 - 00000000 ___HD C:\Users\Manny\.DuOS
2016-07-14 22:51 - 2016-07-14 22:51 - 00000000 ____D C:\Users\Manny\DuOSShare
2016-07-14 22:51 - 2016-07-14 22:51 - 00000000 ____D C:\ProgramData\Reprise
2016-07-14 22:50 - 2016-07-14 22:50 - 00015992 _____ C:\Windows\system32\ami_ipower.sys
2016-07-14 22:50 - 2016-07-14 22:50 - 00002610 _____ C:\Users\Public\Desktop\DuOS.lnk
2016-07-14 22:50 - 2016-07-14 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DuOS
2016-07-14 22:50 - 2016-07-14 22:50 - 00000000 ____D C:\ProgramData\AMI
2016-07-14 22:50 - 2016-07-14 22:50 - 00000000 ____D C:\Program Files\AMI
2016-07-14 22:50 - 2015-08-06 19:40 - 00239536 _____ (American Megatrends Inc.) C:\Windows\system32\Drivers\DuoVMDrv.sys
2016-07-14 22:36 - 2016-07-15 22:37 - 00000000 ____D C:\Users\Manny\AppData\Local\NPE
2016-07-14 20:41 - 2016-07-14 20:41 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files\iPod
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files\Bonjour
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-07-14 20:41 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-07-14 20:37 - 2016-07-14 20:41 - 00000000 ____D C:\Program Files\iTunes
2016-07-14 19:58 - 2016-07-14 19:59 - 00000000 ____D C:\ProgramData\Norton
2016-07-14 17:42 - 2016-07-14 17:42 - 00000000 ____D C:\Windows\pss
2016-07-12 22:48 - 2016-07-12 23:05 - 00000000 ___HD C:\Users\Manny\AppData\Local\SysHashTable
2016-07-12 22:48 - 2016-07-12 22:48 - 00000000 _____ C:\Windows\harbor
2016-07-12 18:39 - 2016-06-25 17:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-12 18:39 - 2016-06-25 17:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-12 18:39 - 2016-06-25 17:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-12 18:39 - 2016-06-25 17:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-12 18:39 - 2016-06-25 17:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-12 18:39 - 2016-06-25 17:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-12 18:39 - 2016-06-25 17:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-12 18:39 - 2016-06-25 12:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-12 18:39 - 2016-06-25 12:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-12 18:39 - 2016-06-25 12:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-12 18:39 - 2016-06-25 12:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-12 18:39 - 2016-06-25 12:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-12 18:39 - 2016-06-22 06:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 18:39 - 2016-06-17 11:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-12 18:39 - 2016-06-14 08:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-12 18:39 - 2016-06-10 23:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-12 18:39 - 2016-06-10 21:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-12 18:39 - 2016-06-10 14:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-12 18:39 - 2016-06-10 14:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-12 18:39 - 2016-06-10 14:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-12 18:39 - 2016-06-10 14:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-12 18:39 - 2016-06-10 14:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-12 18:39 - 2016-06-10 14:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-12 18:39 - 2016-06-10 14:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-12 18:39 - 2016-06-10 14:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-12 18:39 - 2016-06-10 14:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-12 18:39 - 2016-06-10 14:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-12 18:39 - 2016-06-10 14:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-12 18:39 - 2016-06-10 14:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-12 18:39 - 2016-06-10 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-12 18:39 - 2016-06-10 14:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-12 18:39 - 2016-06-10 14:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-12 18:39 - 2016-06-10 14:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-12 18:39 - 2016-06-10 13:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-12 18:39 - 2016-06-10 13:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-12 18:39 - 2016-06-10 13:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-12 18:39 - 2016-06-10 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-12 18:39 - 2016-06-10 13:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-12 18:39 - 2016-06-10 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-12 18:39 - 2016-06-10 13:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-12 18:39 - 2016-06-10 13:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-12 18:39 - 2016-06-10 13:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-12 18:39 - 2016-06-10 13:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-12 18:39 - 2016-06-10 13:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-12 18:39 - 2016-06-10 13:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-12 18:39 - 2016-06-10 13:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-12 18:39 - 2016-06-10 13:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-12 18:39 - 2016-06-10 12:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-12 18:39 - 2016-06-10 12:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-12 18:39 - 2016-06-10 12:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-12 18:39 - 2016-06-10 12:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-12 18:39 - 2016-06-10 12:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-12 18:39 - 2016-06-10 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-12 18:39 - 2016-06-10 11:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-12 18:39 - 2016-06-10 11:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-12 18:39 - 2016-06-10 11:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-12 18:39 - 2016-06-10 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-12 18:39 - 2016-06-10 11:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-12 18:39 - 2016-06-10 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-12 18:39 - 2016-06-10 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-12 18:39 - 2016-06-10 11:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-12 18:39 - 2016-06-10 11:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-12 18:39 - 2016-06-10 11:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-12 18:39 - 2016-06-10 11:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-12 18:39 - 