Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Back Door Virus still with me? [Closed]

Started by Vicky227 , Mar 17 2013 03:42 PM

This topic is locked

#1
Vicky227

Posted 17 March 2013 - 03:42 PM

Member

Member
19 posts

Three months ago Jasmyne discovered I had a back door virus, then helped me clean my laptop. I did not reinstall Windows since the system was pre-installed and I received no disks at the time of purchase. After the most recent Critical Windows update, I find myself wondering if it is still troubling my computer.

Even before the critical update on 3.14.2013 I have been notified on more than one occasion by McAfee that one Windows 32 bil program wanted outgoing permission. I allowed it once, but have denied it ever since. McAfee's notice indicated they did not recognize the program (hard to imagine if it was legitimate). Additionally, I have a 64 bit system which updates automatically. If it doesn't need outgoing permission from me the 32-bit should not require it.

Attached is the most recent McAfee notice, which I minimized instead of automatically blocking. It now seems to have disappeared from my desktop, but not before I used the snipping tool to capture the attached image.

Since the 3.14 Microsoft critical update my file access has changed. I deleted Bing, but it has come back, along with changes to my homepage to msn. I am no longer able to see everything in my computer at one time (on the left side of the screen), open a file to view the contents on the right side of the screen and drag and drop to another file.

When I tried to system restore to the date before the critical update, the notice I got is also attached.

Feeling like a fish out of water ... who doesn't know even know how to swim, only that something is still or once again wrong.

Help? Thank you!

Attached Thumbnails

#2
godawgs

Posted 17 March 2013 - 11:11 PM

Teacher

Retired Staff
8,228 posts

Hello Vicky, :wave:

Welcome back to the forums!
:welcome:

. My name is godawgs and I will be assisting you with your Virus / Malware issues.
We apologize for the delay in responding to your request for help. Here at GeeksToGo we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

I will start working on your Malware issues. This may, or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine!

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
If you have not, please adhere to the guidelines below and then carefully follow all future instructions:

You must reply to posts within four days. If you haven't replied within that time, the topic will be closed! If you need additional time to complete things, just let me know.
If you're not sure, or if something unexpected happens, Do NOT continue! Stop and ask!

This board can notify you when a new reply is added to a topic. Please read this topic to find out how to do that.

Please do not run any tools unless instructed to do so.

We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask, nothing extra. Do Not run things twice unless instructed.
Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
If I ask a Question just answer it, don't run anything unless directed to.

Please read every post completely before doing anything.

Pay special attention to the NOTE: lines, or anything in red. These entries identify an individual issue or important step in the cleanup process.
Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. Some of the steps I will be asking you to do may require you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.

Logs from malware diagnostic or removal programs (OTL is one of them) can take some time to analyze.

I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes )
Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.

Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

MSFeedsSync is a part of IE (located in C:\WINDOWS\System32) and required if you wish to use the Live Feeds option to receive the latest RSS feeds in your browser. If you don't wish to use it:

Open Internet Explorer
Click Tools, then Internet options, then the Content tab.
Click on the Settings button toward the bottom of the tab, under Feeds and Web slices.
Uncheck the box next to Automatically check feeds and web slices for updates.

The System Restore issue could be caused by numerous things. I will need a closer look at the system. In the meantime I will take a look at your topic with Jasmyne.

Step-1

Posted Image

OTL Custom Scan

1. Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image

box in OTL. To do that:

Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

netsvcs
baseservices
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
services.*
consrv.dll
wshelper.dll
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
C:\Program Files\Common Files\ComObjects\*.* /s
DRIVES
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
del c:\commands.txt^|y /hide /c
/wait
del c:\diskreport.txt^|y /hide /c

2. Re-open Posted Image

on the desktop. To do that:

XP users: Double click on the OTL icon.
Vista / 7 Users: Right click on the icon and click Run as Administrator)

Make sure all other windows are closed.

You will see a console like the one below:
Click the box beside Scan All Users at the top of the console
IF you have a 64bit system, click the box beside Include 64bit Scans at the top of the console.
Make sure the Output box at the top is set to Standard Output.
Check the boxes beside LOP Check and Purity Check.
Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
Click the button. Do not change any settings unless otherwise told to do so.
Let the scan run uninterrupted.
When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized. These files are also saved in the same location as OTL (it should be on your desktop).
Please copy the contents of these files and paste them into your reply. To do that:
On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
Right click inside the forum post window then click Paste.This will paste the contents of the OTL.txt file in the in the post window.

Repeat for the Extras.txt file.

Step-2.

Run aswMBR

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe file to run it. (Windows /7 users: Right click the file and click Run as Administrator. If you get a UAC window, allow the file to run.
If it asks you if you want to download the latest virus definitions, click Yes
Click the "Scan" button to start the scan
On completion of the scan click save log. Save it to your desktop and post in your next reply.

NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.

Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The OTL.txt log
2. The Extras.txt log
3. The aswMBR log

#3
Vicky227

Posted 18 March 2013 - 04:43 PM

Member

Topic Starter
Member
19 posts

You responded quickly, 5 hours after my post. Thank you, godawgs!

I printed out the instructions, but mis-read them :upset:

and failed to right click on OTL and Run as Administrator. The OTL log is posted below, but there is no other OTL Extras report anywhere in my computer with today's date.

I will wait until I hear back from you before running the aswMBR scan.

Thanks ... I'm sorry for the inconvenience. :upset:

---------------------------------------------------------------------------------------------------------------------------------

OTL logfile created on: 3/18/2013 4:30:42 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vicky\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 50.65% Memory free
7.81 Gb Paging File | 5.16 Gb Available in Paging File | 66.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.80 Gb Total Space | 209.42 Gb Free Space | 46.25% Space Free | Partition Type: NTFS
Drive D: | 12.76 Gb Total Space | 2.12 Gb Free Space | 16.63% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Vicky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/02/15 18:04:53 | 001,352,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2013/01/14 13:43:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Downloads\OTL.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/23 09:56:04 | 001,301,560 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
PRC - [2011/01/25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/01/29 05:19:42 | 000,602,624 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2010/01/13 18:49:58 | 000,083,456 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
PRC - [2009/07/24 21:24:14 | 000,275,840 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/07/24 21:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/07/23 23:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 14:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/06/26 07:23:44 | 000,825,152 | R--- | M] (SAC) -- C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe
PRC - [2009/06/04 20:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