2016-06-10 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-12 18:39 - 2016-06-10 11:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-12 18:39 - 2016-06-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-12 18:39 - 2016-06-10 11:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-12 18:39 - 2016-06-10 11:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-12 18:39 - 2016-06-10 11:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-12 18:39 - 2016-06-10 11:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-12 18:39 - 2016-06-10 11:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-12 18:39 - 2016-06-10 11:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-12 18:39 - 2016-06-10 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-12 18:39 - 2016-06-10 11:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-12 18:39 - 2016-06-10 11:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-12 18:39 - 2016-06-10 11:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-12 18:39 - 2016-06-10 10:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-12 18:39 - 2016-06-10 10:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-12 18:39 - 2016-06-10 10:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-12 18:39 - 2016-06-10 10:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-16 23:54 - 2016-06-16 23:54 - 00003472 _____ C:\Users\Manny\AppData\Roaming\Adobe-GB1-0
2016-06-16 23:54 - 2016-06-16 23:54 - 00003395 _____ C:\Users\Manny\AppData\Roaming\78-EUC-V
2016-06-16 23:54 - 2016-06-16 23:54 - 00003203 _____ C:\Users\Manny\AppData\Roaming\Adobe-Korea1-H-CID
2016-06-16 23:54 - 2016-06-16 23:54 - 00001778 _____ C:\Users\Manny\AppData\Roaming\abstract.title.properties.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 00001559 _____ C:\Users\Manny\AppData\Roaming\alignment.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 00001302 _____ C:\Users\Manny\AppData\Roaming\403-5.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 00001292 _____ C:\Users\Manny\AppData\Roaming\403-6.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 00001167 _____ C:\Users\Manny\AppData\Roaming\403-14.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 00001096 _____ C:\Users\Manny\AppData\Roaming\404-6.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 00001074 _____ C:\Users\Manny\AppData\Roaming\admon.textlabel.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 00000922 _____ C:\Users\Manny\AppData\Roaming\3BSYBS1-DCSA_Alerts_05192015040011.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 00000738 _____ C:\Users\Manny\AppData\Roaming\7.svg
2016-06-16 23:54 - 2016-06-16 23:54 - 00000524 _____ C:\Users\Manny\AppData\Roaming\424 bl 1.ADO
2016-06-16 23:54 - 2016-06-16 23:54 - 00000453 _____ C:\Users\Manny\AppData\Roaming\Aqtobe
2016-06-16 23:54 - 2016-06-16 23:54 - 00000263 _____ C:\Users\Manny\AppData\Roaming\70-no-bitmaps.conf
2016-06-16 23:54 - 2016-06-16 23:54 - 00000225 _____ C:\Users\Manny\AppData\Roaming\10-sub-pixel-bgr.conf
2016-06-16 23:53 - 2016-06-16 23:53 - 00004551 _____ C:\Users\Manny\AppData\Roaming\et.pak
2016-06-16 23:53 - 2016-06-16 23:53 - 00003457 _____ C:\Users\Manny\AppData\Roaming\config.js
2016-06-16 23:53 - 2016-06-16 23:53 - 00003397 _____ C:\Users\Manny\AppData\Roaming\EUC-V
2016-06-16 23:53 - 2016-06-16 23:53 - 00002878 _____ C:\Users\Manny\AppData\Roaming\backgroundmon.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00002744 _____ C:\Users\Manny\AppData\Roaming\Fighter5 Flight Path.mesh
2016-06-16 23:53 - 2016-06-16 23:53 - 00002698 _____ C:\Users\Manny\AppData\Roaming\generate.legalnotice.link.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00002684 _____ C:\Users\Manny\AppData\Roaming\faq.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00002674 _____ C:\Users\Manny\AppData\Roaming\atstamp.xsl
2016-06-16 23:53 - 2016-06-16 23:53 - 00001664 _____ C:\Users\Manny\AppData\Roaming\Default Contours.shc
2016-06-16 23:53 - 2016-06-16 23:53 - 00001413 _____ C:\Users\Manny\AppData\Roaming\draft.mode.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00001312 _____ C:\Users\Manny\AppData\Roaming\chunker.output.method.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00001240 _____ C:\Users\Manny\AppData\Roaming\callout.unicode.number.limit.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00001165 _____ C:\Users\Manny\AppData\Roaming\chunk.separate.lots.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00001106 _____ C:\Users\Manny\AppData\Roaming\GIF Restrictive.irs
2016-06-16 23:53 - 2016-06-16 23:53 - 00001106 _____ C:\Users\Manny\AppData\Roaming\GIF 64 No Dither.irs
2016-06-16 23:53 - 2016-06-16 23:53 - 00001072 _____ C:\Users\Manny\AppData\Roaming\CommonMessages_en_US.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00001013 _____ C:\Users\Manny\AppData\Roaming\double.sided.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00000910 _____ C:\Users\Manny\AppData\Roaming\crop.mark.width.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00000895 _____ C:\Users\Manny\AppData\Roaming\formal.procedures.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 00000883 _____ C:\Users\Manny\AppData\Roaming\break.js
2016-06-16 23:53 - 2016-06-16 23:53 - 00000524 _____ C:\Users\Manny\AppData\Roaming\BMY red 3.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 00000524 _____ C:\Users\Manny\AppData\Roaming\BMY brown 2.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 00000524 _____ C:\Users\Manny\AppData\Roaming\blue 072 bl 2.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 00000524 _____ C:\Users\Manny\AppData\Roaming\Bl Cool Gray 10 WmGray 1.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 00000509 _____ C:\Users\Manny\AppData\Roaming\Dawson_Creek
2016-06-16 23:53 - 2016-06-16 23:53 - 00000130 _____ C:\Users\Manny\AppData\Roaming\boolean_single.js
2016-06-16 23:53 - 2016-06-16 23:53 - 00000108 _____ C:\Users\Manny\AppData\Roaming\chrome.manifest
2016-06-16 23:53 - 2016-06-16 23:53 - 00000065 _____ C:\Users\Manny\AppData\Roaming\Douala
2016-06-16 23:53 - 2016-06-16 23:53 - 00000065 _____ C:\Users\Manny\AppData\Roaming\Brazzaville
2016-06-16 23:53 - 2016-06-16 23:53 - 00000046 _____ C:\Users\Manny\AppData\Roaming\g1_1024 x 768 px 72 ppi.IMZ
2016-06-16 23:53 - 2016-06-16 23:53 - 00000000 _____ C:\Users\Manny\AppData\Roaming\e
2016-06-16 23:53 - 2016-06-16 23:53 - 00000000 _____ C:\Users\Manny\AppData\Roaming\c
2016-06-16 23:52 - 2016-06-16 23:52 - 00005030 _____ C:\Users\Manny\AppData\Roaming\graphics.xsl