========== Modules (No Company Name) ==========

MOD - [2013/02/13 11:38:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/11 21:42:07 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/11 19:40:16 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013/01/11 19:39:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/11 19:39:31 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/11 19:39:13 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013/01/11 19:38:35 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/11 19:38:31 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\a7424b1be331f4b534ea24e0c21dbe47\UIAutomationTypes.ni.dll
MOD - [2013/01/11 19:38:31 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\23da92e38ffc0bbf6673adb1892aa0f4\UIAutomationProvider.ni.dll
MOD - [2013/01/11 19:38:30 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/11 19:38:29 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013/01/11 19:38:14 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/11 19:38:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/11 19:36:59 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/11 19:36:58 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/11 19:36:46 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/09/23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2011/07/05 15:40:55 | 000,869,888 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011/07/05 15:40:49 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/13 18:45:44 | 000,022,528 | ---- | M] () -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
MOD - [2009/07/24 21:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/07/24 21:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/07/24 21:24:16 | 000,034,088 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapSvcps.dll
MOD - [2009/07/24 21:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/07/23 14:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/07/15 20:51:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/07/15 20:51:02 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/07/15 20:50:58 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/07/15 20:50:56 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/07/15 20:50:56 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/07/15 20:50:54 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/07/15 20:50:52 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/07/15 20:50:44 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/11/22 05:42:06 | 000,378,952 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/11/09 07:37:30 | 000,177,680 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/11/09 07:34:50 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/10/07 04:13:42 | 000,220,856 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2012/10/06 08:28:16 | 001,007,288 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/01/17 17:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/01/09 13:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/16 16:03:58 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [1999/12/31 20:00:00 | 000,314,880 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [1999/12/31 20:00:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/02/27 15:22:12 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/25 17:40:22 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/04/13 20:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/29 05:19:42 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/07/24 21:24:14 | 000,275,840 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 20:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/21 12:08:46 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/11/09 07:40:24 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/11/09 07:37:42 | 000,339,776 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/11/09 07:35:50 | 000,771,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/11/09 07:34:58 | 000,515,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/11/09 07:34:18 | 000,309,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/11/09 07:33:58 | 000,178,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/11/02 02:46:50 | 000,328,976 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2012/11/02 02:46:50 | 000,097,208 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2012/10/19 10:51:50 | 000,074,120 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2012/05/28 11:28:18 | 000,197,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/21 04:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012/01/09 13:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/01/09 13:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/12/12 16:57:04 | 000,018,456 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV:64bit: - [2011/09/22 19:52:02 | 000,043,456 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/09/13 14:30:50 | 000,035,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/13 03:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsnmea.sys -- (zghsnmea)
DRV:64bit: - [2011/01/13 03:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm)
DRV:64bit: - [2011/01/13 03:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zghsdiag.sys -- (zghsdiag)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/07/16 16:04:04 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2010/07/16 16:03:48 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2010/07/08 11:54:00 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010/05/27 23:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/13 20:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2010/01/18 16:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2010/01/13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/01/11 16:19:24 | 001,634,176 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV:64bit: - [2010/01/11 16:13:28 | 001,631,488 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV:64bit: - [2010/01/11 16:09:00 | 000,038,912 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV:64bit: - [2009/12/30 12:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/20 19:33:42 | 007,058,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw1v64.sys -- (NETw1v64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 18:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 17:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/29 14:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/04 19:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/04/29 11:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008/12/09 15:26:50 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\elrawdsk.sys -- (ElRawDisk)
DRV:64bit: - [1999/12/31 20:00:00 | 010,628,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [1999/12/31 20:00:00 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [1999/12/31 20:00:00 | 000,536,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [1999/12/31 20:00:00 | 000,145,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {22348997-7FD7-4759-AB9D-EB2B7A365617}
IE:64bit: - HKLM\..\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{22348997-7FD7-4759-AB9D-EB2B7A365617}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {22348997-7FD7-4759-AB9D-EB2B7A365617}
IE - HKLM\..\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{22348997-7FD7-4759-AB9D-EB2B7A365617}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Vicky\Desktop
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes,DefaultScope = {268507ED-1AAF-4AF9-9E28-4B8595C54022}
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{0809851D-6B6B-49C8-93A3-D43B32E2A276}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{1722BCEB-54FE-4484-B841-4AD3EFC90D93}: "URL" = http://www.facebook....q={searchTerms}
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{22348997-7FD7-4759-AB9D-EB2B7A365617}: "URL" = http://www.bing.com/...E10SR&pc=HPNTDF
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{268507ED-1AAF-4AF9-9E28-4B8595C54022}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{3CCF5400-1106-4D0A-8B49-65EC9E72B495}: "URL" = http://query.nytimes...s}&opensearch=1
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{3D52C47D-1F49-45E8-B078-DA03F2432A92}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{F432AD7E-C954-458D-A941-8F8855B1CFFB}: "URL" = http://www.google.co...Encoding?}&rlz=
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\..\SearchScopes\{F56ED4BF-FDF9-4F30-A8C0-EFC98759F906}: "URL" = http://us.yhs4.searc...p={SearchTerms}
IE - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Vicky\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vicky\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vicky\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/01/05 01:21:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/01/19 10:56:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2013/01/10 13:07:13 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofpahiphpdfimjjeohcldngadhfbaan\2.2_0\
CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\lambangeielkjcnmioccboaphdfcffib\2.2.4_0\
CHR - Extension: No name found = C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/01/22 19:56:36 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll File not found
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (McAfee SafeKey Vault) - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SafeKey) - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000..\Run: [SacReminder] C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe (SAC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2632891822-2667611553-3761156971-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Vicky\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: SafeKey - file://C:\Users\Vicky\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O8 - Extra context menu item: McAfee SafeKey Fill Forms - file://C:\Users\Vicky\AppData\LocalLow\SafeKey\context.html?cmd=fillforms File not found
O8 - Extra context menu item: SafeKey - file://C:\Users\Vicky\AppData\LocalLow\SafeKey\context.html?cmd=lastpass File not found
O9:64bit: - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll (McAfee)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll File not found
O9 - Extra Button: McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O9 - Extra 'Tools' menuitem : McAfee SafeKey - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\SafeKey\LPToolbar.dll (McAfee)
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B5D6DA7-0854-4233-AEB6-B9F36C31E2C7}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/18 12:02:59 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Desktop\Jasmyne
[2013/03/17 15:48:17 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/17 15:48:17 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/17 15:48:17 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/17 15:48:17 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/17 15:48:17 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/17 15:48:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/17 15:48:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/17 15:48:17 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/17 15:48:17 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/17 15:48:17 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/17 15:48:17 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/17 15:48:17 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/17 15:48:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/17 15:48:17 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/17 15:48:16 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/17 15:48:16 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/17 15:48:16 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/17 15:48:16 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/17 15:48:16 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/17 15:48:16 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/17 15:48:16 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/17 15:48:16 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/17 15:48:16 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/17 15:48:16 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/17 15:48:16 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/17 15:48:16 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/17 15:48:16 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/17 15:48:16 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/17 15:48:16 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/17 15:48:16 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/17 15:48:16 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/17 15:48:16 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/17 15:48:16 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/17 15:48:16 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/17 15:48:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/17 15:48:16 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/17 15:48:16 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/17 15:48:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/17 15:48:16 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/17 15:48:16 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/17 15:48:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/17 15:48:16 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/17 15:48:16 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/17 15:48:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/17 15:48:16 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/17 15:48:16 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/17 15:48:16 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/17 15:48:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/17 15:48:16 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/17 15:48:16 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/17 15:48:16 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/17 15:48:16 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/17 15:48:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/17 15:48:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/17 15:48:16 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/17 15:48:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/17 15:48:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/17 15:48:16 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/17 15:48:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/17 15:48:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/17 15:48:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/17 15:48:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/17 15:48:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/17 15:48:16 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/17 15:48:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/17 15:48:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/17 15:48:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/17 15:48:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/17 15:46:54 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/17 15:46:54 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/17 15:46:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/17 15:46:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/17 15:46:53 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/17 15:46:53 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/17 15:46:53 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/17 15:46:53 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/17 15:46:53 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/17 15:46:53 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/17 15:46:53 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/17 15:46:53 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/17 15:46:53 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/17 15:46:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/17 15:46:53 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/17 15:46:53 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/17 15:46:53 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/17 15:46:53 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/17 15:46:53 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/17 15:46:53 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/17 15:46:53 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/17 15:46:53 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/17 15:46:53 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/17 15:46:53 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/17 15:46:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/17 15:46:53 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/17 15:46:53 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/17 15:46:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/17 15:46:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/17 15:46:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/17 15:46:53 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/17 15:43:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/17 15:20:22 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\{8DE091D1-068F-467F-B547-8184F344945E}
[2013/03/16 21:00:02 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\{8DCA2E4E-6D23-4C3E-8746-5A7270FEFB6F}
[2013/03/15 09:11:46 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\com.amazon.music.uploader
[2013/03/15 09:11:30 | 000,000,000 | ---D | C] -- C:\Users\Vicky\Documents\Amazon Music Importer
[2013/03/15 09:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/03/07 00:31:24 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Roaming\Mozilla
[2013/03/03 11:06:17 | 000,000,000 | ---D | C] -- C:\Users\Vicky\AppData\Local\{95A42C00-FA29-4F74-9B2F-8576BCCE544F}
[2013/01/29 23:41:34 | 014,858,240 | ---- | C] (McAfee) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Vicky\Desktop\*.tmp files -> C:\Users\Vicky\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/18 16:30:01 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632891822-2667611553-3761156971-1000UA.job
[2013/03/18 16:25:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/18 16:21:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/18 11:31:17 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/18 11:30:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2632891822-2667611553-3761156971-1000Core.job
[2013/03/18 11:24:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/03/17 17:43:33 | 000,000,223 | ---- | M] () -- C:\Users\Vicky\Desktop\Back Door Virus still with me - Geeks to Go Forums.url
[2013/03/17 16:02:33 | 001,330,882 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/03/17 16:02:33 | 000,353,884 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/03/17 16:02:33 | 000,005,744 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/03/17 16:02:08 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 16:02:08 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/17 15:55:37 | 3145,089,024 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/17 15:48:17 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/17 15:48:17 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/17 15:48:17 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/17 15:48:17 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/03/17 15:48:17 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/03/17 15:48:17 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/03/17 15:48:17 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/03/17 15:48:17 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/03/17 15:48:17 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/17 15:48:17 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/03/17 15:48:17 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/03/17 15:48:17 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/17 15:48:17 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/17 15:48:17 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/03/17 15:48:16 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/17 15:48:16 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/17 15:48:16 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/17 15:48:16 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/03/17 15:48:16 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/03/17 15:48:16 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/03/17 15:48:16 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/17 15:48:16 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/03/17 15:48:16 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/03/17 15:48:16 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/17 15:48:16 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/17 15:48:16 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/17 15:48:16 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/03/17 15:48:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/03/17 15:48:16 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/17 15:48:16 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/03/17 15:48:16 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/03/17 15:48:16 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/17 15:48:16 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/17 15:48:16 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/03/17 15:48:16 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/03/17 15:48:16 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/17 15:48:16 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/03/17 15:48:16 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/03/17 15:48:16 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/03/17 15:48:16 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/03/17 15:48:16 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/03/17 15:48:16 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/03/17 15:48:16 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/03/17 15:48:16 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/03/17 15:48:16 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/03/17 15:48:16 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/03/17 15:48:16 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/17 15:48:16 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/03/17 15:48:16 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/03/17 15:48:16 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/03/17 15:48:16 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/03/17 15:48:16 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/17 15:48:16 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/03/17 15:48:16 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/03/17 15:48:16 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/03/17 15:48:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/03/17 15:48:16 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/03/17 15:48:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/03/17 15:48:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/03/17 15:48:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/03/17 15:48:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/03/17 15:48:16 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/03/17 15:48:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/03/17 15:48:16 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/03/17 15:48:16 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/17 15:48:16 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/17 15:48:16 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/03/17 15:48:16 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/03/17 15:48:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/03/17 15:48:16 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/03/17 15:46:54 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/17 15:46:54 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/17 15:46:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/17 15:46:54 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/17 15:46:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/17 15:46:53 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/03/17 15:46:53 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/03/17 15:46:53 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/03/17 15:46:53 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/17 15:46:53 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/03/17 15:46:53 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/03/17 15:46:53 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/03/17 15:46:53 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/03/17 15:46:53 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/03/17 15:46:53 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/03/17 15:46:53 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/03/17 15:46:53 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/03/17 15:46:53 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/03/17 15:46:53 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/03/17 15:46:53 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/03/17 15:46:53 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/17 15:46:53 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/03/17 15:46:53 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/03/17 15:46:53 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/03/17 15:46:53 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/03/17 15:46:53 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/03/17 15:46:53 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/03/17 15:46:53 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/03/17 15:46:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/17 15:46:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/17 15:46:53 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/17 15:46:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/17 15:46:53 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/17 15:16:52 | 000,105,928 | ---- | M] () -- C:\Users\Vicky\Documents\System Restore unsuccessful c drive after Windows Critical update.PNG
[2013/03/15 23:55:30 | 000,647,049 | ---- | M] () -- C:\Users\Vicky\Documents\Christine's rooster.wma
[2013/03/15 23:54:58 | 042,107,709 | ---- | M] () -- C:\Users\Vicky\Documents\Melissa Scott Dust Yourself Off.wma
[2013/03/15 23:52:36 | 000,004,648 | -HS- | M] () -- C:\Users\Vicky\Documents\Folder.jpg
[2013/03/15 23:52:36 | 000,004,648 | -HS- | M] () -- C:\Users\Vicky\Documents\AlbumArt_{137E5682-10D6-4029-905B-89AB97F73FA7}_Large.jpg
[2013/03/15 23:52:36 | 000,001,572 | -HS- | M] () -- C:\Users\Vicky\Documents\AlbumArtSmall.jpg
[2013/03/15 23:52:36 | 000,001,572 | -HS- | M] () -- C:\Users\Vicky\Documents\AlbumArt_{137E5682-10D6-4029-905B-89AB97F73FA7}_Small.jpg
[2013/03/15 09:11:23 | 000,001,180 | ---- | M] () -- C:\Users\Public\Desktop\Amazon Music Importer.lnk
[2013/03/13 12:38:09 | 002,105,685 | ---- | M] () -- C:\Users\Vicky\Documents\How_to_Pray_for_Our_Leaders_Download.pdf
[2013/03/12 13:03:45 | 000,075,866 | ---- | M] () -- C:\Users\Vicky\Documents\Coventry Health Card eks.pdf
[2013/03/12 13:02:51 | 000,075,866 | ---- | M] () -- C:\Users\Vicky\Documents\Coventry Health Card vys.pdf
[2013/03/12 10:33:19 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForVicky.job
[2013/03/09 10:44:01 | 000,620,109 | ---- | M] () -- C:\Users\Vicky\Documents\Metro Verizon announcement 3.9.13 9.43A.wma
[2013/03/09 01:58:11 | 000,151,146 | ---- | M] () -- C:\Users\Vicky\Documents\FLT Contagious Courage.pdf
[2013/03/09 01:48:34 | 000,183,724 | ---- | M] () -- C:\Users\Vicky\Documents\FLT Dr. Love's rx for a Happy Marriage Family Life Today.pdf
[2013/02/27 15:21:53 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/02/27 15:21:52 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Users\Vicky\Desktop\*.tmp files -> C:\Users\Vicky\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/17 17:43:32 | 000,000,223 | ---- | C] () -- C:\Users\Vicky\Desktop\Back Door Virus still with me - Geeks to Go Forums.url
[2013/03/17 15:48:16 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/17 15:48:16 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/17 15:16:51 | 000,105,928 | ---- | C] () -- C:\Users\Vicky\Documents\System Restore unsuccessful c drive after Windows Critical update.PNG
[2013/03/15 23:52:37 | 000,004,648 | -HS- | C] () -- C:\Users\Vicky\Documents\Folder.jpg
[2013/03/15 23:52:37 | 000,004,648 | -HS- | C] () -- C:\Users\Vicky\Documents\AlbumArt_{137E5682-10D6-4029-905B-89AB97F73FA7}_Large.jpg
[2013/03/15 23:52:37 | 000,001,572 | -HS- | C] () -- C:\Users\Vicky\Documents\AlbumArtSmall.jpg
[2013/03/15 23:52:37 | 000,001,572 | -HS- | C] () -- C:\Users\Vicky\Documents\AlbumArt_{137E5682-10D6-4029-905B-89AB97F73FA7}_Small.jpg
[2013/03/15 14:04:10 | 000,647,049 | ---- | C] () -- C:\Users\Vicky\Documents\Christine's rooster.wma
[2013/03/15 09:11:23 | 000,001,192 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon Music Importer.lnk
[2013/03/15 09:11:23 | 000,001,180 | ---- | C] () -- C:\Users\Public\Desktop\Amazon Music Importer.lnk
[2013/03/13 12:38:08 | 002,105,685 | ---- | C] () -- C:\Users\Vicky\Documents\How_to_Pray_for_Our_Leaders_Download.pdf
[2013/03/12 13:03:45 | 000,075,866 | ---- | C] () -- C:\Users\Vicky\Documents\Coventry Health Card eks.pdf
[2013/03/12 13:02:51 | 000,075,866 | ---- | C] () -- C:\Users\Vicky\Documents\Coventry Health Card vys.pdf
[2013/03/09 10:44:00 | 000,620,109 | ---- | C] () -- C:\Users\Vicky\Documents\Metro Verizon announcement 3.9.13 9.43A.wma
[2013/03/09 01:58:11 | 000,151,146 | ---- | C] () -- C:\Users\Vicky\Documents\FLT Contagious Courage.pdf
[2013/03/09 01:48:34 | 000,183,724 | ---- | C] () -- C:\Users\Vicky\Documents\FLT Dr. Love's rx for a Happy Marriage Family Life Today.pdf
[2013/03/06 12:24:57 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForVicky.job
[2013/01/22 19:39:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/01/22 19:39:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/01/22 19:39:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/01/22 19:39:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/01/22 19:39:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/20 18:24:44 | 000,584,584 | ---- | C] () -- C:\Windows\adb.exe
[2012/01/30 13:07:29 | 000,000,000 | ---- | C] () -- C:\Users\Vicky\AppData\Local\{9A705876-1C27-4615-B342-F7362611E79B}
[2011/08/20 13:41:07 | 000,034,305 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\UserTile.png
[2011/08/20 09:34:25 | 000,005,120 | ---- | C] () -- C:\Users\Vicky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/07 16:00:25 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2011/08/07 15:37:52 | 000,207,637 | ---- | C] () -- C:\Windows\hpwins28.dat
[2011/03/02 14:56:09 | 000,001,854 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\GhostObjGAFix.xml
[2010/09/19 19:12:02 | 001,458,251 | ---- | C] () -- C:\Users\Vicky\AppData\Local\tmp039.JPG
[2010/07/15 23:20:36 | 000,007,606 | ---- | C] () -- C:\Users\Vicky\AppData\Local\Resmon.ResmonCfg
[2010/06/14 19:07:35 | 000,000,600 | ---- | C] () -- C:\Users\Vicky\PUTTY.RND
[2010/06/06 23:14:23 | 000,811,158 | ---- | C] () -- C:\Users\Vicky\AppData\Local\tmpFIRST UPLOAD BALCONY DEAUVILLE 5.22.2010 056.JPG
[2010/06/06 22:57:06 | 000,854,285 | ---- | C] () -- C:\Users\Vicky\AppData\Local\tmp073.JPG
[2010/06/06 10:11:17 | 001,145,161 | ---- | C] () -- C:\Users\Vicky\AppData\Local\tmp191.JPG
[2010/06/06 10:11:16 | 004,802,537 | ---- | C] () -- C:\Users\Vicky\AppData\Local\tmp191.0
[2010/05/20 00:26:36 | 000,000,238 | ---- | C] () -- C:\Users\Vicky\AppData\Roaming\wklnhst.dat
[2009/07/14 00:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop(2039).ini
[2009/07/14 00:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop(2038).ini

========== ZeroAccess Check ==========

[2013/01/24 21:41:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/29 23:22:21 | 000,000,000 | -HSD | M] -- C:\Users\Vicky\AppData\Roaming\.#
[2010/06/12 20:46:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Amazon
[2010/08/19 21:04:12 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/03/15 09:11:46 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\com.amazon.music.uploader
[2010/12/15 10:37:11 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Epson
[2012/02/06 12:52:29 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\IObit
[2013/01/05 01:23:34 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\iolo
[2013/01/05 01:23:34 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\JawboneUpdater
[2011/05/23 23:06:09 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\OpenOffice.org
[2010/06/07 06:33:44 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Template
[2012/12/30 18:04:45 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\VS Revo Group
[2011/01/07 00:35:28 | 000,000,000 | ---D | M] -- C:\Users\Vicky\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2010/11/20 09:25:40 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 09:25:45 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2012/06/02 01:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2012/06/02 00:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 09:26:04 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 08:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 09:26:39 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 09:27:24 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 09:27:24 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 09:27:25 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 09:27:26 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 09:27:25 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 08:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 09:27:25 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 09:27:26 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 08:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 09:25:27 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 09:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 09:25:42 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 09:27:25 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 09:27:28 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 09:26:59 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 09:27:28 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 09:24:58 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 08:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 09:26:07 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 09:27:28 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2010/03/28 04:45:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010/03/28 04:45:22 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010/03/28 04:45:22 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2010/03/28 04:45:22 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\erdnt\cache64\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 09:27:23 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[2009/07/13 21:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 17:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2012/12/18 15:08:30 | 000,559,043 | ---- | M] () MD5=BA25E8F1460C7453B7488FE4B42F6919 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 22:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.JS >
[2013/03/07 17:23:26 | 000,001,083 | ---- | M] () MD5=18272708A717583EBB2AE9712FDA65CD -- C:\$RECYCLE.BIN\S-1-5-21-2632891822-2667611553-3761156971-1000\$RVXLYQ6\runtime\mocks\services.js

< MD5 for: SERVICES.LNK >
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.LOG >
[2011/08/07 15:59:07 | 000,061,265 | ---- | M] () MD5=F021B9A7986F79668D80F544AEF43E59 -- C:\ProgramData\HP\Installer\Temp\services.log
[2011/08/07 15:59:07 | 000,061,265 | ---- | M] () MD5=F021B9A7986F79668D80F544AEF43E59 -- C:\Users\All Users\HP\Installer\Temp\services.log

< MD5 for: SERVICES.MOCHIADS.COM.SOL >
[2013/01/10 20:16:29 | 000,000,426 | ---- | M] () MD5=273B52CAF259B788F606FC5C70C8C818 -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TQMHE9F3\mochiads.com\services.mochiads.com.sol

< MD5 for: SERVICES.MOF >
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 16:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 22:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 16:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 16:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WSHELPER.DLL >
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\SysWOW64\wshelper.dll
[2009/07/13 21:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=5B90BB3171504C9DAF3C5CB44B203CA7 -- C:\Windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\SysNative\wshelper.dll
[2009/07/13 21:41:58 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=D314DA4B0B8DCD023D547FC568E34FB6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\wshelper.dll

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
"ImagePath" = %SystemRoot%\System32\svchost.exe -k netsvcs -- [2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\qmgr.dll,-1001
"ObjectName" = LocalSystem
"ErrorControl" = 1
"Start" = 2
"DelayedAutoStart" = 1
"Type" = 32
"DependOnService" = RpcSsEventSystem [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeCreateGlobalPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %systemroot%\system32\qmgr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
"Library" = bitsperf.dll -- [2010/11/20 08:18:07 | 000,019,456 | ---- | M] (Microsoft Corporation)
"Open" = PerfMon_Open
"Collect" = PerfMon_Collect
"Close" = PerfMon_Close
"InstallType" = 1
"PerfIniFile" = bitsctrs.ini
"First Counter" = 2156
"Last Counter" = 2172
"First Help" = 2157
"Last Help" = 2173
"Object List" = 2156
"1008" = Reg Error: Unknown registry data type -- File not found
"PerfMMFileName" = Global\MMF_BITS_s
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = 01 00 14 80 90 00 00 00 A0 00 00 00 14 00 00 00 34 00 00 00 02 00 20 00 01 00 00 00 02 C0 18 00 00 00 0C 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 5C 00 04 00 00 00 00 02 14 00 FF 01 0F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 [Binary data over 200 bytes]

< C:\Program Files\Common Files\ComObjects\*.* /s >
[2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 01:08:49 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/24 00:03:54 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/11/24 00:03:55 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2011/12/31 22:29:13 | 000,000,856 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2632891822-2667611553-3761156971-1000Core.job
[2011/12/31 22:29:13 | 000,000,908 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2632891822-2667611553-3761156971-1000UA.job
[2012/04/28 13:54:03 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/03/06 12:24:57 | 000,000,334 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForVicky.job

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9500420AS
Partitions: 3
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 199.00MB
Starting Offset: 1048576
Hidden sectors: 0

DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 453.00GB
Starting Offset: 209715200
Hidden sectors: 0

DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 13.00GB
Starting Offset: 486402949120
Hidden sectors: 0

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: LAPTOP
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 SYSTEM NTFS Partition 199 MB Healthy System
Volume 2 C NTFS Partition 452 GB Healthy Boot
Volume 3 D RECOVERY NTFS Partition 12 GB Healthy

========== Alternate Data Streams ==========

@Alternate Data Stream - 180 bytes -> C:\Users\Vicky\Documents\Steve Brown Key Biscayne Pres.tiff:3or4kl4x13tuuug3Byamue2s4b

< End of report >

Edited by Vicky227, 18 March 2013 - 04:44 PM.