2016-06-16 23:52 - 2016-06-16 23:52 - 00000510 _____ C:\Users\Manny\AppData\Roaming\goURL_lr_photoshop_en.csv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 17:51 - 2016-05-20 22:30 - 00000000 ____D C:\Users\Manny\AppData\Local\Skitch
2016-07-16 17:51 - 2014-01-19 01:56 - 00000000 ____D C:\Users\Manny
2016-07-16 17:50 - 2015-03-05 23:21 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-07-16 17:50 - 2014-09-21 13:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-16 17:50 - 2014-08-29 22:57 - 00000000 ____D C:\Users\Manny\AppData\Local\Adobe
2016-07-16 17:50 - 2014-01-19 09:48 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-16 17:50 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-16 17:49 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-16 17:49 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-16 17:43 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-07-16 17:16 - 2014-01-19 09:48 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-16 16:57 - 2014-01-19 02:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-15 22:46 - 2014-01-19 02:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-15 22:45 - 2014-01-19 02:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-15 22:45 - 2014-01-19 02:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-15 22:43 - 2009-07-13 22:13 - 00785878 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-15 22:42 - 2014-01-19 02:12 - 00778000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-15 18:54 - 2014-01-22 19:39 - 00001945 _____ C:\Windows\epplauncher.mif
2016-07-15 18:32 - 2009-07-13 19:34 - 00000215 _____ C:\Windows\system.ini
2016-07-15 18:00 - 2014-09-21 13:14 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-15 17:43 - 2014-10-08 17:05 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-15 06:51 - 2014-12-12 12:48 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-15 00:11 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2016-07-14 23:07 - 2009-07-13 21:45 - 05053344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-14 23:06 - 2015-04-07 20:46 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-14 23:06 - 2015-04-07 20:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-14 23:06 - 2014-12-11 04:20 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-14 23:06 - 2014-05-06 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-07-14 23:06 - 2011-04-12 01:28 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 20:50 - 2014-03-05 19:18 - 00000000 ____D C:\ProgramData\WindSolutions
2016-07-14 20:49 - 2014-03-05 19:31 - 00000000 ____D C:\Users\Manny\AppData\Roaming\WindSolutions
2016-07-14 20:41 - 2015-09-17 20:04 - 00000000 ____D C:\Program Files\Java
2016-07-14 20:37 - 2014-01-25 20:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-14 20:36 - 2014-01-25 20:47 - 00000000 ____D C:\ProgramData\Apple
2016-07-14 20:28 - 2015-11-19 21:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-14 20:28 - 2015-01-01 22:30 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 20:19 - 2014-01-19 02:19 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-14 19:56 - 2014-02-02 01:10 - 00000000 ____D C:\Users\Manny\AppData\Local\CrashDumps
2016-07-14 19:56 - 2014-01-27 09:11 - 00000000 ____D C:\Users\Manny\AppData\Roaming\TeamViewer
2016-07-14 19:56 - 2014-01-25 22:07 - 00000000 ____D C:\Users\Manny\AppData\Roaming\Azureus
2016-07-14 12:09 - 2014-01-19 02:14 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 12:08 - 2014-01-19 02:14 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 12:08 - 2014-01-19 02:14 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 22:47 - 2014-01-25 22:07 - 00000000 ____D C:\Program Files (x86)\Vuze
2016-07-12 08:57 - 2014-01-19 02:14 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 08:57 - 2014-01-19 02:14 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-10 01:00 - 2014-01-19 23:58 - 00000000 ____D C:\Users\Manny\AppData\Local\ElevatedDiagnostics
2016-06-21 12:13 - 2010-11-20 20:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-18 23:15 - 2016-05-05 18:05 - 00000000 ____D C:\Users\Manny\AppData\Roaming\.ACEStream
2016-06-18 21:37 - 2014-06-05 23:02 - 00000000 __SHD C:\Users\Manny\wc
2016-06-17 19:17 - 2014-01-19 09:48 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 19:17 - 2014-01-19 09:48 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2016-06-16 23:54 - 2016-06-16 23:54 - 0000225 _____ () C:\Users\Manny\AppData\Roaming\10-sub-pixel-bgr.conf
2016-06-16 23:54 - 2016-06-16 23:54 - 0001400 _____ () C:\Users\Manny\AppData\Roaming\16_9-frame-image-mask.png
2016-06-16 23:54 - 2016-06-16 23:54 - 0000914 _____ () C:\Users\Manny\AppData\Roaming\3.gif
2016-06-16 23:54 - 2016-06-16 23:54 - 0000922 _____ () C:\Users\Manny\AppData\Roaming\3BSYBS1-DCSA_Alerts_05192015040011.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 0000345 _____ () C:\Users\Manny\AppData\Roaming\4.png
2016-06-16 23:54 - 2016-06-16 23:54 - 0001167 _____ () C:\Users\Manny\AppData\Roaming\403-14.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 0001302 _____ () C:\Users\Manny\AppData\Roaming\403-5.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 0001292 _____ () C:\Users\Manny\AppData\Roaming\403-6.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 0001096 _____ () C:\Users\Manny\AppData\Roaming\404-6.htm
2016-06-16 23:54 - 2016-06-16 23:54 - 0000524 _____ () C:\Users\Manny\AppData\Roaming\424 bl 1.ADO
2016-06-16 23:54 - 2016-06-16 23:54 - 0000218 _____ () C:\Users\Manny\AppData\Roaming\6.gif
2016-06-16 23:54 - 2016-06-16 23:54 - 0000344 _____ () C:\Users\Manny\AppData\Roaming\7.png
2016-06-16 23:54 - 2016-06-16 23:54 - 0000738 _____ () C:\Users\Manny\AppData\Roaming\7.svg
2016-06-16 23:54 - 2016-06-16 23:54 - 0000263 _____ () C:\Users\Manny\AppData\Roaming\70-no-bitmaps.conf
2016-06-16 23:54 - 2016-06-16 23:54 - 0003395 _____ () C:\Users\Manny\AppData\Roaming\78-EUC-V
2016-06-16 23:54 - 2016-06-16 23:54 - 0001778 _____ () C:\Users\Manny\AppData\Roaming\abstract.title.properties.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 0001861 _____ () C:\Users\Manny\AppData\Roaming\action_center.png
2016-06-16 23:54 - 2016-06-16 23:54 - 0001074 _____ () C:\Users\Manny\AppData\Roaming\admon.textlabel.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 0003472 _____ () C:\Users\Manny\AppData\Roaming\Adobe-GB1-0
2016-06-16 23:54 - 2016-06-16 23:54 - 0003203 _____ () C:\Users\Manny\AppData\Roaming\Adobe-Korea1-H-CID
2016-06-16 23:54 - 2016-06-16 23:54 - 0001559 _____ () C:\Users\Manny\AppData\Roaming\alignment.xml