#4
godawgs

Posted 18 March 2013 - 07:13 PM

Teacher

Retired Staff
8,228 posts

I don't really see anything in the OTL log. Please go ahead and run aswMBR, and the following tools.

Step-1

Run RogueKiller

Download RogueKiller.
Click the English Webpage link.
Click the 64bits (x64) download link and save the RogueKiller.exe file to the desktop.

NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
Quit all programs and close all browsers.
Right click the RogueKiller icon and click Run as Administrator to run the program.
Wait until Prescan has finished ...
Click on Scan
Wait for the end of the scan.
DO NOT delete anything at this time.
The report has been created on the desktop.

Please post:
All RKreport.txt text files located on your desktop.
NOTE: If RogueKiller has been blocked, do not hesitate to try a few times more. If it really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Step-2.

AdwCleaner by Xplode

Download AdwCleaner from here to your desktop.
Close all open windows and browsers.

(Vista and 7 users)right click The adwcleaner.exe, click Run as administrator and accept the UAC prompt to run AdwCleaner.
Click the Search button and wait for the scan to finish.
Do Not fix anything at his time.
Once done it may ask to reboot, allow this.
On reboot a log will be produced please copy/paste that in your next reply. This report is also saved to C:\AdwCleaner[R1].txt

Step-3.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The aswMBR log
2. The RKreport.txt log
3. The AdwCleaner[R1].txt log

#5
Vicky227

Posted 22 March 2013 - 08:05 PM

Member

Topic Starter
Member
19 posts

Just wanted to let you know that I will get the three logs posted you requested before the weekend is over. Please don't close this topic before then? I was interrupted by, for lack of a better word, life. Thanks for your patience, godawgs. I really appreciate your help! ~ Vicky

#6
Vicky227

Posted 24 March 2013 - 08:03 PM

Member

Topic Starter
Member
19 posts

Hi There, godawgs!

Thank you so much for your help!

(None of the apps rebooted.)
Here are the most recent logs you requested:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-18 23:42:06
-----------------------------
23:42:06.471 OS Version: Windows x64 6.1.7601 Service Pack 1
23:42:06.471 Number of processors: 2 586 0x170A
23:42:06.473 ComputerName: LAPTOP UserName: Vicky
23:42:09.938 Initialize success
23:43:25.221 AVAST engine defs: 13031801
23:43:25.570 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:43:25.573 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
23:43:25.590 Disk 0 MBR read successfully
23:43:25.594 Disk 0 MBR scan
23:43:25.748 Disk 0 unknown MBR code
23:43:25.763 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
23:43:25.895 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463670 MB offset 409600
23:43:26.041 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13069 MB offset 950005760
23:43:26.310 Disk 0 scanning C:\Windows\system32\drivers
23:44:15.628 Service scanning
23:45:37.627 Modules scanning
23:45:37.641 Disk 0 trace - called modules:
23:45:37.660 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
23:45:37.670 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ce63e0]
23:45:37.679 3 CLASSPNP.SYS[fffff8800109c43f] -> nt!IofCallDriver -> [0xfffffa8004ce1310]
23:45:37.687 5 hpdskflt.sys[fffff880020b92bd] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b27050]
23:45:41.719 AVAST engine scan C:\Windows
23:45:49.598 AVAST engine scan C:\Windows\system32
23:59:35.082 AVAST engine scan C:\Windows\system32\drivers
00:00:55.513 AVAST engine scan C:\Users\Vicky
02:14:29.781 AVAST engine scan C:\ProgramData
02:21:49.226 Scan finished successfully
04:00:06.146 Disk 0 MBR has been saved successfully to "C:\Users\Vicky\Downloads\MBR.dat"
04:00:06.239 The log file has been saved successfully to "C:\Users\Vicky\Downloads\aswMBR.txt"

------------------------------------------------------------------------------------

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Vicky [Admin rights]
Mode : Scan -- Date : 03/24/2013 21:40:37
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] SacReminder.exe -- C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : SacReminder (C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe) [7] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-2632891822-2667611553-3761156971-1000[...]\Run : SacReminder (C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe) [7] -> FOUND
[TASK][ROGUE ST] 0 : c:\program files (x86)\internet explorer\iexplore.exe -> FOUND
[TASK][ROGUE ST] 4699 : wscript.exe C:\Users\Vicky\AppData\Local\Temp\launchie.vbs //B -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 007c860da25747823bbd90318cd77819
[BSP] b061b8c534d911468663d6f6c8742e70 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 463670 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 950005760 | Size: 13069 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_03242013_02d2140.txt >>
RKreport[1]_S_03242013_02d2140.txt

--------------------------------------------------------------
THIS WAS IN A FILE ON MY DESKTOP CALLED 'QUARANTINE REPORT' BY RK.

Time : 24/03/2013 21:40:37
--------------------------
[SacReminder.exe.vir] -> C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe
ERROR [SacReminder.exe.vir] -> C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe
ERROR [SacReminder.exe.vir] -> C:\ProgramData\OfficeGuardian\reminder\SacReminder.exe

--------------------------------------------------------------

# AdwCleaner v2.115 - Logfile created 03/24/2013 at 21:51:41
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Vicky - LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Vicky\Desktop\AdwCleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Found : C:\Program Files (x86)\Yontoo Layers Runtime