2016-06-16 23:54 - 2016-06-16 23:54 - 0003048 _____ () C:\Users\Manny\AppData\Roaming\app_updater_footer.png
2016-06-16 23:54 - 2016-06-16 23:54 - 0000453 _____ () C:\Users\Manny\AppData\Roaming\Aqtobe
2016-06-16 23:53 - 2016-06-16 23:53 - 0002674 _____ () C:\Users\Manny\AppData\Roaming\atstamp.xsl
2016-06-16 23:53 - 2016-06-16 23:53 - 0002878 _____ () C:\Users\Manny\AppData\Roaming\backgroundmon.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0000524 _____ () C:\Users\Manny\AppData\Roaming\Bl Cool Gray 10 WmGray 1.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 0000524 _____ () C:\Users\Manny\AppData\Roaming\blue 072 bl 2.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 0000524 _____ () C:\Users\Manny\AppData\Roaming\BMY brown 2.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 0000524 _____ () C:\Users\Manny\AppData\Roaming\BMY red 3.ADO
2016-06-16 23:53 - 2016-06-16 23:53 - 0000130 _____ () C:\Users\Manny\AppData\Roaming\boolean_single.js
2016-06-16 23:53 - 2016-06-16 23:53 - 0001317 _____ () C:\Users\Manny\AppData\Roaming\boot_path_2.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000065 _____ () C:\Users\Manny\AppData\Roaming\Brazzaville
2016-06-16 23:53 - 2016-06-16 23:53 - 0000883 _____ () C:\Users\Manny\AppData\Roaming\break.js
2016-06-16 23:53 - 2016-06-16 23:53 - 0000569 _____ () C:\Users\Manny\AppData\Roaming\but-prev.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000000 _____ () C:\Users\Manny\AppData\Roaming\c
2016-06-16 23:53 - 2016-06-16 23:53 - 0001240 _____ () C:\Users\Manny\AppData\Roaming\callout.unicode.number.limit.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0001375 _____ () C:\Users\Manny\AppData\Roaming\chapters-static.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000108 _____ () C:\Users\Manny\AppData\Roaming\chrome.manifest
2016-06-16 23:53 - 2016-06-16 23:53 - 0001165 _____ () C:\Users\Manny\AppData\Roaming\chunk.separate.lots.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0001312 _____ () C:\Users\Manny\AppData\Roaming\chunker.output.method.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0002910 _____ () C:\Users\Manny\AppData\Roaming\CircleSubpicture.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0001952 _____ () C:\Users\Manny\AppData\Roaming\cleanmgr.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000157 _____ () C:\Users\Manny\AppData\Roaming\closed.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0001072 _____ () C:\Users\Manny\AppData\Roaming\CommonMessages_en_US.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0003457 _____ () C:\Users\Manny\AppData\Roaming\config.js
2016-06-16 23:53 - 2016-06-16 23:53 - 0002284 _____ () C:\Users\Manny\AppData\Roaming\cp_modem.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000910 _____ () C:\Users\Manny\AppData\Roaming\crop.mark.width.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0002176 _____ () C:\Users\Manny\AppData\Roaming\C_Enabled.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000509 _____ () C:\Users\Manny\AppData\Roaming\Dawson_Creek
2016-06-16 23:53 - 2016-06-16 23:53 - 0001664 _____ () C:\Users\Manny\AppData\Roaming\Default Contours.shc
2016-06-16 23:53 - 2016-06-16 23:53 - 0002472 _____ () C:\Users\Manny\AppData\Roaming\dfrg.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000065 _____ () C:\Users\Manny\AppData\Roaming\Douala
2016-06-16 23:53 - 2016-06-16 23:53 - 0001013 _____ () C:\Users\Manny\AppData\Roaming\double.sided.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0001413 _____ () C:\Users\Manny\AppData\Roaming\draft.mode.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0000000 _____ () C:\Users\Manny\AppData\Roaming\e
2016-06-16 23:53 - 2016-06-16 23:53 - 0000778 _____ () C:\Users\Manny\AppData\Roaming\email.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0003719 _____ () C:\Users\Manny\AppData\Roaming\engine_glow.jpg
2016-06-16 23:53 - 2016-06-16 23:53 - 0004974 _____ () C:\Users\Manny\AppData\Roaming\ergonomic-keyboard.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0001817 _____ () C:\Users\Manny\AppData\Roaming\errorReport.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0004551 _____ () C:\Users\Manny\AppData\Roaming\et.pak
2016-06-16 23:53 - 2016-06-16 23:53 - 0003397 _____ () C:\Users\Manny\AppData\Roaming\EUC-V
2016-06-16 23:53 - 2016-06-16 23:53 - 0001704 _____ () C:\Users\Manny\AppData\Roaming\f1.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0001585 _____ () C:\Users\Manny\AppData\Roaming\f15.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0001484 _____ () C:\Users\Manny\AppData\Roaming\f2.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0002684 _____ () C:\Users\Manny\AppData\Roaming\faq.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0001152 _____ () C:\Users\Manny\AppData\Roaming\female.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0002744 _____ () C:\Users\Manny\AppData\Roaming\Fighter5 Flight Path.mesh
2016-06-16 23:53 - 2016-06-16 23:53 - 0004501 _____ () C:\Users\Manny\AppData\Roaming\floppy-drive.png
2016-06-16 23:53 - 2016-06-16 23:53 - 0000895 _____ () C:\Users\Manny\AppData\Roaming\formal.procedures.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0000046 _____ () C:\Users\Manny\AppData\Roaming\g1_1024 x 768 px 72 ppi.IMZ
2016-06-16 23:53 - 2016-06-16 23:53 - 0002698 _____ () C:\Users\Manny\AppData\Roaming\generate.legalnotice.link.xml
2016-06-16 23:53 - 2016-06-16 23:53 - 0001106 _____ () C:\Users\Manny\AppData\Roaming\GIF 64 No Dither.irs
2016-06-16 23:53 - 2016-06-16 23:53 - 0001106 _____ () C:\Users\Manny\AppData\Roaming\GIF Restrictive.irs
2016-06-16 23:53 - 2016-06-16 23:53 - 0002888 _____ () C:\Users\Manny\AppData\Roaming\globe.png
2016-06-16 23:52 - 2016-06-16 23:52 - 0000510 _____ () C:\Users\Manny\AppData\Roaming\goURL_lr_photoshop_en.csv
2016-06-16 23:52 - 2016-06-16 23:52 - 0005030 _____ () C:\Users\Manny\AppData\Roaming\graphics.xsl
2012-11-13 01:00 - 2012-11-13 01:00 - 0049882 _____ () C:\Users\Manny\AppData\Roaming\Scruple.2
1987-09-04 00:00 - 1987-09-04 00:00 - 0005141 _____ () C:\Users\Manny\AppData\Roaming\ShrinkRegimen.C3j
2002-05-08 00:00 - 2002-05-08 00:00 - 0003939 _____ () C:\Users\Manny\AppData\Roaming\Stereoscopy.Y
2000-04-16 00:00 - 2000-04-16 00:00 - 0049808 _____ () C:\Users\Manny\AppData\Roaming\Warehouse.5
2015-05-22 10:11 - 2015-05-22 10:11 - 0010266 _____ () C:\ProgramData\regid.2015-05.exe.textpad_83F5EF12-C2F9-4C11-A5C5-57A7B2D7AD25.swidtag
2015-09-16 21:36 - 2015-09-16 21:36 - 0000258 ____H () C:\ProgramData\tmaster8.net