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

-\\ Google Chrome v25.0.1364.172

File : C:\Users\Vicky\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.1] : icon_url ={"apps_promo_counter":11,"autofill":{"negative_upload_rate":1.0,"positive_upload_rate":1.0},"bookmark_bar":{"show_on_all_tabs":true},"bookmark_editor":{"expanded_nodes":["2","295","321","411","753","412","417"]},"browser":{"clear_lso_data_enabled":true,"show_home_button":true,"window_placement":{"bottom":708,"left":8,"maximized":true,"right":857,"top":13,"work_area_bottom":728,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"cloud_print":{"email":""},"countryid_at_install":21843,"custom_handlers":{"enabled":true,"ignored_protocol_handlers":[{"protocol":"mailto","title":"Gmail","url":"hxxps://mail.google.com/mail/?extsrc=mailto&url=%s"}]},"default_apps_install_state":1,"default_search_provider":{"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","instant_url":"{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}{google:instantEnabledParameter}{searchTerms}","keyword":"google.com","name":"Google","prepopulate_id":"1","search_url":"{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}","suggest_url":"{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}","synced_guid":"19DB1904-3DFD-40A8-BAD0-E9C4191C30EE"},"devtools":{"split_location":200},"distribution":{"make_chrome_default_for_user":true},"dns_prefetching":{"host_referral_list":[2,["hxxp://199.27.243.5/",["hxxp://199.27.243.5/",6.677540159086839]],["hxxp://36ohk6dgmcd1n-c.c.yom.mail.yahoo.net/",["hxxp://36ohk6dgmcd1n-c.c.yom.mail.yahoo.net/",1.653250251724887,"hxxp://d.yimg.com/",0.2760075526598528,"hxxp://gq1.attach.mail.ymail.com/",0.3304650273349703,"hxxp://mail.yimg.com/",0.4322376867247610,"hxxp://thumbp5-gq1.thumb.mail.yahoo.com/",0.3304650273349703,"hxxps://s.yimg.com/",2.27338020]],["hxxp://3cp9lcoq32dpn-c.c.yom.mail.yahoo.com/",["hxxp://dps.msg.yahoo.com/",0.3390451386805121,"hxxp://l.yimg.com/",2.27338020,"hxxp://mail.yimg.com/",3.403547160891953,"hxxp://preference.msg.yahoo.com/",2.60370040,"hxxp://prod1.rest-core.msg.yahoo.com/",0.2142118989372145,"hxxp://prod2.rest-notify.msg.yahoo.com/",0.2142118989372145]],["hxxp://64.245.1.134/",["hxxp://a.collective-media.net/",0.05008713185890333,"hxxp://bcp.crwdcntrl.net/",0.05851763920149107,"hxxp://c.betrad.com/",0.05430238553019721]],["hxxp://66c9i6pj32d33-c.c.yom.mail.yahoo.com/",["hxxp://66c9i6pj32d33-c.c.yom.mail.yahoo.com/",0.9153426319669651,"hxxp://mail.yimg.com/",0.4245125883029819]],["hxxp://68ohh6com6c1h-c.c.yom.mail.yahoo.com/",["hxxp://mail.yimg.com/",0.1910061880534172]],["hxxp://a.tribalfusion.com/",["hxxp://a.tribalfusion.com/",1.599718952432776,"hxxp://ads.adxpose.com/",1.239517334004204,"hxxp://b.scorecardresearch.com/",0.5399337506922309,"hxxp://event.adxpose.com/",1.419618143218490,"hxxp://secure-us.imrworldwide.com/",0.08953459349013609,"hxxp://webmedia.hrblock.com/",1.419618143218490]],["hxxp://a1.interclick.com/",["hxxp://a1.interclick.com/",0.3847090044281465,"hxxp://ad.yieldmanager.com/",0.3639890698238415,"hxxp://campaigns.interclick.com/",2.27338020,"hxxp://cdn.interclick.com/",0.6995635614649927,"hxxp://fw.adsafeprotected.com/",0.2420873692027378,"hxxp://h.nexac.com/",2.27338020,"hxxp://osmsync.interclick.com/",0.09953422369145276,"hxxp://tags.bluekai.com/",2.27338020,"hxxp://view.atdmt.com/",0.06206552512367444]],["hxxp://aax-us-east.amazon-adsystem.com/",["hxxp://d2o307dm5mqftz.cloudfront.net/",0.07351811927319976,"hxxp://g-ecx.images-amazon.com/",0.07351811927319976]],["hxxp://ad-emea.doubleclick.net/",["hxxp://s0.2mdn.net/",1.275840513421308]],["hxxp://ad-g.doubleclick.net/",["hxxp://googleads.g.doubleclick.net/",0.7791295677314836,"hxxp://pagead2.googlesyndication.com/",1.025670199547498,"hxxp://www.youtube.com/",0.4622969648943299]],["hxxp://ad.doubleclick.net/",["hxxp://s0.2mdn.net/",0.5999161102844131]],["hxxp://ad.media6degrees.com/",["hxxp://ad-emea.doubleclick.net/",1.461219049559447,"hxxp://c.betrad.com/",2.017354657973863,"hxxp://l.betrad.com/",1.275840513421308]],["hxxp://ad.yieldmanager.com/",["hxxp://ad.yieldmanager.com/",0.3785117756685885,"hxxp://uac.advertising.com/",0.1918287711137587,"hxxp://view.atdmt.com/",0.05472605795713623]],["hxxp://ad.z5x.net/",["hxxp://ad.yieldmanager.com/",1.306884480070131,"hxxp://ad.z5x.net/",1.159751790260911,"hxxp://content.yieldmanager.edgesuite.net/",1.159751790260911,"hxxp://router.tlvmedia.com/",1.012619100451691,"hxxp://t.adbuyer.com/",1.159751790260911]],["hxxp://ads.bridgetrack.com/",["hxxp://ads.bridgetrack.com.edgesuite.net/",0.7411346637844604,"hxxp://ads.bridgetrack.com/",0.5557561276463218]],["hxxp://ads.pointroll.com/",["hxxp://secure-us.imrworldwide.com/",0.4363336098914653,"hxxp://spd.pointroll.com/",0.5500718756200443,"hxxp://speed.pointroll.com/",0.5518319757929702,"hxxp://t.pointroll.com/",0.2775966504211117]],["hxxp://ads.pubmatic.com/",["hxxp://ads.pubmatic.com/",1.012619100451691,"hxxp://s.amazon-adsystem.com/",1.159751790260911]],["hxxp://ads.tw.adsonar.com/",["hxxp://ads.tw.adsonar.com/",0.1535677976713159,"hxxp://cdn.tacoda.at.atwola.com/",0.1535677976713159,"hxxp://s.aolcdn.com/",0.1730502794654381]],["hxxp://ads.undertone.com/",["hxxp://ad.doubleclick.net/",1.461219049559447,"hxxp://adadvisor.net/",1.275840513421308,"hxxp://ads.undertone.com/",1.646597585697586,"hxxp://b.scorecardresearch.com/",1.461219049559447,"hxxp://c.betrad.com/",1.461219049559447,"hxxp://cdn.undertone.com/",1.275840513421308,"hxxp://edge.quantserve.com/",1.275840513421308,"hxxp://l.betrad.com/",1.275840513421308,"hxxp://pixel.quantserve.com/",1.461219049559447,"hxxp://tags.bluekai.com/",1.275840513421308]],["hxxp://amazon.com/",["hxxp://www.amazon.com/",0.6332852260766017]],["hxxp://an.tacoda.net/",["hxxp://ad.yieldmanager.com/",0.3684797849914494,"hxxp://an.tacoda.net/",0.06135799186250823,"hxxp://ar.atwola.com/",0.1172112489641092,"hxxp://googleads.g.doubleclick.net/",0.3684797849914494,"hxxp://leadback.advertising.com/",0.06367145114483878,"hxxp://r.nexac.com/",0.3684797849914494,"hxxp://tacoda.at.atwola.com/",0.06135799186250823,"hxxp://www.googleadservices.com/",0.3684797849914494]],["hxxp://answers.yahoo.com/",["hxxp://ads.yldmgrimg.net/",0.1442337174928827,"hxxp://answers.yahoo.com/",0.08666025901512314,"hxxp://csc.beap.bc.yahoo.com/",0.1004484818254005,"hxxp://d.yimg.com/",0.1296386389370554,"hxxp://l.yimg.com/",0.7478978481771228,"hxxp://scripts.chitika.net/",0.1228397081139492,"hxxp://socialprofiles.zenfs.com/",0.07365762615789515,"hxxp://ucs.query.yahoo.com/",0.1228397081139492,"hxxp://us.mg.mail.yahoo.com/",0.08666025901512314,"hxxp://yui.yahooapis.com/",0.2097936848674285]],["hxxp://antoniopizzarant.com/",["hxxp://antoniopizzarant.com/",5.246261999999999]],["hxxp://badge.stumbleupon.com/",["hxxp://cdn.stumble-upon.com/",0.07216524366221358]],["hxxp://bannerfarm.ace.advertising.com/",["hxxp://bannerfarm.ace.advertising.com/",0.5713762458929739]],["hxxp://bargainsiatconline.com/",["hxxp://bargainsiatconline.com/",10.08411365714967,"hxxp://counterb.statcounter.com/",1.593480224125066,"hxxp://static.ak.fbcdn.net/",1.795638163006604,"hxxp://www.[bleep]germanasshole.biz/",1.593480224125066,"hxxp://www.google-analytics.com/",1.391322285243528,"hxxp://www.statcounter.com/",1.391322285243528]],["hxxp://bible.cc/",["hxxp://bible.cc/",5.628924229103577,"hxxp://biblecc.com/",0.2922015264152165,"hxxp://biblemenus.com/",0.1567491578068935,"hxxp://biblescan.com/",0.2922015264152165,"hxxp://choose.biblemenus.com/",0.7579756068645221,"hxxp://referencebible.org/",0.2922015264152165]],["hxxp://bible.com/",["hxxp://bible.com/",3.131866307352004,"hxxp://childreninternational.etools.ncol.com/",0.2632265615261530,"hxxp://pagead2.googlesyndication.com/",0.1949256151969659,"hxxp://partner.googleadservices.com/",0.1949256151969659,"hxxp://pubads.g.doubleclick.net/",0.3315275078553396,"hxxp://richmedia247.com/",0.3315275078553396,"hxxp://www.google-analytics.com/",0.3315275078553396]],["hxxp://biblebrowser.com/",["hxxp://biblebrowser.com/",2.074257756280915]],["hxxp://biblecc.com/",["hxxp://biblecc.com/",3.011471076164280,"hxxp://d2ue49q0mum86x.cloudfront.net/",0.1271148961667904,"hxxp://d3a2okcloueqyx.cloudfront.net/",0.06374831644516257]],["hxxp://bibleencyclopedia.com/",["hxxp://biblos.com/",0.6037130599050735,"hxxp://languages.parallelbible.com/",0.6037130599050735]],["hxxp://biblemenus.com/",["hxxp://biblemenus.com/",13.16954591721964]],["hxxp://biblescan.com/",["hxxp://biblescan.com/",2.932838713124229]],["hxxp://biblos.com/",["hxxp://biblemenus.com/",0.2467869077330295,"hxxp://biblos.com/",0.1059681390185566]],["hxxp://bidder.mathtag.com/",["hxxp://c.betrad.com/",0.1119728612247002,"hxxp://l.betrad.com/",0.05198391427459272,"hxxp://view.atdmt.com/",0.07065049400442937]],["hxxp://blip.tv/",["hxxp://2822.v.fwmrm.net/",0.06339887533548239,"hxxp://a.i.blip.tv/",0.08593087981011374,"hxxp://adm.fwmrm.net/",0.06715420941458752,"hxxp://flash.quantserve.com/",0.06339887533548239,"hxxp://livepass.conviva.com/",0.06715420941458752,"hxxp://livepassdl.conviva.com/",0.06715420941458752]],["hxxp://blog.youversion.com/",["hxxp://ajax.googleapis.com/",0.3098496157268584,"hxxp://blog.youversion.com/",1.660476145818292,"hxxp://connect.facebook.net/",0.3098496157268584,"hxxp://platform.twitter.com/",0.3998913843996207,"hxxp://static.ak.facebook.com/",0.3548705000632396,"hxxp://www.facebook.com/",1.255288186790862,"hxxp://www.google-analytics.com/",0.3548705000632396,"hxxps://graph.facebook.com/",0.3098496157268584,"hxxps://s-static.ak.facebook.com/",0.3548705000632396,"hxxps://www.facebook.com/",1.255288186790862]],["hxxp://bpx.a9.com/",["hxxp://bpx.a9.com/",0.3349518108441434,"hxxp://www.amazon.com/",0.3349518108441434,"hxxp://z-ecx.images-amazon.com/",0.2924579243937670]],["hxxp://breakthechain.org/",["hxxp://www.breakthechain.org/",0.1122058607568941]],["hxxp://bwp.cbsnews.com/",["hxxp://wwwimage.cbsnews.com/",1.804354218957534]],["hxxp://c.amazon-adsystem.com/",["hxxp://ads.pubmatic.com/",1.159751790260911]],["hxxp://c.brightcove.com/",["hxxp://79423.analytics.edgesuite.net/",1.040012090044601,"hxxp://admin.brightcove.com/",2.615693365766419,"hxxp://c.brightcove.com/",0.7010596683085268,"hxxp://goku.brightcove.com/",0.8371480734454562,"hxxp://ma156-r.analytics.edgesuite.net/",1.509021029499924,"hxxp://pv.trb.com/",5.405744106765728,"hxxp://pvp.trb.com/",3.154398853758616]],["hxxp://calvarychapel.com/",["hxxp://calvarychapel.com/",0.07468961111219413]],["hxxp://calvaryftl.org/",["hxxp://www.calvaryftl.org/",0.227482361467260]],["hxxp://cdn-bpx.a9.com/",["hxxp://bpx.a9.com/",1.239517334004204,"hxxp://cdn-bpx.a9.com/",1.239517334004204,"hxxp://www.amazon.com/",0.3810251329863859,"hxxp://z-ecx.images-amazon.com/",1.239517334004204]],["hxxp://cdn.at.atwola.com/",["hxxp://2a86.v.fwmrm.net/",0.1340853158771937,"hxxp://ad.yieldmanager.com/",0.1340853158771937,"hxxp://an.tacoda.net/",0.1535677976713159,"hxxp://cdn.at.atwola.com/",0.1535677976713159,"hxxp://googleads.g.doubleclick.net/",0.1340853158771937,"hxxp://js.adsonar.com/",0.1535677976713159,"hxxp://leadback.advertising.com/",0.1340853158771937,"hxxp://segments.adap.tv/",0.1340853158771937,"hxxp://tacoda.at.atwola.com/",0.1340853158771937,"hxxp://www.googleadservices.com/",0.1340853158771937]],["hxxp://cdn.eyewonder.com/",["hxxp://cdn.eyewonder.com/",1.777031414600491]],["hxxp://cdn.interclick.com/",["hxxp://adadvisor.net/",2.27338020,"hxxp://cdn.interclick.com/",9.870744799999997,"hxxp://ib.mookie1.com/",2.27338020,"hxxp://load.s3.amazonaws.com/",2.27338020,"hxxp://loadm.exelator.com/",2.27338020,"hxxp://osmdcs.interclick.com/",2.60370040,"hxxp://osmsync.interclick.com/",0.3682676287221675,"hxxp://p.brilig.com/",2.27338020,"hxxp://tags.bluekai.com/",2.27338020,"hxxp://va.px.invitemedia.com/",0.3592567883131381]],["hxxp://cdn.optmd.com/",["hxxp://cdn.optmd.com/",0.5211216038805425]],["hxxp://cdn.statics.live.spongecell.com/",["hxxp://cdn.statics.live.spongecell.com/",0.1059078064847597,"hxxp://cdn.widgets.spongecell.com/",0.1178312019168187]],["hxxp://cdn.tacoda.at.atwola.com/",["hxxp://js.adsonar.com/",0.4690856390352660]],["hxxp://cdn.turn.com/",["hxxp://tag.admeld.com/",0.3001486007106967]],["hxxp://cdn.undertone.com/",["hxxp://ads.undertone.com/",1.646597585697586,"hxxp://ak1.abmr.net/",1.275840513421308,"hxxp://c1.undertonevideo.com/",1.275840513421308]],["hxxp://chatroll-cloud-1.com/",["hxxp://images.cdn.chatroll-cloud-1.com/",0.05486891562361906]],["hxxp://choose.biblemenus.com/",["hxxp://choose.biblemenus.com/",0.1188631162481346]],["hxxp://christianbookshelf.org/",["hxxp://christianbookshelf.org/",1.207424358358267]],["hxxp://cmap.uac.ace.advertising.com/",["hxxp://ad.yieldmanager.com/",1.275840513421308,"hxxp://cmap.an.ace.advertising.com/",1.275840513421308,"hxxp://cmap.at.ace.advertising.com/",1.275840513421308,"hxxp://cmap.dc.ace.advertising.com/",1.275840513421308,"hxxp://googleads.g.doubleclick.net/",1.275840513421308,"hxxp://ib.adnxs.com/",1.646597585697586,"hxxp://image2.pubmatic.com/",1.275840513421308,"hxxp://tacoda.at.atwola.com/",1.275840513421308,"hxxp://tag.admeld.com/",1.275840513421308,"hxxp://www.googleadservices.com/",1.275840513421308]],["hxxp://commonsenseliving.com/",["hxxps://onlywire.com/",0.1040522818407562]],["hxxp://contextual.media.net/",["hxxp://contextual.media.net/",1.593480224125066,"hxxp://mycdn.media.net/",1.391322285243528,"hxxp://res.media.net/",