Files to move or delete:
====================
C:\Users\Manny\Pair_Setup_v3.2.0_20130226_Release.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-07 00:27

==================== End of FRST.txt ============================






 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02
Ran by Manny (2016-07-16 17:54:51)
Running from D:\Users Folders\Manny\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-19 08:56:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2253813673-471012973-4132657189-500 - Administrator - Disabled)
Guest (S-1-5-21-2253813673-471012973-4132657189-501 - Limited - Disabled)
Julissa (S-1-5-21-2253813673-471012973-4132657189-1004 - Administrator - Enabled) => C:\Users\Julissa
Manny (S-1-5-21-2253813673-471012973-4132657189-1000 - Administrator - Enabled) => C:\Users\Manny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace Stream Media 3.1.2 (HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\AceStream) (Version: 3.1.2 - Ace Stream Media) <==== ATTENTION
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.8.0000 - Asmedia Technology)
Better Nike Bot (Beta) (HKLM-x32\...\{017F4C1E-0C27-4805-B708-7AC5D861CB6E}_is1) (Version:  - BetterNikeBot)
BNB All in One (HKLM-x32\...\{6F6087CC-91C0-45AD-82D6-40587EBDA884}_is1) (Version:  - BetterNikeBot)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
ConnectWise Internet Client 64-bit (HKLM\...\{57DD9DCF-A333-4636-9803-253DAA473E0B}) (Version: 15.5.0 - ConnectWise)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
DuOS (HKLM\...\{E4CEC959-9A90-4391-86D0-76B518171F9D}) (Version: 1.1.0.7525 - American Megatrends Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{3CC1CC76-AB3A-4360-AB6F-1355D05A2A17}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaseya Remote Control (HKLM-x32\...\{12678806-ACED-4AA8-90E7-0D6F94812E52}) (Version: 9.2.5771.33020 - Kaseya)
LastPass (uninstall only) (HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.85 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.014 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.16 (HKLM\...\{F2E958A1-9215-4C7D-9A2E-F0740B8CA5B7}) (Version: 5.0.16 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Wizard 2013.2.12 (HKLM-x32\...\PC Wizard 2013_is1) (Version:  - CPUID)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Presto 1.5.482.0 (HKLM\...\{D65F74D9-5FD6-42E5-BE65-474AF84A5591}_is1) (Version: 1.5.482.0 - Collobos Software)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Rapoo Mouse and Keyboard Pair Tools V3.2 (HKLM-x32\...\{1899FF3C-B115-4C6C-A81A-9F1FBBCEAF36}_is1) (Version:  - Rapoo Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.89.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skitch (HKLM-x32\...\Skitch 2.3.2.176) (Version: 2.3.2.176 - Evernote Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Solarwinds MSP Anywhere Viewer for N-central (HKU\S-1-5-21-2253813673-471012973-4132657189-1000\...\Solarwinds MSP Anywhere Viewer for N-central) (Version: 6.77.57 - Solarwinds N-able)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TextPad 7 (HKLM\...\{D5CA0106-90CE-4842-8194-A6D4A46FAA0E}) (Version: 7.5.1 - Helios)
TinyUmbrella 8.2.0.60 (HKLM\...\4851-8548-9863-1993) (Version: 8.2.0.60 - )
TreeSize Free V3.4.4 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.4 - JAM Software)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
TypingMaster Pro (HKLM-x32\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.10 - TypingMaster Inc)
UltraEdit (HKLM\...\{AFFE5F64-3248-41E9-96AE-8B475F6EFAB3}) (Version: 23.00.0.59 - IDM Computer Solutions, Inc.)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.21.139 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Manny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{8A791F0C-C63C-4EC5-B97F-FBCE74EDBC54}\InprocServer32 -> D:\Programs\Program Files\TextPad 7\System\ShellExt64.dll ()
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Manny\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> D:\Programs\Program Files\New folder\ue64ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Manny\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manny\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => No File
CustomCLSID: HKU\S-1-5-21-2253813673-471012973-4132657189-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Manny\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {069FD401-F0C1-44F4-BEEE-4AC7CF417D97} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {0F095882-436D-4312-8445-30C2A637A7A8} - System32\Tasks\CCleanerSkipUAC => D:\Programs\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {2465EC69-E238-42A6-A953-0EEB35986F20} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-22] ()
Task: {3B9F41B0-93F9-4E40-93D0-6D1E68E7306B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {4F91A50C-6603-464B-B959-9691CA53940A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {71CA8386-5B58-4333-A575-17F0A82789A9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {823E6C86-147F-47A7-814D-0169C41348F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {ADB9E577-C139-4F62-9EE3-A971CF6B1F77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {BD834BAF-1A0D-4170-BEC8-AEBB3014446D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C2D1C9DA-BE54-4E93-9E42-72B9D3ED881C} - System32\Tasks\AdobeAAMUpdater-1.0-Manny-PC-Manny => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {C9EEAC5B-CCC6-47C3-AE52-D8818D431CFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CC5467D1-A106-43FB-A087-2F25F08A53AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E209A580-BF45-4AD6-896E-7A816CC9A9AC} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-05-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Manny - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\LocoBot 4 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f36b4a13a07e79c7\LocoBot 21 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 22"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f0936695556e8bf\LocoBot 20 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 21"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d76736477ba15566\LocoBot 9 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 10"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d6788779ff9b8dd5\LocoBot17 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 32"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d2414a571945b906\LocoBot 26 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 27"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\LocoBot 6 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b13f4a9ad209f845\LocoBot 27 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 28"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d40ac93c46abd42\LocoBot 29 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 30"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9c5f1dad405065f1\LocoBot 11 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 12"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\997961bd22b48991\LocoBot 24 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 25"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6651d0a1cd059aa\LocoBot 28 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 29"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\651b1dc7d79c18e9\LocoBot 25 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 26"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\603d61d7b578f489\LocoBot 10 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 11"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\44311d836ea7d828\LocoBot 22 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 23"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\LocoBot 5 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2e23362dec6d287e\LocoBot 23 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 24"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b054a3d8e89c41e\LocoBot 12 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 13"
ShortcutWithArgument: C:\Users\Manny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2a1afb030ab31cad\LocoBot 30 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 31"

==================== Loaded Modules (Whitelisted) ==============

2014-01-21 19:58 - 2013-10-23 16:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2014-01-22 18:42 - 2015-04-08 14:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-25 17:01 - 2014-08-25 17:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2015-01-25 13:09 - 2014-09-26 12:44 - 01993216 _____ () D:\Programs\Program Files (x86)\MSI\Command Center\MSIControlService.exe
2014-09-17 10:31 - 2014-03-05 16:01 - 01574912 _____ () C:\Program Files\Collobos\Presto\libcups2.dll
2015-11-10 16:45 - 2015-11-10 16:45 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-03-30 05:27 - 2016-03-30 20:00 - 00147968 _____ () D:\Programs\Program Files\New folder\ue64ctmn.dll
2015-05-22 10:12 - 2015-05-22 10:12 - 00115232 _____ () D:\Programs\Program Files\TextPad 7\System\ShellExt64.dll
2015-04-15 13:13 - 2015-04-15 13:13 - 00222720 _____ () D:\Programs\Program Files (x86)\Notepad++\NppShell_06.dll
2016-07-15 18:58 - 2016-07-15 18:58 - 00121200 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2014-01-20 00:35 - 2012-11-01 12:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-01-20 00:35 - 2012-11-01 12:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2016-04-15 18:43 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2015-11-10 16:45 - 2015-11-10 16:45 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-05-13 07:42 - 2013-05-13 07:42 - 00107520 _____ () C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\ZLIB1.DLL
2016-05-20 22:29 - 2015-04-30 13:21 - 00043008 _____ () C:\Program Files (x86)\Evernote\Skitch\libgcc_s_dw2-1.dll
2016-05-20 22:29 - 2015-04-30 13:21 - 00011362 _____ () C:\Program Files (x86)\Evernote\Skitch\mingwm10.dll
2014-03-21 04:58 - 2014-03-21 04:58 - 00596316 _____ () C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\TURBOJPEG.DLL
2016-07-05 05:07 - 2016-07-05 05:07 - 00069856 _____ () C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\BASECLIENT.DLL
2016-07-05 05:07 - 2016-07-05 05:07 - 00618736 _____ () C:\Users\Manny\AppData\Local\MSP Anywhere for N-central\Viewer\NCentralRDViewer_EN.dll
2016-06-17 19:17 - 2016-06-15 02:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 19:17 - 2016-06-15 02:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2014-01-20 00:32 - 2013-09-17 04:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\86280990.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\86280990.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2016-07-15 18:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253813673-471012973-4132657189-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Manny^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^4cb7a6.lnk => C:\Windows\pss\4cb7a6.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: CrashPlanTray => D:\Programs\Program Files (x86)\CrashPlan\CrashPlanTray.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Live Update => D:\Programs\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{043E2605-4674-4404-B634-6A725764AE09}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3954C2C7-F9C0-4163-91C2-784AF36DE04C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C620785B-4B0B-47F7-BF0F-7D7DFEE050B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{90634872-3857-43E8-A776-E00807A45E05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F38F20DF-B128-4186-BEA9-5626BC08B244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{476F428F-9913-4C5A-992E-31AE739C4C14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9AD20B22-462D-4B50-A4E4-EB5A7FBC5790}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{37922568-C0AD-45ED-A345-19C30FD5A02C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F4497E45-EB6D-4515-8E41-3A517A2A4A55}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8E3D55B9-6B9F-47FF-9E1C-E4A61452DAF7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{74FC321A-23D8-4895-A9DC-AA660C4DBBED}] => (Allow) D:\Users Folders\Manny\Downloads\install\Data\Disk1\setup.exe
FirewallRules: [{E57CAEF2-C816-4BE9-A427-BB860AAE725C}] => (Allow) D:\Users Folders\Manny\Downloads\install\Data\Disk1\setup.exe
FirewallRules: [{392216E0-7CE2-4FAE-AE55-CB5603D0178F}] => (Allow) D:\Programs\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7A2A5A18-9C9E-4D78-8683-FD5DDF60A0F5}] => (Allow) D:\Programs\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{9B2D425F-6B90-4418-AAA5-55BD2BD6013A}] => (Allow) D:\Programs\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D414E392-77DB-40D3-A61C-B4DA43F532EA}] => (Allow) D:\Programs\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9F662948-8A89-4F12-B01D-5A26A66493E6}] => (Allow) C:\Program Files\Collobos\Presto\PrestoService.exe