1.391322285243528,"hxxp://search.keywordblocks.com/",1.391322285243528,"hxxp://srvjs.keywordblocks.com/",1.391322285243528]],["hxxp://craigslist-tv.com/",["hxxp://craigslist-tv.com/",0.2136122384996912,"hxxp://platform.twitter.com/",0.09344154796832420,"hxxp://www.facebook.com/",0.07466487757279798,"hxxps://www.facebook.com/",0.07466487757279798]],["hxxp://craigslist.org/",["hxxp://miami.craigslist.org/",0.1071780904448580,"hxxp://www.craigslist.org/",0.1143940103585293]],["hxxp://d.yimg.com/",["hxxp://am.dp.yieldmanager.net/",1.504039041058379,"hxxp://l.yimg.com/",1.694849964177726]],["hxxp://d2o307dm5mqftz.cloudfront.net/",["hxxp://img-cdn.mediaplex.com/",1.419618143218490]],["hxxp://d3.zedo.com/",["hxxp://d14.zedo.com/",0.7827463518668274,"hxxp://d3.zedo.com/",1.278405565796968,"hxxp://d7.zedo.com/",0.7573226135127641,"hxxp://m1.zedo.com/",0.2616633995826229]],["hxxp://d3l3lkinz3f56t.cloudfront.net/",["hxxp://ad.doubleclick.net/",0.6609170643713856,"hxxp://s.amazon-adsystem.com/",0.5614780805261275,"hxxp://s0.2mdn.net/",0.7569477489381682]],["hxxp://d7.zedo.com/",["hxxp://d14.zedo.com/",0.2420873692027378,"hxxp://d3.zedo.com/",0.8454642496954337,"hxxp://d7.zedo.com/",0.7599113196667293]],["hxxp://demos.ncol.com/",["hxxp://childreninternational.etools.ncol.com/",0.1515234035211676,"hxxp://demos.ncol.com/",0.1038824425265557]],["hxxp://docupub.com/",["hxxp://docupub.com/",2.822971948276087]],["hxxp://ds.serving-sys.com/",["hxxp://ds.serving-sys.com/",1.748282549497790]],["hxxp://ec.atdmt.com/",["hxxp://wdmp-1.vo.llnwd.net/",0.4620202050634544,"hxxp://wdmp-2.vo.llnwd.net/",0.4620202050634544,"hxxp://wdmp.rd.llnwd.net/",0.6180667643895215]],["hxxp://edge.sharethis.com/",["hxxp://edge.sharethis.com/",0.1267856462711170,"hxxp://w.sharethis.com/",0.3386991597371156]],["hxxp://egvsys.miamidade.gov:1608/",["hxxp://egvsys.miamidade.gov:1608/",0.08806882103327376,"hxxp://wsdc.miamidade.gov/",0.09317656521922930,"hxxp://www.miamidade.gov/",0.07815378820171318]],["hxxp://emeryjo.blogspot.com/",["hxxp://bcp.crwdcntrl.net/",0.2509253206725345,"hxxp://cdn.betrad.com/",0.2190915113334816,"hxxp://counterb.statcounter.com/",0.2190915113334816,"hxxp://i196.photobucket.com/",0.8876015074535919,"hxxp://l.betrad.com/",0.2190915113334816,"hxxp://widgets.blogher.com/",0.3464267486896931,"hxxp://www.blogger.com/",0.314592939350640,"hxxp://www.flickr.com/",0.2509253206725345,"hxxp://www.google-analytics.com/",0.2827591300115875,"hxxp://www.google.com/",0.2190915113334816]],["hxxp://en.wikipedia.org/",["hxxp://bits.wikimedia.org/",3.660967109307079,"hxxp://en.wikipedia.org/",0.5159369386987005,"hxxp://geoiplookup.wikimedia.org/",0.2744423975431235,"hxxp://meta.wikimedia.org/",0.2744423975431235,"hxxp://upload.wikimedia.org/",2.404653504217930]],["hxxp://esv.scripturetext.com/",["hxxp://biblebrowser.com/",1.688240235367076,"hxxp://biblemenus.com/",1.688240235367076,"hxxp://biblescan.com/",1.688240235367076,"hxxp://biblos.com/",2.116599698072155,"hxxp://choose.biblemenus.com/",1.688240235367076,"hxxp://esv.scripturetext.com/",6.469075891185604,"hxxp://languages.parallelbible.com/",1.688240235367076]],["hxxp://experience.sony.com/",["hxxp://experience.sony.com/",0.1009132928159282]],["hxxp://facebook-emoticons-symbols.blogspot.com/",["hxxp://3.bp.blogspot.com/",0.2190915113334816,"hxxp://c.statcounter.com/",0.08727265256108252,"hxxp://s7.addthis.com/",0.1390136505290554,"hxxp://widgets.amung.us/",0.1272700716759174,"hxxp://www.google-analytics.com/",0.09331303384191113]],["hxxp://facebook.com/",["hxxps://facebook.com/",0.9567717612958989,"hxxps://www.facebook.com/",0.9567717612958989]],["hxxp://fast.dm.demdex.net/",["hxxp://ad.doubleclick.net/",2.164117534328073,"hxxp://ad.yieldmanager.com/",0.2190915113334816,"hxxp://nexac.demdex.net/",0.2509253206725345,"hxxp://r.nexac.com/",0.2509253206725345,"hxxp://segments.adap.tv/",0.2190915113334816]],["hxxp://fls.doubleclick.net/",["hxxp://a.adroll.com/",0.6365070179880952,"hxxp://bid.openx.net/",0.5557561276463219,"hxxp://d.adroll.com/",0.5557561276463219,"hxxp://d98.d.chango.com/",0.5557561276463219,"hxxp://googleads.g.doubleclick.net/",0.8787596890134148,"hxxp://ib.adnxs.com/",0.7172579083298686,"hxxp://r.openx.net/",0.5557561276463219,"hxxp://tags.mediaforge.com/",0.7172579083298686,"hxxp://www.googleadservices.com/",0.7980087986716417,"hxxp://www.wtp101.com/",0.5557561276463219]],["hxxp://flylady.com/",["hxxp://connect.facebook.net/",2.27338020,"hxxp://flylady.com/",18.45906999999999,"hxxp://platform.twitter.com/",2.93402060,"hxxp://static.ak.facebook.com/",2.60370040,"hxxp://widget.cozicentral.cozi.com/",2.60370040,"hxxp://www.facebook.com/",3.924981199999999,"hxxp://www.google-analytics.com/",2.60370040,"hxxps://s-static.ak.facebook.com/",2.60370040,"hxxps://www.facebook.com/",3.924981199999999]],["hxxp://flylady.net/",["hxxp://connect.facebook.net/",2.27338020,"hxxp://flylady.net/",18.45906999999999,"hxxp://platform.twitter.com/",2.93402060,"hxxp://static.ak.facebook.com/",2.60370040,"hxxp://widget.cozicentral.cozi.com/",2.60370040,"hxxp://www.facebook.com/",3.924981199999999,"hxxp://www.google-analytics.com/",2.60370040,"hxxps://s-static.ak.facebook.com/",2.60370040,"hxxps://www.facebook.com/",3.924981199999999]],["hxxp://fourhourbody.com/",["hxxp://fourhourbody.com/",0.2137683303398136]],["hxxp://fsymbols.com/",["hxxp://fsymbols.disqus.com/",0.2610070237132225,"hxxp://juggler.services.disqus.com/",0.1446003974800978,"hxxp://media.disqus.com/",0.1922985535147727,"hxxp://mediacdn.disqus.com/",1.650499728373055,"hxxp://pagead2.googlesyndication.com/",0.1922985535147727,"hxxp://symbols.cachefly.net/",0.9898975080007254,"hxxp://themes.googleusercontent.com/",0.3282755444739386,"hxxp://www.google-analytics.com/",0.2467200100818552,"hxxp://www.google.com/",0.2467200100818552,"hxxps://ajax.googleapis.com/",0.1922985535147727]],["hxxp://g-ecx.images-amazon.com/",["hxxp://amazon-zg.s3.amazonaws.com/",0.1032512507902499,"hxxp://www.amazon.com/",0.3735103500167959]],["hxxp://gisims2.miamidade.gov/",["hxxp://gisims2.miamidade.gov/",0.5699033676497587,"hxxp://www.google-analytics.com/",0.1232324366832597]],["hxxp://gizmodo.com/",["hxxp://ad.doubleclick.net/",0.08374823675209156,"hxxp://api.gawker.com/",0.1097522554696360,"hxxp://cache.gawkerassets.com/",0.07724723207270541,"hxxp://cache.gizmodo.com/",0.09024924143147765,"hxxp://googleads.g.doubleclick.net/",0.05124321335516110,"hxxp://img.gawkerassets.com/",0.4152994754007825,"hxxps://www.facebook.com/",0.07724723207270541]],["hxxp://gma.yahoo.com/",["hxxp://d.yimg.com/",0.3349518108441434,"hxxp://geo.yahoo.com/",0.3349518108441434,"hxxp://l.yimg.com/",2.417152246912584,"hxxp://mi.adinterax.com/",0.4199395837448958,"hxxp://o.analytics.yahoo.com/",0.2924579243937670,"hxxp://platform.twitter.com/",0.5049273566456488,"hxxp://socialprofiles.zenfs.com/",0.3349518108441434,"hxxp://us.js.yimg.com/",0.2924579243937670,"hxxp://www.facebook.com/",0.4199395837448958,"hxxps://www.facebook.com/",0.4199395837448958]],["hxxp://gmail.com/",["hxxps://gmail.com/",0.06487231759323227,"hxxps://mail.google.com/",0.1291158108021763]],["hxxp://google.com/",["hxxp://www.google.com/",2.60370040,"hxxps://www.google.com/",2.60370040]],["hxxp://greatcall.ugc.bazaarvoice.com/",["hxxp://ajax.googleapis.com/",0.4067577723375010,"hxxp://greatcall.ugc.bazaarvoice.com/",1.040011337483080]],["hxxp://greatnonprofits.org/",["hxxp://greatnonprofits.org/",1.033213125684385,"hxxp://www.google-analytics.com/",0.9021338485453212]],["hxxp://h10032.www1.hp.com/",["hxxp://h10032.www1.hp.com/",0.3158409209013927]],["hxxp://h30434.www3.hp.com/",["hxxp://psg.i.lithium.com/",0.06359033344714198]],["hxxp://hotmail.com/",["hxxps://login.live.com/",0.1918919612772274]],["hxxp://ib.adnxs.com/",["hxxp://a.adroll.com/",1.593480224125066,"hxxp://ad.doubleclick.net/",1.593480224125066,"hxxp://c.betrad.com/",2.402111979651219,"hxxp://d.adroll.com/",1.391322285243528,"hxxp://l.betrad.com/",1.391322285243528]],["hxxp://ic.nexac.com/",["hxxp://cdn.interclick.com/",0.3627197534164119]],["hxxp://icanhascheezburger.com/",["hxxp://s0.wp.com/",0.05450906891520966]],["hxxp://igoogle.com/",["hxxp://www.google.com/",0.05954490761535774]],["hxxp://img-cdn.mediaplex.com/",["hxxp://edpn.ebay.com/",2.994961677151110]],["hxxp://img.mediaplex.com/",["hxxp://img-cdn.mediaplex.com/",0.9273300091506781,"hxxp://log.dmtry.com/",0.08076851093170383]],["hxxp://img.tfd.com/",["hxxp://img.tfd.com/",0.06199752684906693]],["hxxp://imp.bid.ace.advertising.com/",["hxxp://ad.doubleclick.net/",0.1951867866354886,"hxxp://ar.voicefive.com/",0.2235472599073118,"hxxp://b.voicefive.com/",0.2235472599073118,"hxxp://cdn.doubleverify.com/",0.1951867866354886,"hxxp://s0.2mdn.net/",0.1951867866354886]],["hxxp://info.mbopartners.com/",["hxxp://688-npm-525.mktoresp.com/",0.3903922932482842,"hxxp://edge.sharethis.com/",0.4471159597886331,"hxxp://info.mbopartners.com/",0.7307342924903776,"hxxp://l.sharethis.com/",0.3903922932482842,"hxxp://munchkin.marketo.net/",0.4471159597886331,"hxxp://na-l.marketo.com/",0.3903922932482842,"hxxp://seg.sharethis.com/",0.4471159597886331,"hxxp://w.sharethis.com/",0.5038396263289821,"hxxp://wd-edge.sharethis.com/",0.3903922932482842,"hxxp://www.surveygizmo.com/",0.3903922932482842]],["hxxp://irs.gov/",["hxxp://www.irs.gov/",2.60370040]],["hxxp://jitterbug.com/",["hxxp://www.greatcall.com/",1.461219049559447]],["hxxp://kingjbible.com/",["hxxp://kingjbible.com/",0.07763225122300629]],["hxxp://kpbs.media.clients.ellingtoncms.com/",["hxxp://kpbs.media.clients.ellingtoncms.com/",0.8272554279552447]],["hxxp://l.yimg.com/",["hxxp://ad.doubleclick.net/",2.27338020,"hxxp://ad.yieldmanager.com/",3.264340799999999,"hxxp://d.audienceiq.com/",0.3481393011828829,"hxxp://d.turn.com/",0.08185091854895230,"hxxp://mi.adinterax.com/",0.2698106613183895,"hxxp://s0.2mdn.net/",2.27338020,"hxxp://tr.adinterax.com/",0.2425083920183144]],["hxxp://languages.parallelbible.com/",["hxxp://languages.parallelbible.com/",0.3391701118836182]],["hxxp://latimesblogs.latimes.com/",["hxxp://l.collective-media.net/",0.1154939742024375,"hxxp://latimesblogs.latimes.com/",0.2455203027747182,"hxxp://pixel.quantserve.com/",0.08948870848798138,"hxxp://static.chartbeat.com/",0.08948870848798138,"hxxp://www.facebook.com/",0.1284966070596655,"hxxp://www.latimes.com/",0.5705861242054201,"hxxp://www.trbimg.com/",0.1545018727741216,"hxxps://graph.facebook.com/",0.08948870848798138,"hxxps://plusone.google.com/",0.1284966070596655,"hxxps://www.facebook.com/",0.1024913413452095]],["hxxp://livingalternatives.org/",["hxxp://livingalternatives.org/",0.07086155336835921]],["hxxp://login.dotomi.com/",["hxxp://ads.adbrite.com/",1.239517334004204,"hxxp://cm.g.doubleclick.net/",1.239517334004204,"hxxp://dclk-match.dotomi.com/",1.239517334004204,"hxxp://googleads.g.doubleclick.net/",1.239517334004204,"hxxp://ib.adnxs.com/",1.239517334004204,"hxxp://image2.pubmatic.com/",1.239517334004204,"hxxp://pixel.rubiconproject.com/",1.239517334004204,"hxxp://sync.fastclick.net/",1.239517334004204,"hxxp://www.burstnet.com/",1.239517334004204,"hxxp://www.googleadservices.com/",1.239517334004204]],["hxxp://lyrics.filestube.com/",["hxxp://static.filestube.com/",1.320037688371622,"hxxp://www.google-analytics.com/",0.3794891275482579]],["hxxp://mads.cbsnews.com/",["hxxp://adimg.cbsnews.com/",0.2255118332254090,"hxxp://adlog.com.com/",0.2255118332254090,"hxxp://i.i.com.com/",0.2582785098479044]],["hxxp://maps.google.com/",["hxxp://gg.google.com/",1.454017169879350,"hxxp://khm0.google.com/",1.306884480070131,"hxxp://khm1.google.com/",1.748282549497790,"hxxp://lh6.googleusercontent.com/",1.012619100451691,"hxxp://maps.google.com/",3.324100875631277,"hxxp://maps.gstatic.com/",9.962960534052746,"hxxp://mt0.google.com/",2.437478870964134,"hxxp://mt1.google.com/",2.211087957023717,"hxxp://ssl.gstatic.com/",1.012619100451691,"hxxps://maps.google.com/",1.012619100451691]],["hxxp://maps.randmcnally.com/",["hxxp://ad.doubleclick.net/",0.4100046852880986,"hxxp://maps.randmcnally.com/",0.5140357248388097,"hxxp://pix04.revsci.net/",0.5140357248388097,"hxxp://pixel.traveladvertising.com/",0.6180667643895215,"hxxp://s0.2mdn.net/",0.7741133237155892,"hxxp://wsdds32-01.prod.sv.decartahws.com/",0.7741133237155892,"hxxp://wsdds32-02.prod.sv.decartahws.com/",1.086206442367723,"hxxp://wsdds32-03.prod.sv.decartahws.com/",0.7220978039402327,"hxxp://wsdds32.prod.sv.decartahws.com/",1.034190922592367,"hxxp://www.traveladvertising.com/",0.4100046852880986]],["hxxp://media.calvaryftl.org/",["hxxp://csi.gstatic.com/",0.09646786002535301,"hxxp://images.calvaryftl.org/",0.3662958461170289,"hxxp://maps.googleapis.com/",0.7204418434167983,"hxxp://maps.gstatic.com/",1.344415826808244,"hxxp://media.calvaryftl.org/",12.34828501625781,"hxxp://mt0.googleapis.com/",0.4421833499825352,"hxxp://mt1.googleapis.com/",0.3030541032654036,"hxxp://s7.addthis.com/",0.5813125966996667,"hxxp://www.google-analytics.com/",0.4379680963112414]],["hxxp://media.fastclick.net/",["hxxp://ad.doubleclick.net/",0.2216728450882242,"hxxp://c.betrad.com/",2.140021380075633,"hxxp://l.betrad.com/",1.239517334004204,"hxxp://s0.2mdn.net/",0.2216728450882242,"hxxp://www.apmebf.com/",0.1429968271728477,"hxxp://www.emjcd.com/",0.1429968271728477,"hxxp://www.lduhtrp.net/",0.1429968271728477,"hxxp://www.yceml.net/",0.1429968271728477]],["hxxp://media.intermundomedia.com/",["hxxp://media.intermundomedia.com/",1.275840513421308]],["hxxp://media.match.com/",["hxxp://media.match.com/",1.297147417988095]],["hxxp://mediacdn.disqus.com/",["hxxp://b.scorecardresearch.com/",0.1234779008180896,"hxxp://edge.quantserve.com/",0.2336526619356728,"hxxp://mediacdn.disqus.com/",0.08780160013034227,"hxxp://pixel.quantserve.com/",0.08816160950476928,"hxxp://www.google-analytics.com/",0.1249652504856477]],["hxxp://mexicofive-0.com/",["hxxp://mexicofive-0.com/",0.05450906891520966]],["hxxp://mi.adinterax.com/",["hxxp://mi.adinterax.com/",1.239517334004204]],["hxxp://miami.cbslocal.com/",["hxxp://images.intellitxt.com/",0.08966169908022445,"hxxp://odb.outbrain.com/",0.05779586874509245,"hxxp://s1.wp.com/",0.2606378270593577,"hxxp://s7.addthis.com/",0.07903975563518045,"hxxp://www.facebook.com/",0.06310684046761435,"hxxps://plusone.google.com/",0.05248489702257039,"hxxps://www.facebook.com/",0.06310684046761435]],["hxxp://miami.craigslist.org/",["hxxp://images.craigslist.org/",0.2474131920351947,"hxxp://www.craigslist.org/",0.2912802827014832]],["hxxp://mlbible.com/",["hxxp://biblebrowser.com/",2.544959160777235,"hxxp://biblemenus.com/",1.902419966719616,"hxxp://biblos.com/",1.688240235367076,"hxxp://choose.biblemenus.com/",1.688240235367076,"hxxp://languages.parallelbible.com/",1.688240235367076,"hxxp://mlbible.com/",7.042733519180563]],["hxxp://myflorida.com/",["hxxp://www.myflorida.com/",0.1081993422367454]],["hxxp://myflorida.custhelp.com/",["hxxp://myflorida.custhelp.com/",0.3137109318363656,"hxxp://www.myflorida.com/",0.1184148306086564]],["hxxp://news.google.com/",["hxxp://csi.gstatic.com/",1.012619100451691,"hxxp://i.ytimg.com/",1.153866482668541,"hxxp://news.google.com/",1.159751790260911,"hxxp://nt0.ggpht.com/",2.998910412876159,"hxxp://nt1.ggpht.com/",3.096017988150247,"hxxp://nt2.ggpht.com/",2.610480111779820,"hxxp://nt3.ggpht.com/",2.998910412876159,"hxxp://ssl.gstatic.com/",1.153866482668541,"hxxp://www.gstatic.com/",1.398106747751846,"hxxps://plusone.google.com/",1.253916711738810]],["hxxp://news.yahoo.com/",["hxxp://d.yimg.com/",1.593480224125066,"hxxp://geo.yahoo.com/",1.593480224125066,"hxxp://l.yimg.com/",14.82794566728924,"hxxp://news.yahoo.com/",1.997796101888142,"hxxp://socialprofiles.zenfs.com/",2.362501034190335,"hxxp://static.ak.fbcdn.net/",1.593480224125066,"hxxp://ucs.query.yahoo.com/",1.593480224125066,"hxxp://us.mg.mail.yahoo.com/",1.391322285243528,"hxxp://www.facebook.com/",2.738039729353625,"hxxps://www.facebook.com/",2.738039729353625]],["hxxp://niv.scripturetext.com/",["hxxp://biblebrowser.com/",0.4664418194098582,"hxxp://biblemenus.com/",0.6960820774254906,"hxxp://biblescan.com/",0.4664418194098582,"hxxp://biblos.com/",0.9257223354411229,"hxxp://choose.biblemenus.com/",0.4664418194098582,"hxxp://languages.parallelbible.com/",0.4664418194098582,"hxxp://niv.scripturetext.com/",7.110182821396508]],["hxxp://offers.motime.com/",["hxxp://s.motime.com/",0.06015284787581380]],["hxxp://office.microsoft.com/",["hxxp://c.atdmt.com/",0.4341747082747581,"hxxp://c.msn.com/",0.3459535945896080,"hxxp://js.microsoft.com/",0.3459535945896080,"hxxp://m.webtrends.com/",1.075517638265027,"hxxp://office.microsoft.com/",0.8108542972095765,"hxxp://officeimg.vo.msecnd.net/",20.59528522211015,"hxxp://ots.optimize.webtrends.com/",2.145776599045350]],["hxxp://ox-d.earnmydegree.com/",["hxxp://ox-d.earnmydegree.com/",0.2111481303887552,"hxxp://ox-i.earnmydegree.com/",0.2111481303887552]],["hxxp://p.brilig.com/",["hxxp://a.triggit.com/",0.5997127996752865,"hxxp://ad.yieldmanager.com/",0.4894953121673960,"hxxp://adadvisor.net/",0.3792778246595056,"hxxp://bid.openx.net/",0.3792778246595056,"hxxp://cm.g.doubleclick.net/",0.3792778246595056,"hxxp://image2.pubmatic.com/",0.3792778246595056,"hxxp://p.brilig.com/",0.4894953121673960,"hxxp://tag.admeld.com/",0.3792778246595056,"hxxps://ev.ib-ibi.com/",0.3792778246595056,"hxxps://ib.mookie1.com/",0.3792778246595056]],["hxxp://p4.curh7qcdlddhs.gufujjxjdoodwnu5.if.v4.ipv6-exp.l.google.com/",["hxxp://p4.curh7qcdlddhs.gufujjxjdoodwnu5.if.v4.ipv6-exp.l.google.com/",0.2509253206725345]],["hxxp://p4.gsmekuy7py6dy.hs2d524gnau4gdor.if.v4.ipv6-exp.l.google.com/",["hxxp://p4.gsmekuy7py6dy.hs2d524gnau4gdor.if.v4.ipv6-exp.l.google.com/",0.3869913440744119]],["hxxp://pagead2.googlesyndication.com/",["hxxp://googleads.g.doubleclick.net/",0.3350246201150691,"hxxp://kpbs.media.clients.ellingtoncms.com/",0.8272554279552447,"hxxp://pagead2.googlesyndication.com/",16.02912152317061,"hxxp://s.ytimg.com/",0.08986412488159071,"hxxp://www.youtube.com/",0.08986412488159071]],["hxxp://paintingsbysandraestes.blogspot.com/",["hxxp://www.blogger.com/",0.05402595306013296]],["hxxp://photoetrist.tumblr.com/",["hxxp://static.tumblr.com/",0.05611429486271011]],["hxxp://pinterest.com/",["hxxp://media-cache0.pinterest.com/",0.2910451864703997,"hxxp://media-cache2.pinterest.com/",0.2582785098479044,"hxxp://media-cache3.pinterest.com/",0.3238118630928947,"hxxp://media-cache4.pinterest.com/",0.2582785098479044,"hxxp://media-cache7.pinterest.com/",0.2255118332254090,"hxxp://passets-cdn.pinterest.com/",0.2582785098479044,"hxxp://platform.twitter.com/",0.2582785098479044,"hxxp://profile.ak.fbcdn.net/",0.6187119526953531,"hxxp://www.google-analytics.com/",0.3238118630928947,"hxxps://www.facebook.com/",0.2582785098479044]],["hxxp://pixel.fetchback.com/",["hxxp://ad.adtegrity.net/",0.3289873596670885,"hxxp://ad.yieldmanager.com/",0.6573589736638248,"hxxp://ads.revsci.net/",0.3289873596670885,"hxxp://googleads.g.doubleclick.net/",0.3289873596670885,"hxxp://ib.adnxs.com/",0.3286764956672499,"hxxp://pixel.fetchback.com/",0.9853331269445055,"hxxp://pixel.rubiconproject.com/",0.3289873596670885,"hxxp://www.googleadservices.com/",0.3284930601994714]],["hxxp://pixel.invitemedia.com/",["hxxp://ad.doubleclick.net/",0.7172579083298686,"hxxp://ad.yieldmanager.com/",0.5557561276463219,"hxxp://adadvisor.net/",0.5557561276463219,"hxxp://cms.ad.yieldmanager.net/",0.07181097488544337,"hxxp://cookex.amp.yahoo.com/",0.06270062732534977,"hxxp://googleads.g.doubleclick.net/",0.06270062732534977,"hxxp://pix.bit.ly/",1.351711339782644,"hxxp://segment-pixel.invitemedia.com/",0.3980812604735949]],["hxxp://pixel.mathtag.com/",["hxxp://pixel.mathtag.com/",0.07065049400442937]],["hxxp://platform.twitter.com/",["hxxp://cdn.api.twitter.com/",0.5012285926640866,"hxxp://p.twitter.com/",0.5012285926640866]],["hxxp://pr.bby.com/",["hxxp://a0.twimg.com/",0.9182727082607280,"hxxp://api.twitter.com/",1.120430647142266,"hxxp://clients1.google.com/",1.253854886804081,"hxxp://ehg-ccbn.hitbox.com/",1.520703366127711,"hxxp://media.corporate-ir.net/",12.35232573140052,"hxxp://phx.corporate-ir.net/",1.387279126465897,"hxxp://pr.bby.com/",3.857649139598294,"hxxp://www.google.com/",2.123134023994696]],["hxxp://preference.msg.yahoo.com/",["hxxp://preference.msg.yahoo.com/",2.27338020]],["hxxp://premium.naturalnews.tv/",["hxxp://banners.webseed.com/",0.05982712093636879]],["hxxp://prod1.rest-core.msg.yahoo.com/",["hxxp://mail.yimg.com/",0.5186530016304466,"hxxp://prod1.rest-core.msg.yahoo.com/",0.4813911500635448]],["hxxp://prod2.rest-notify.msg.yahoo.com/",["hxxp://mail.yimg.com/",0.06490053964090807,"hxxp://prod2.rest-notify.msg.yahoo.com/",1.459098428266186]],["hxxp://produtools.com/",["hxxp://produtools.com/",0.08380916122925410]],["hxxp://profile.yahoo.com/",["hxxp://d.yimg.com/",0.7585920251023977,"hxxp://geo.yahoo.com/",0.7585920251023977,"hxxp://l.yimg.com/",3.073270255543045,"hxxp://o.analytics.yahoo.com/",0.7585920251023977,"hxxp://ucs.query.yahoo.com/",0.7585920251023977,"hxxp://us.mg.mail.yahoo.com/",0.7585920251023977]],["hxxp://puma.vizu.com/",["hxxp://cheetah.vizu.com/",0.4725382544223415,"hxxp://puma.vizu.com/",0.4727728822251630]],["hxxp://pw.myersinfosys.com/",["hxxp://ajax.googleapis.com/",0.6531103827555309,"hxxp://edge.sharethis.com/",0.6531103827555309,"hxxp://l.sharethis.com/",0.480551971043280,"hxxp://myers-proweb.commonmediainc.com/",1.155303921438857,"hxxp://pw.myersinfosys.com/",2.085936581539811,"hxxp://seg.sharethis.com/",0.6531103827555309,"hxxp://w.sharethis.com/",0.6531103827555309,"hxxp://wd-edge.sharethis.com/",0.480551971043280,"hxxps://ajax.googleapis.com/",0.480551971043280]],["hxxp://r.turn.com/",["hxxp://cdn.turn.com/",0.6099575245484237]],["hxxp://r1rk9np7bpcsfoeekl0khkd2juj27q3o-a-fc-opensocial.googleusercontent.com/",["hxxp://r1rk9np7bpcsfoeekl0khkd2juj27q3o-a-fc-opensocial.googleusercontent.com/",0.1569632921603554]],["hxxp://randmcnally.com/",["hxxp://www.randmcnally.com/",0.2145598368304919]],["hxxp://re.revolvermaps.com/",["hxxp://re.revolvermaps.com/",2.530126353952130]],["hxxp://referencebible.org/",["hxxp://referencebible.org/",8.347904290393307]],["hxxp://rrsc.forumotion.com/",["hxxp://ad.z5x.net/",1.454017169879350,"hxxp://cas.criteo.com/",1.601149859688571,"hxxp://dis.criteo.com/",1.159751790260911,"hxxp://dis.ny.us.criteo.com/",1.454017169879350,"hxxp://hitskin.com/",2.189680618925451,"hxxp://illiweb.com/",2.189680618925451,"hxxp://r11.imgfast.net/",1.306884480070131,"hxxp://sync.mathtag.com/",1.012619100451691,"hxxp://tag.admeld.com/",1.012619100451691,"hxxp://www.eons.com/",1.159751790260911]],["hxxp://rs.gwallet.com/",["hxxp://c7.zedo.com/",0.1842310578781716,"hxxp://rp.gwallet.com/",0.06369428153690031,"hxxp://whos.amung.us/",0.06369428153690031]],["hxxp://s.ytimg.com/",["hxxp://o-o.preferred.comcast-mia1.v16.lscache6.c.youtube.com/",1.561718943584138,"hxxp://o-o.preferred.comcast-mia1.v7.lscache3.c.youtube.com/",2.619537390278462,"hxxp://o-o.preferred.iad23t01.v7.cache7.c.youtube.com/",2.619537390278462,"hxxp://redirector.c.youtube.com/",1.958169039267564,"hxxp://s.youtube.com/",12.01571224364266,"hxxp://s0.2mdn.net/",11.39086568288795,"hxxp://s2.youtube.com/",12.58940913724583,"hxxp://v7.nonxt3.c.youtube.com/",1.958169039267564,"hxxp://www.youtube.com/",29.94985233973676,"hxxps://plusone.google.com/",1.593480224125066]],["hxxp://s0.2mdn.net/",["hxxp://motifcdn2.doubleclick.net/",2.216722949869911,"hxxp://o-o.preferred.comcast-mia1.v4.lscache7.c.youtube.com/",1.26472587613170,"hxxp://redirector.c.youtube.com/",0.2295461612205927,"hxxp://s.youtube.com/",0.6271118119818249,"hxxp://s.ytimg.com/",1.883142342179567,"hxxp://s0.2mdn.net/",2.395177412521469,"hxxp://secure-us.imrworldwide.com/",1.561718943584138,"hxxp://www.googleadservices.com/",0.1551260747990617,"hxxp://www.youtube.com/",3.856123516965626,"hxxp://yt-festivals.appspot.com/",1.706103651822241]],["hxxp://s7.addthis.com/",["hxxp://cf.addthis.com/",0.5912235949213428,"hxxp://ib.adnxs.com/",0.2961398625690761,"hxxp://m.addthisedge.com/",0.3019129669340151,"hxxp://segment-pixel.invitemedia.com/",0.3097744953072870]],["hxxp://search.ancestry.com/",["hxxp://c.mfcreative.com/",0.2264227761621193]],["hxxp://search.yahoo.com/",["hxxp://e.yimg.com/",1.088531986618126,"hxxp://l.yimg.com/",1.940918846867386,"hxxp://search.yahoo.com/",1.548113842144225,"hxxp://sm-a1.yimg.com/",0.8921294842565452,"hxxp://ts1.mm.bing.net/",1.548113842144225,"hxxp://ts2.mm.bing.net/",1.351711339782644,"hxxp://ts4.mm.bing.net/",1.548113842144225,"hxxp://vis.ec.yimg.com/",2.137321349228967,"hxxp://ybinst0.ec.yimg.com/",1.284934488979707,"hxxp://ybinst6.ec.yimg.com/",1.351711339782644]],["hxxp://seg.sharethis.com/",["hxxp://b.scorecardresearch.com/",0.2119755627462772]],["hxxp://serve.directdigitalllc.com/",["hxxp://c1142172.cdn.cloudfiles.rackspacecloud.com/",0.646914311622280]],["hxxp://sfgleadership.com/",["hxxp://sfgleadership.com/",0.1204209264412964]],["hxxp://snt101.mail.live.com/",["hxxp://sn101w.snt101.mail.live.com/",0.3238118630928947,"hxxps://snt101.mail.live.com/",0.2582785098479044]],["hxxp://sonystyle.ugc.bazaarvoice.com/",["hxxp://ajax.googleapis.com/",0.3792778246595056,"hxxp://sonystyle.ugc.bazaarvoice.com/",0.4343865684134507]],["hxxp://speed.pointroll.com/",["hxxp://akimages.shoplocal.com/",0.6647648420802216,"hxxp://api.shoplocal.com/",0.314592939350640,"hxxp://blu.services.stub.msn.com/",1.814218788307923,"hxxp://cp30559.edgefcs.net/",1.141265138925012,"hxxp://maps.googleapis.com/",0.2509253206725345,"hxxp://smq.pointroll.com/",0.1024913413452095,"hxxp://speed.pointroll.com/",0.8423513372003590]],["hxxp://store.precept.org/",["hxxp://store.precept.org/",0.1007977249983001]],["hxxp://store.sony.com/",["hxxp://as00.estara.com/",0.3792778246595056,"hxxp://metrics.sony.com/",0.4343865684134507,"hxxp://nexus2.ensighten.com/",1.261017724722629,"hxxp://platform.twitter.com/",0.6548215434292314,"hxxp://sales.liveperson.net/",0.3792778246595056,"hxxp://sony.tt.omtrdc.net/",0.4343865684134507,"hxxp://sonystyle.ugc.bazaarvoice.com/",1.481452699738411,"hxxp://stats.g.doubleclick.net/",0.3792778246595056,"hxxp://store.sony.com/",16.30570476954977,"hxxps://platform.twitter.com/",0.4343865684134507]],["hxxp://store.vangoghgallery.com/",["hxxp://store.vangoghgallery.com/",0.1234589119527577]],["hxxp://support.google.com/",["hxxp://clients1.google.com/",0.5968401275213049,"hxxp://lh6.googleusercontent.com/",0.5211216038805425,"hxxp://ssl.gstatic.com/",0.5211216038805425,"hxxp://support.google.com/",1.126869793006643,"hxxp://www.blogger.com/",0.6725586511620676,"hxxp://www.google-analytics.com/",1.581180934851218,"hxxp://www.google.com/",2.815293525564154,"hxxps://plus.google.com/",0.7482771748028294,"hxxps://plusone.google.com/",0.8239956984435927,"hxxps://ssl.gstatic.com/",0.5211216038805425]],["hxxp://support.microsoft.com/",["hxxp://support.microsoft.com/",0.08197427501133055]],["hxxp://tag.admeld.com/