FirewallRules: [{5E31E5D7-15CB-42C0-9FFF-5A627ECB9694}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C199A0-643B-4C8E-86C3-0D4EC507ED6B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{84CF246D-1C7F-4408-908B-D582E123AEFB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A1A7B537-C2D2-4CEE-A693-E8F8F7025A0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5F4D149A-F4C7-4EAE-8385-EFE473584CD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{708FA8F6-12D0-41C1-AD09-BB38561CAB45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EFD91908-195A-4901-AF60-8E07CDCC6737}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{11E3E88C-E9D7-4B30-8A0E-114876127361}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{17D0B7C4-FAFE-4808-8146-79EA1D3F2BE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{84FED5CC-0332-43A1-A4E7-66DC33DB9888}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DE1ECCA-E35D-4079-97EE-1372D1391889}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8042A4C9-ADA8-42B7-8F46-F12162E1842A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5712181F-51BB-4052-9618-6DF9FF6B8F65}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{976D4954-774C-4A97-9E51-193A484FEE24}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{2007B13D-63A4-449E-A1CC-0B75871BD52C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5362C5B7-7E69-49AD-B5BD-744056552F33}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{66AF28F6-8CF0-468E-8CA4-C85D1BD69A56}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{419D6801-000C-4923-8D2D-722AC05FF02D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B81C834E-18F9-4E4D-826D-2EE1C1B65E86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E592F5EF-D36F-4464-8A70-4C12E05EA809}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35A1AD61-4900-4177-BBAD-4650453A92C3}] => (Allow) C:\Program Files (x86)\Kaseya Remote Control\Kaseya Remote Control.exe
FirewallRules: [{75679575-C464-453C-AAD5-0AC420173FEF}] => (Allow) C:\Program Files (x86)\Kaseya Remote Control\Kaseya.AdminEndpoint.exe
FirewallRules: [{D74EDD6E-2439-45E3-AD9B-33547ED4BECF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D29C5D9-901F-4D5E-B93D-2D23B798875E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CF169C8E-A5E4-4977-B81F-FE072F45BCE1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{613CE4AD-23DD-42AB-8E72-E31595DBBA6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2E5AFF47-C08F-4738-8DEE-D300DD04A5E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A2581AD7-4321-411F-9A00-0358C1AE1737}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{0D8F8859-C9BD-4BFF-B435-9F5DC2DC9615}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{AA5EA11C-6D27-4056-98D0-090F262BFCF9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E9F3D1F6-0C4B-4AB5-B724-3687EA0757D5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{467603E5-E0D0-4BC7-A89D-02BCC7A54AFB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F08A99DB-E283-4507-B4A3-FC54B8F7CE51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9CE8C166-674E-42A8-BA99-ED1A3F828DFB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1868FA93-3B22-4500-B218-36A123214719}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe
FirewallRules: [{75A82F18-2D73-450A-B5AB-EBC6AC738364}] => (Allow) C:\Program Files\AMI\DuOS\DuOS.exe
FirewallRules: [{343606FF-F166-4EB1-A7B4-4B340D474018}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe
FirewallRules: [{230776F4-8A57-4DEA-B71B-30514508EAC9}] => (Allow) C:\Program Files\AMI\DuOS\Ubusd.exe
FirewallRules: [{CC8F4BB1-3DB9-4036-B47C-8ADA14277624}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe
FirewallRules: [{DA54E003-7136-41B1-8199-48981186704E}] => (Allow) C:\Program Files\AMI\DuOS\Dsync.exe
FirewallRules: [{35433DCF-91F1-42E7-9BB7-B8BB913B65FF}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe
FirewallRules: [{4411912C-D7A9-47EA-9845-387A75C3BE23}] => (Allow) C:\Program Files\AMI\DuOS\SysEvent.exe
FirewallRules: [{A4FF5651-A861-4AE9-A89B-704B7659D035}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe
FirewallRules: [{57000E32-54DB-4E06-9100-BD828DF726F6}] => (Allow) C:\Program Files\AMI\DuOS\locationservice.exe
FirewallRules: [{8885CF39-89F9-4D19-835B-7DDC25B5433B}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe
FirewallRules: [{7E716935-319D-4999-A46E-7491A6E6D608}] => (Allow) C:\Program Files\AMI\DuOS\SensorService.exe
FirewallRules: [{D8B16C3C-A1C5-4853-B980-9FEAFFB5EE02}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe
FirewallRules: [{BC8F417A-2287-4857-816A-397ECF021878}] => (Allow) C:\Program Files\AMI\DuOS\..\DuoVM\DuoVMHeadless.exe