",["hxxp://a.collective-media.net/",2.066525344788971,"hxxp://api.bizographics.com/",1.804354218957534,"hxxp://c.betrad.com/",2.066525344788971,"hxxp://cti.w55c.net/",2.066525344788971,"hxxp://l.betrad.com/",2.066525344788971,"hxxp://l.collective-media.net/",2.590867596451845,"hxxp://pixel.quantserve.com/",2.066525344788971,"hxxp://r.turn.com/",2.066525344788971,"hxxp://syndication.mmismm.com/",1.804354218957534,"hxxp://tags.bluekai.com/",1.804354218957534]],["hxxp://tag.crsspxl.com/",["hxxp://d.turn.com/",0.2321202981126769,"hxxp://pixel.mathtag.com/",0.2321202981126769,"hxxp://tag.crsspxl.com/",0.07128689043821430]],["hxxp://tags.mediaforge.com/",["hxxp://ajax.googleapis.com/",0.3284966190946078,"hxxp://bstats.adbrite.com/",0.3284966190946078,"hxxp://cdn1.mediaforge.com/",0.3284966190946078,"hxxp://googleads.g.doubleclick.net/",0.3284966190946078,"hxxp://mpp.specificclick.net/",0.3284966190946078,"hxxp://pixel.mathtag.com/",0.3284966190946078,"hxxp://pixel.rubiconproject.com/",0.3284966190946078,"hxxp://www.googleadservices.com/",0.3284966190946078]],["hxxp://tap2-cdn.rubiconproject.com/",["hxxp://ad.yabuka.com/",0.1842310578781716,"hxxp://cm.netseer.com/",0.08025104881173149,"hxxp://m.xp1.ru4.com/",0.08025104881173149,"hxxp://matcher-rbc.bidder7.mookie1.com/",0.08025104881173149,"hxxp://pcm3.map.pulsemgr.com/",0.1842310578781716,"hxxp://pixel.rubiconproject.com/",0.1571090969096520,"hxxp://www.wtp101.com/",0.1842310578781716]],["hxxp://tinybuddha.com/",["hxxp://tinybuddha.com/",0.08331369533563812]],["hxxp://tlc.howstuffworks.com/",["hxxp://static.ddmcdn.com/",0.06161075002286544]],["hxxp://tm.dp.yieldmanager.net/",["hxxp://d.yimg.com/",1.313228117939032]],["hxxp://uac.advertising.com/",["hxxp://ad.doubleclick.net/",0.2505812393228361,"hxxp://as1.suitesmart.com/",0.2152061227182393,"hxxp://b.scorecardresearch.com/",0.06295652941999874,"hxxp://r1-ads.ace.advertising.com/",0.6117344629517835,"hxxp://s0.2mdn.net/",0.2505812393228361,"hxxp://sensor2.suitesmart.com/",0.1879038534181641,"hxxp://static.suitesmart.com/",0.1879038534181641,"hxxp://uac.advertising.com/",0.990284415120,"hxxp://view.atdmt.com/",1.794812294240]],["hxxp://uk.answers.yahoo.com/",["hxxp://ads.yimg.com/",0.2190915113334816,"hxxp://at08.alenty.com/",0.2827591300115875,"hxxp://js.alenty.com/",0.2509253206725345,"hxxp://l.yimg.com/",0.8876015074535919,"hxxp://row.bc.yahoo.com/",0.2190915113334816,"hxxp://s0.2mdn.net/",0.314592939350640,"hxxp://socialprofiles.zenfs.com/",0.2190915113334816,"hxxp://ucs.query.yahoo.com/",0.2509253206725345,"hxxp://us.mg.mail.yahoo.com/",0.2190915113334816,"hxxp://yui.yahooapis.com/",0.4737619860459047]],["hxxp://us.mg4.mail.yahoo.com/",["hxxp://36ohk6dgmcd1n-c.c.yom.mail.yahoo.net/",2.024607255930007,"hxxp://3cp9lcoq32dpn-c.c.yom.mail.yahoo.com/",2.024607255930007,"hxxp://image-c.c.yom.mail.yahoo.net/",0.4959944373374797,"hxxp://l.yimg.com/",11.36611125702821,"hxxp://mail.yimg.com/",14.37116851863127,"hxxp://us.bc.yahoo.com/",0.5672840847828941,"hxxp://us.mg4.mail.yahoo.com/",4.097124846359067,"hxxp://yui.yahooapis.com/",1.468289580304402]],["hxxp://usweb.dotomi.com/",["hxxp://images-p.qvc.com/",0.08511020695305240,"hxxp://usweb.dotomi.com/",0.1932235898507157]],["hxxp://utmost.org/",["hxxp://edge.quantserve.com/",0.4647044747528996,"hxxp://pixel.quantserve.com/",0.4647044747528996,"hxxp://rbc.org/",0.4647044747528996,"hxxp://s.gravatar.com/",1.217374871111451,"hxxp://s7.addthis.com/",2.331357688631761,"hxxp://secure.rbc.org/",0.4647044747528996,"hxxp://stats.wordpress.com/",0.8410396729321753,"hxxp://utmost.org/",10.62575482559334,"hxxp://www.google-analytics.com/",0.8410396729321753]],["hxxp://video.miami.cbslocal.com/",["hxxp://cbsmia.images.worldnow.com/",0.1196222017774380,"hxxp://video.miami.cbslocal.com/",0.07588935381579406]],["hxxp://video.search.yahoo.com/",["hxxp://d.yimg.com/",1.351711339782644,"hxxp://i.ytimg.com/",1.940918846867386,"hxxp://l.yimg.com/",1.940918846867386,"hxxp://l1.yimg.com/",1.351711339782644,"hxxp://ts1.mm.bing.net/",1.548113842144225,"hxxp://ts2.mm.bing.net/",2.333723851590548,"hxxp://ts3.mm.bing.net/",2.137321349228967,"hxxp://ts4.mm.bing.net/",2.333723851590548,"hxxp://us.bc.yahoo.com/",1.351711339782644,"hxxp://video.search.yahoo.com/",2.333723851590548]],["hxxp://view.atdmt.com/",["hxxp://ec.atdmt.com/",0.6664847180333775,"hxxp://ib.adnxs.com/",0.08185091854895230,"hxxp://rmd.atdmt.com/",0.06515092700878256,"hxxp://tags.mathtag.com/",0.06806330298360948]],["hxxp://vp.mgnetwork.net/",["hxxp://vamsimages.mgnetwork.com/",3.832243093604635,"hxxp://videoapi.mgnetwork.com/",0.9474549345812202,"hxxp://vp.mgnetwork.net/",0.8272554279552447]],["hxxp://wafg.org/",["hxxp://a0.twimg.com/",1.088531986618126,"hxxp://ajax.googleapis.com/",1.088531986618126,"hxxp://api.twitter.com/",1.088531986618126,"hxxp://je.revolvermaps.com/",1.740588294458573,"hxxp://re.revolvermaps.com/",1.088531986618126,"hxxp://wafg.org/",25.86667168455523,"hxxp://widgets.twimg.com/",2.066616448378798,"hxxp://www.google.com/",1.088531986618126]],["hxxp://waynewatson.com/",["hxxp://edge.quantserve.com/",0.5363927041682115,"hxxp://pixel.quantserve.com/",0.5363927041682115,"hxxp://s.gravatar.com/",0.6922675070888882,"hxxp://stats.wordpress.com/",0.6143301056285497,"hxxp://twitter.com/",0.6143301056285497,"hxxp://waynewatson.com/",3.575951361121406,"hxxp://www.bandsintown.com/",0.5363927041682115,"hxxp://www.youtube.com/",0.6143301056285497]],["hxxp://webmedia.hrblock.com/",["hxxp://webmedia.hrblock.com/",0.8204351935576389]],["hxxp://whdc.biblos.com/",["hxxp://biblebrowser.com/",1.688240235367076,"hxxp://biblemenus.com/",1.688240235367076,"hxxp://biblos.com/",2.116599698072155,"hxxp://choose.biblemenus.com/",1.688240235367076,"hxxp://languages.parallelbible.com/",1.688240235367076,"hxxp://whdc.biblos.com/",6.400194325122944]],["hxxp://widget.cozicentral.cozi.com/",["hxxp://b.scorecardresearch.com/",1.794812294240,"hxxp://widget.cozicentral.cozi.com/",5.588473727199999,"hxxp://www.cozi.com/",2.269019973360,"hxxp://www.google-analytics.com/",1.794812294240]],["hxxp://widgets.blogher.com/",["hxxp://bcp.crwdcntrl.net/",0.2190915113334816,"hxxp://c3382582.r82.cf0.rackcdn.com/",0.2190915113334816,"hxxp://c3395061.r61.cf0.rackcdn.com/",0.2827591300115875,"hxxp://oascentral.blogher.org/",0.2190915113334816,"hxxp://widgets.blogher.com/",0.3782605580287460,"hxxp://www.google-analytics.com/",0.2827591300115875,"hxxps://ajax.googleapis.com/",0.2509253206725345]],["hxxp://wiki.answers.com/",["hxxp://ar.atwola.com/",0.1449481202528467,"hxxp://b.scorecardresearch.com/",0.1633370608819392,"hxxp://googleads.g.doubleclick.net/",0.1265591796237542,"hxxp://images.intellitxt.com/",0.3104485859146791,"hxxp://leadback.advertising.com/",0.1449481202528467,"hxxp://s7.addthis.com/",0.1817260015110316,"hxxp://wiki.answers.com/",0.1449481202528467,"hxxp://www.facebook.com/",0.1817260015110316,"hxxp://www.googleadservices.com/",0.1265591796237542,"hxxps://www.facebook.com/",0.1817260015110316]],["hxxp://wn.com/",["hxxp://cdn3.wn.com/",0.1588287960487102,"hxxp://d3io1k5o0zdpqr.cloudfront.net/",0.1150435603812280,"hxxp://i.ytimg.com/",0.4215402100536034,"hxxp://maps.gstatic.com/",0.1588287960487102,"hxxp://mt0.googleapis.com/",0.1150435603812280,"hxxp://mt1.googleapis.com/",0.1150435603812280,"hxxp://static.ak.fbcdn.net/",0.1004484818254005,"hxxp://w.sharethis.com/",0.1734238746045375,"hxxp://www.youtube.com/",0.1004484818254005,"hxxps://www.facebook.com/",0.1442337174928827]],["hxxp://womantribune.com/",["hxxp://womantribune.com/",0.07966907330542956]],["hxxp://woobox.com/",["hxxp://ajax.googleapis.com/",0.2459238720294686,"hxxp://woobox.com/",0.5675166277603118,"hxxp://www.facebook.com/",0.2816564004440068,"hxxp://www.google-analytics.com/",0.2816564004440068,"hxxps://apis.google.com/",0.2816564004440068,"hxxps://plusone.google.com/",0.2816564004440068,"hxxps://ssl.gstatic.com/",0.2459238720294686,"hxxps://www.facebook.com/",0.2816564004440068]],["hxxp://www-ig-opensocial.googleusercontent.com/",["hxxp://csi.gstatic.com/",0.1252407878981635,"hxxp://www-ig-opensocial.googleusercontent.com/",0.6807636253348351,"hxxp://www.google-analytics.com/",0.3403821361276765]],["hxxp://www.5earch.com/",["hxxp://www.5earch.com/",0.09223966857184177,"hxxps://plusone.google.com/",0.1091006832570172]],["hxxp://www.adfusion.com/",["hxxp://aranet.vo.llnwd.net/",0.1284966070596655]],["hxxp://www.adobe.com/",["hxxp://adobe.tt.omtrdc.net/",0.7369949101477324,"hxxp://api.demandbase.com/",0.7369949101477324,"hxxp://l.betrad.com/",0.7369949101477324,"hxxp://stats.adobe.com/",0.7369949101477324,"hxxp://www.adobe.com/",6.519570358999166,"hxxp://wwwimages.adobe.com/",1.058249101750589]],["hxxp://www.allprosoftware.com/",["hxxp://d.yimg.com/",0.1223952024305619,"hxxp://googleads.g.doubleclick.net/",0.1842531702001187,"hxxp://images.scanalert.com/",0.1401791207324385,"hxxp://s.analytics.yahoo.com/",0.2428633472299026,"hxxp://www.allprosoftware.com/",1.180807794699818,"hxxp://www.google-analytics.com/",0.2428633472299026,"hxxp://www.googleadservices.com/",0.2020370885019953]],["hxxp://www.amazon.com/",["hxxp://a.dlqm.net/",1.517256805260298,"hxxp://ad.doubleclick.net/",1.517256805260298,"hxxp://amch.questionmarket.com/",1.517256805260298,"hxxp://d3l3lkinz3f56t.cloudfront.net/",1.059297897193241,"hxxp://ecx.images-amazon.com/",15.51920847569647,"hxxp://g-ecx.images-amazon.com/",13.46459129364286,"hxxp://s0.2mdn.net/",0.5399337506922309,"hxxp://t1-completion.amazon.com/",5.044554677318423,"hxxp://www.amazon.com/",2.294815060872967,"hxxp://z-ecx.images-amazon.com/",6.373634285880196]],["hxxp://www.americangreetings.com/",["hxxp://ak.imgag.com/",0.4806457468517387,"hxxp://www.americangreetings.com/",0.07460329690398160]],["hxxp://www.arbys.com/",["hxxp://www.arbys.com/",0.2573640677197768]],["hxxp://www.ask.com/",["hxxp://api.recaptcha.net/",0.4257283664140090,"hxxp://b.scorecardresearch.com/",0.4875863341835657,"hxxp://cdn.gigya.com/",0.4257283664140090,"hxxp://go.sp-ask.com/",0.5140357248388097,"hxxp://gscounters.gigya.com/",0.4257283664140090,"hxxp://pixel.asksemtools.com/",0.4257283664140090,"hxxp://sp.ask.com/",0.6731602374922364,"hxxp://tracking.asksemtools.com/",0.4257283664140090,"hxxp://www.ask.com/",1.806550352099317,"hxxp://wzus1.ask.com/",0.5159936577012669]],["hxxp://www.bathandbodyworks.com/",["hxxp://b.monetate.net/",0.2255118332254090,"hxxp://bbw.imageg.net/",2.715779256535052,"hxxp://d.monetate.net/",0.2255118332254090,"hxxp://images.scanalert.com/",0.2255118332254090,"hxxp://pixel.fetchback.com/",0.2582785098479044,"hxxp://tracking.searchmarketing.com/",0.2255118332254090,"hxxp://www.bathandbodyworks.com/",0.3565785397153903,"hxxps://data.coremetrics.com/",0.2255118332254090,"hxxps://dsa.csdata1.com/",0.2582785098479044,"hxxps://www25.bathandbodyworks.com/",0.2582785098479044]],["hxxp://www.bby.com/",["hxxp://pr.bby.com/",1.997796101888142]],["hxxp://www.bcpa.net/",["hxxp://www.bcpa.net/",2.610480111779820]],["hxxp://www.bestbuy.com/",["hxxp://images.bestbuy.com/",0.3002202847134803]],["hxxp://www.birdtricks.com/",["hxxp://platform.twitter.com/",0.07248643667265917,"hxxp://w.sharethis.com/",0.06123283463215506,"hxxp://www.birdtricks.com/",0.2244100642194654,"hxxps://plusone.google.com/",0.05560603361190292,"hxxps://www.facebook.com/",0.08936683973341540]],["hxxp://www.blackbookonline.info/",["hxxp://pagead2.googlesyndication.com/",0.1033920535911403,"hxxp://platform.twitter.com/",0.1334376076261725,"hxxp://www.blackbookonline.info/",0.6442120262217191,"hxxp://www.facebook.com/",0.1184148306086564,"hxxp://www.google-analytics.com/",0.1184148306086564,"hxxps://apis.google.com/",0.1184148306086564,"hxxps://plusone.google.com/",0.1184148306086564,"hxxps://ssl.gstatic.com/",0.1033920535911403,"hxxps://www.facebook.com/",0.1184148306086564]],["hxxp://www.blogtalkradio.com/",["hxxp://b.scorecardresearch.com/",0.9474549345812202,"hxxp://flash.quantserve.com/",0.9474549345812202,"hxxp://lt.andomedia.com/",0.9474549345812202,"hxxp://www.blogtalkradio.com/",0.8272554279552447]],["hxxp://www.bsfinternational.org/",["hxxp://www.bsfinternational.org/",1.621770520974522]],["hxxp://www.calvaryftl.org/",["hxxp://api.monkcms.com/",0.5991768514682802,"hxxp://cdn.wibiya.com/",1.234340869383750,"hxxp://clients1.google.com/",0.4642628584224423,"hxxp://code.jquery.com/",0.4642628584224423,"hxxp://image.providesupport.com/",0.5317198549453611,"hxxp://images.calvaryftl.org/",0.4642628584224423,"hxxp://media.calvaryftl.org/",0.5519464092784961,"hxxp://wstat.wibiya.com/",0.2639323269565974,"hxxp://www.calvaryftl.org/",7.010643756684417,"hxxp://www.google.com/",0.3877861639228484]],["hxxp://www.cbsnews.com/",["hxxp://cdn.gigya.com/",1.804354218957534,"hxxp://i.i.com.com/",12.31267527791008,"hxxp://pandora.cnet.com/",2.328696470620408,"hxxp://platform.twitter.com/",3.115209848114717,"hxxp://static.ak.facebook.com/",3.115209848114717,"hxxp://tag.admeld.com/",3.115209848114717,"hxxp://www.cbsnews.com/",6.785605609754829,"hxxp://www.facebook.com/",5.736921106429082,"hxxps://s-static.ak.facebook.com/",2.066525344788971,"hxxps://www.facebook.com/",5.736921106429082]],["hxxp://www.cdc.gov/",["hxxp://mtrics.cdc.gov/",1.593480224125066,"hxxp://www.cdc.gov/",16.55316770135889,"hxxp://www.youtube.com/",1.593480224125066]],["hxxp://www.christianbook.com/",["hxxp://ajax.googleapis.com/",0.06629599800476427,"hxxp://data.coremetrics.com/",0.08089107656059175,"hxxp://g.christianbook.com