==================== Restore Points =========================

15-07-2016 22:40:43 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/16/2016 05:51:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2016 05:50:07 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 3024:3048 Sat Jul 16 17:50:07 2016 daemon_win32.cpp:1621 presto::daemon_win32::printer_connections_key RegOpenKey() failed: 2

Error: (07/16/2016 05:50:06 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 3024:3048 Sat Jul 16 17:50:06 2016 main.cpp:795 SetServiceInfo LockServiceDatabase() failed: 1055

Error: (07/16/2016 05:48:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2016 05:46:27 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 2824:2880 Sat Jul 16 17:46:27 2016 daemon_win32.cpp:1621 presto::daemon_win32::printer_connections_key RegOpenKey() failed: 2

Error: (07/16/2016 05:46:27 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 2824:2880 Sat Jul 16 17:46:27 2016 main.cpp:795 SetServiceInfo LockServiceDatabase() failed: 1055

Error: (07/16/2016 05:45:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2016 05:45:17 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 2836:2880 Sat Jul 16 17:45:17 2016 daemon_win32.cpp:1621 presto::daemon_win32::printer_connections_key RegOpenKey() failed: 2

Error: (07/16/2016 05:45:16 PM) (Source: Presto Service) (EventID: 1) (User: )
Description: 2836:2880 Sat Jul 16 17:45:16 2016 main.cpp:795 SetServiceInfo LockServiceDatabase() failed: 1055

Error: (07/15/2016 10:38:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/16/2016 05:52:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) ME Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.


Error: (07/16/2016 05:48:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) ME Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.


Error: (07/15/2016 11:23:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (07/15/2016 10:38:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) ME Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.


Error: (07/15/2016 07:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) ME Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.


Error: (07/15/2016 07:02:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.225.1590.0).

Error: (07/15/2016 07:02:10 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 0.0.0.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/15/2016 06:59:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 

    Previous Signature Version: 0.0.0.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.9.0218.00

    Source Path: 4.9.0218.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (07/15/2016 06:49:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/15/2016 06:32:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.


CodeIntegrity:
===================================
  Date: 2016-07-15 18:30:06.113
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-15 18:30:06.082
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-14 20:34:49.387
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-14 20:34:49.350
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-21 12:57:19.198
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b_winbiosensoradapter.dll_27e23485 because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-21 12:57:19.160
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b_winbiosensoradapter.dll_27e23485 because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-21 12:57:19.121
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b_winbiosensoradapter.dll_27e23485 because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-21 12:57:18.137
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e_winbiostorageadapter.dll_5fb8b23e because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-21 12:57:18.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e_winbiostorageadapter.dll_5fb8b23e because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-21 12:57:18.030
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Donna Sillan DATA\F\Computer Backup\Windows\winsxs\Backup\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e_winbiostorageadapter.dll_5fb8b23e because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 14%
Total physical RAM: 32711.98 MB
Available physical RAM: 28048.88 MB
Total Virtual: 36806.17 MB
Available Virtual: 32232.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:21.44 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:581.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 753CD6C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 52D48C35)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Thanks again!

Link to post
Share on other sites

Thanks for those logs, continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

I`ve also attached two (2) zip folders, unzip each folder to your Desktop, you will now have two (2) .reg files.
Right click on each .reg file in turn and select "Merge" agree any prompts. reboot when complete..

Next,

Run Rkill again as you did previously and post the new log....

Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/
 
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open.
  • Close the program > Don't Fix anything!



Next,

Download and Save McAfee Stinger to your Desktop from here:

http://downloadcenter.mcafee.com/products/mcafee-avert/Stinger/stinger32.exe

Read the Terms and Conditions, the download tab is at the bottom of the page.
Close all browsers before starting. Disable your antivirus program and anti-malware, if any.
To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs read here:

http://www.bleepingcomputer.com/forums/topic114351.html

On Windows 7, 8, 10 & Vista systems, Right Click on Stinger user posted image and select Run as Administrator.
On XP, double-click to start it.
Click on “I Accept” tab at McAfee end user licence agreement.

user posted image

In the new Window select “Advanced” then “Settings”

user posted image

The settings window will open, make sure the settings are exactly as shown in the following image, then select “Save” <<------Very Important

user posted image

In the new window Click the “Customize my Scan” under the “Scan” button.

user posted image

In the new Window select C:\ drive and any other listed Hard Drive, then select “Scan”

user posted image

When the scan completes select the “View log” to do that, select “Notepad” if offered in list of choices.

If the log opens in your browser, copy and save to a file....

I will need a copy of that log.

let me see those logs in your reply, also give an update on any remaining issues or concerns....

Thank you,

Kevin...

Fixlist.txt

TPM_Base_Services.zip

WFW.zip

Edited by kevinf80
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.