/",0.9525091679146055,"hxxp://graphics.christianbook.com/",0.07592874985161040,"hxxp://www.google-analytics.com/",0.09052382840743785]],["hxxp://www.christiancourier.com/",["hxxp://connect.facebook.net/",0.1340853158771937,"hxxp://platform.twitter.com/",0.1730502794654381,"hxxp://s3.amazonaws.com/",0.1340853158771937,"hxxp://www.christiancourier.com/",0.2509802066419266,"hxxp://www.facebook.com/",0.1925327612595601,"hxxp://www.google-analytics.com/",0.1535677976713159,"hxxps://apis.google.com/",0.1535677976713159,"hxxps://plusone.google.com/",0.1535677976713159,"hxxps://ssl.gstatic.com/",0.1340853158771937,"hxxps://www.facebook.com/",0.1925327612595601]],["hxxp://www.clerk-17th-flcourts.org/",["hxxp://www.clerk-17th-flcourts.org/",2.233012329524682]],["hxxp://www.countryliving.com/",["hxxp://www.countryliving.com/",0.2292951805038169]],["hxxp://www.craftster.org/",["hxxp://www.craftster.org/",0.2963689526961985]],["hxxp://www.drnewtons.com/",["hxxp://www.drnewtons.com/",0.2718959334270519]],["hxxp://www.drugs.com/",["hxxp://ar.atwola.com/",0.4918713301294032,"hxxp://ar.voicefive.com/",0.5633398139943591,"hxxp://b.scorecardresearch.com/",0.8492137494541826,"hxxp://b.voicefive.com/",0.7062767817242704,"hxxp://drugscom.us.intellitxt.com/",0.5633398139943591,"hxxp://ds.serving-sys.com/",0.5633398139943591,"hxxp://googleads.g.doubleclick.net/",0.7777452655892271,"hxxp://images.ddccdn.com/",1.849772523563566,"hxxp://images.intellitxt.com/",1.849772523563566,"hxxp://www.googleadservices.com/",0.4918713301294032]],["hxxp://www.ebay.com/",["hxxp://ad.doubleclick.net/",0.4372542119071229,"hxxp://i.ebayimg.com/",1.213869901712312,"hxxp://include.ebaystatic.com/",0.5481993104507213,"hxxp://ir.ebaystatic.com/",0.6036718597225207,"hxxp://p.ebaystatic.com/",0.8255620568097173,"hxxp://pics.ebaystatic.com/",0.7146169582661190,"hxxp://q.ebaystatic.com/",0.6036718597225207,"hxxp://rtm.ebaystatic.com/",1.047452253896914,"hxxp://srx.main.ebayrtm.com/",1.213869901712312,"hxxp://thumbs3.ebaystatic.com/",0.6036718597225207]],["hxxp://www.ehow.com/",["hxxp://d.chango.com/",0.2190915113334816,"hxxp://dm.demdex.net/",0.2190915113334816,"hxxp://ib.adnxs.com/",0.2509253206725345,"hxxp://images.intellitxt.com/",0.314592939350640,"hxxp://pix04.revsci.net/",0.2509253206725345,"hxxp://um.simpli.fi/",0.4419281767068516,"hxxp://www.facebook.com/",0.314592939350640,"hxxps://plusone.google.com/",0.2509253206725345,"hxxps://s-static.ak.fbcdn.net/",0.2509253206725345,"hxxps://www.facebook.com/",0.3782605580287460]],["hxxp://www.etix.com/",["hxxp://www.etix.com/",0.09195995444348305]],["hxxp://www.etsy.com/",["hxxp://site.etsystatic.com/",0.05426258486514587,"hxxp://www.etsy.com/",0.09264952951453963]],["hxxp://www.evoter.com/",["hxxp://www.evoter.com/",1.593480224125066,"hxxp://www.google-analytics.com/",1.795638163006604]],["hxxp://www.eyewitnesstohistory.com/",["hxxp://ads.pointroll.com/",0.2509802066419266,"hxxp://amch.questionmarket.com/",0.1535677976713159,"hxxp://cdnx.tribalfusion.com/",0.1730502794654381,"hxxp://ec.atdmt.com/",0.1340853158771937,"hxxp://spd.pointroll.com/",0.1340853158771937,"hxxp://speed.pointroll.com/",0.1535677976713159,"hxxp://tf.nexac.com/",0.1535677976713159,"hxxp://view.atdmt.com/",0.1340853158771937,"hxxp://www.eyewitnesstohistory.com/",1.069244441995058,"hxxp://www.google-analytics.com/",0.1340853158771937]],["hxxp://www.fairexpo.com/",["hxxp://www.facebook.com/",0.05216542425834508,"hxxp://www.fairexpo.com/",0.3100414162909374,"hxxp://www.google.com/",0.08550587071452941,"hxxps://www.facebook.com/",0.05216542425834508]],["hxxp://www.fixya.com/",["hxxp://ajax.googleapis.com/",0.1487362201548565,"hxxp://b.scorecardresearch.com/",0.1487362201548565,"hxxp://c.fixya.net/",1.388142323392018,"hxxp://edge.quantserve.com/",0.3684797849914494,"hxxp://p.brilig.com/",0.1487362201548565,"hxxp://ping.crowdscience.com/",0.08676591499299839,"hxxp://pixel.quantserve.com/",0.3684797849914494,"hxxp://static.crowdscience.com/",0.08676591499299839,"hxxp://static.fixya.com/",0.3438963889419230,"hxxp://www.google-analytics.com/",0.1487362201548565]],["hxxp://www.flickr.com/",["hxxp://farm7.static.flickr.com/",0.3464267486896931,"hxxp://farm8.static.flickr.com/",0.4737619860459047,"hxxp://www.flickr.com/",0.2509253206725345]],["hxxp://www.freeplaymusic.com/",["hxxp://c.statcounter.com/",0.1318174510131417,"hxxp://www.freeplaymusic.com/",0.1556950527890318,"hxxp://www.google-analytics.com/",0.1385976039459253]],["hxxp://www.genealogybank.com/",["hxxp://images.newsbank.com/",0.06131018871950137,"hxxp://www.genealogybank.com/",0.06131018871950137]],["hxxp://www.godvine.com/",["hxxp://cdn.godvine.com/",0.8272554279552447,"hxxp://forms.aweber.com/",1.067654441207196,"hxxp://godvine.com/",1.067654441207196,"hxxp://googleads.g.doubleclick.net/",0.9474549345812202,"hxxp://s0.2mdn.net/",1.187853947833171,"hxxp://static.ak.fbcdn.net/",1.067654441207196,"hxxp://www.facebook.com/",1.916109621667928,"hxxp://www.godvine.com/",6.605154440292639,"hxxp://www.google-analytics.com/",1.187853947833171,"hxxps://www.facebook.com/",2.286091379300546]],["hxxp://www.greatcall.com/",["hxxp://www.greatcall.com/",0.2264320338734236]],["hxxp://www.greatworshipsongs.com/",["hxxp://www.3dstats.com/",0.5363927041682115,"hxxp://www.greatworshipsongs.com/",2.095140733374981]],["hxxp://www.hotlyrics.net/",["hxxp://celebritywonder.ugo.com/",2.562765142137007,"hxxp://googleads.g.doubleclick.net/",0.5363927041682115,"hxxp://ib.adnxs.com/",0.5363927041682115,"hxxp://r.nexac.com/",0.5363927041682115,"hxxp://rt.legolas-media.com/",0.6143301056285497,"hxxp://tags.bluekai.com/",0.6143301056285497,"hxxp://te10.kontera.com/",0.5363927041682115,"hxxp://view.atdmt.com/",0.5363927041682115,"hxxp://www.bkrtx.com/",0.5363927041682115,"hxxp://www.googleadservices.com/",0.5363927041682115]],["hxxp://www.houzz.com/",["hxxp://st.houzz.com/",0.1080464384637446,"hxxp://www.houzz.com/",0.1003071570569313]],["hxxp://www.hsn.com/",["hxxp://img.hsni.com/",1.419618143218490,"hxxp://js.hsn.com/",1.599718952432776,"hxxp://login.dotomi.com/",1.419618143218490,"hxxp://static.ak.facebook.com/",1.779819761647061,"hxxp://ww62.hsn.com/",1.959920570861347,"hxxp://www.facebook.com/",1.779819761647061,"hxxp://www.google-analytics.com/",1.419618143218490,"hxxps://plusone.google.com/",1.419618143218490,"hxxps://s-static.ak.facebook.com/",1.419618143218490,"hxxps://www.facebook.com/",1.779819761647061]],["hxxp://www.huffingtonpost.com/",["hxxp://ar.voicefive.com/",0.1340853158771937,"hxxp://c.betrad.com/",0.2704626884360487,"hxxp://cdn.at.atwola.com/",0.1535677976713159,"hxxp://i.huffpost.com/",0.6211473607302479,"hxxp://l.betrad.com/",0.1535677976713159,"hxxp://s.huffpost.com/",1.692683859406966,"hxxp://s0.2mdn.net/",0.1535677976713159,"hxxp://www.huffingtonpost.com/",0.4847699881713928,"hxxps://plusone.google.com/",0.1925327612595601,"hxxps://www.facebook.com/",0.2704626884360487]],["hxxp://www.igmoon.com/",["hxxp://www.igmoon.com/",0.08068732094142729,"hxxp://www.moonmodule.com/",0.1613820749665351]],["hxxp://www.igoogle.com/",["hxxp://www.google.com/",0.7338953151406709]],["hxxp://www.inspirational-bible-verses.com/",["hxxp://connect.facebook.net/",0.2190915113334816,"hxxp://pagead2.googlesyndication.com/",0.2190915113334816,"hxxp://www.christianforumsite.com/",0.2509253206725345,"hxxp://www.facebook.com/",0.4419281767068516,"hxxp://www.google.com/",0.2190915113334816,"hxxp://www.inspirational-bible-verses.com/",2.797630067796761,"hxxp://www.lduhtrp.net/",0.2190915113334816,"hxxp://www.tqlkg.com/",0.2190915113334816,"hxxps://www.facebook.com/",0.4419281767068516]],["hxxp://www.instructables.com/",["hxxp://img.instructables.com/",0.1493226059667479,"hxxp://www.instructables.com/",0.1931785339386893]],["hxxp://www.irs.gov/",["hxxp://statse.webtrendslive.com/",3.264340799999999,"hxxp://www.google-analytics.com/",2.93402060,"hxxp://www.irs.gov/",30.02027699999999,"hxxp://www.youtube.com/",2.60370040]],["hxxp://www.jewfaq.org/",["hxxp://www.jewfaq.org/",1.132071852594277]],["hxxp://www.kpbs.org/",["hxxp://ad.doubleclick.net/",0.8272554279552447,"hxxp://im.afy11.net/",0.3603524644173043,"hxxp://kpbs.media.clients.ellingtoncms.com/",6.110460046228450,"hxxp://load.s3.amazonaws.com/",0.3603524644173043,"hxxp://loadm.exelator.com/",0.3603524644173043,"hxxp://pagead2.googlesyndication.com/",0.8272554279552447,"hxxp://partner.googleadservices.com/",0.4234277162297899,"hxxp://s0.2mdn.net/",0.8272554279552447,"hxxp://v.npr.org/",0.8272554279552447,"hxxp://www.google-analytics.com/",0.9474549345812202]],["hxxp://www.latimes.com/",["hxxp://ad.doubleclick.net/",0.1154939742024375,"hxxp://edge.sharethis.com/",0.1024913413452095,"hxxp://ping.chartbeat.net/",0.1024913413452095,"hxxp://seg.sharethis.com/",0.1024913413452095,"hxxp://wd-edge.sharethis.com/",0.08948870848798138,"hxxp://www.facebook.com/",0.2065124042030337,"hxxp://www.latimes.com/",0.9606651099222606,"hxxp://www.trbimg.com/",0.1675045056313497,"hxxps://plusone.google.com/",0.1284966070596655,"hxxps://www.facebook.com/",0.2065124042030337]],["hxxp://www.legacy.com/",["hxxp://mi-static.legacy.com/",0.06131018871950137,"hxxp://s7.addthis.com/",0.05099065200433781,"hxxp://www.legacy.com/",0.08538743082888939,"hxxp://www.sun-sentinel.com/",0.1541860191559738]],["hxxp://www.lg.com/",["hxxp://www.lg.com/",0.1254423786898893]],["hxxp://www.lifeskillsintl.org/",["hxxp://img.constantcontact.com/",2.029250494215001,"hxxp://shopsite.fatcow.com/",0.9474549345812202,"hxxp://vp.mgnetwork.net/",0.9474549345812202,"hxxp://www.blogtalkradio.com/",0.8272554279552447,"hxxp://www.lifeskillsintl.org/",2.870647040596828,"hxxp://www.youtube.com/",0.9474549345812202]],["hxxp://www.lifesongfororphans.org/",["hxxp://www.lifesongfororphans.org/",0.06932479930074195]],["hxxp://www.masterfile.com/",["hxxp://image1.masterfile.com/",0.06222756001136087]],["hxxp://www.metropcs.com/",["hxxp://www.metropcs.com/",0.4137386960633475]],["hxxp://www.miami.com/",["hxxp://s0.2mdn.net/",0.05786888098935684,"hxxp://www.facebook.com/",0.05786888098935684,"hxxp://www.miami.com/",0.1650122547023245,"hxxps://www.facebook.com/",0.05786888098935684]],["hxxp://www.moma.org/",["hxxp://www.moma.org/",0.1086785747161983]],["hxxp://www.motorola.com/",["hxxp://elicit.blob.core.windows.net/",0.1284966070596655,"hxxp://motorola-b2c_usa.baynote.net/",0.1935097713458059,"hxxp://motorola.elicitapp.com/",0.1414992399168937,"hxxp://pixel.mathtag.com/",0.1024913413452095,"hxxp://s7.addthis.com/",0.1675045056313497,"hxxp://statse.webtrendslive.com/",0.1675045056313497,"hxxp://store.motorola.com/",0.08948870848798138,"hxxp://www.facebook.com/",0.1284966070596655,"hxxp://www.motorola.com/",1.480770424211387,"hxxps://www.facebook.com/",0.1284966070596655]],["hxxp://www.myflorida.com/",["hxxp://www.google-analytics.com/",0.08162705424816293,"hxxp://www.google.com/",0.08162705424816293,"hxxp://www.myflorida.com/",0.7717614122112387]],["hxxp://www.myfloridalegal.com/",["hxxp://www.myfloridalegal.com/",0.4038475939414627]],["hxxp://www.myphotoramblings.com/",["hxxp://www.blogger.com/",0.05856416364565586]],["hxxp://www.mypillow.com/",["hxxp://www.google-analytics.com/",1.779819761647061,"hxxp://www.mypillow.com/",8.083348084147069,"hxxp://www.youtube.com/",1.419618143218490,"hxxps://seal.thawte.com/",1.419618143218490]],["hxxp://www.naturalnews.com/",["hxxp://graph.facebook.com/",0.06317271651504743,"hxxp://www.naturalnews.com/",0.2672540468144369]],["hxxp://www.nbcmiami.com/",["hxxp://media.nbcmiami.com/",0.06156243396176346,"hxxp://www.nbcmiami.com/",0.05668714804243120]],["hxxp://www.newswithviews.com/",["hxxp://www.newswithviews.com/",0.1263969849672664]],["hxxp://www.officedepot.com/",["hxxp://static.www.odcdn.com/",0.06838577224875575]],["hxxp://www.oneplace.com/",["hxxp://media.salemwebnetwork.com/",0.1340928027045344]],["hxxp://www.pressies4princesses.co.uk/",["hxxp://www.pressies4princesses.co.uk/",0.06910204799487217]],["hxxp://www.proflowers.com/",["hxxp://a1128.g.akamai.net/",2.653241029228566,"hxxp://googleads.g.doubleclick.net/",0.1674678746663341,"hxxp://wa.proflowers.com/",0.1674678746663341,"hxxp://www.google.com/",0.1462219502683663,"hxxp://www.googleadservices.com/",0.1462219502683663,"hxxps://a248.e.akamai.net/",0.4861567406358502,"hxxps://cdn.mercent.com/",0.1462219502683663,"hxxps://connect.facebook.net/",0.1462219502683663,"hxxps://www.facebook.com/",0.1674678746663341,"hxxps://www.googleadservices.com/",0.1462219502683663]],["hxxp://www.psychologytoday.com/",["hxxp://badge.stumbleupon.com/",0.1774267417082961,"hxxp://rsrc2.psychologytoday.com/",0.2674641927244462,"hxxp://rsrc3.psychologytoday.com/",0.4250297320027094,"hxxp://www.facebook.com/",0.2224454672163711,"hxxp://www.google-analytics.com/",0.1774267417082961,"hxxp://www.psychologytoday.com/",0.8313602545965212,"hxxps://plusone.google.com/",0.1774267417082961,"hxxps://s-static.ak.fbcdn.net/",0.1774267417082961,"hxxps://ssl.gstatic.com/",0.1549173789542586,"hxxps://www.facebook.com/",0.2224454672163711]],["hxxp://www.publicbroadcasting.net/",["hxxp://loglady.publicbroadcasting.net/",0.8272554279552447,"hxxp://www.google-analytics.com/",0.8272554279552447,"hxxp://www.publicbroadcasting.net/",1.788851480963050]],["hxxp://www.qvc.com/",["hxxp://images-p.qvc.com/",0.1045476283381934,"hxxp://www.qvc.com/",0.1291154183204028]],["hxxp://www.randmcnally.com/",["hxxp://ad.doubleclick.net/",0.3579891655127429,"hxxp://clients1.google.com/",0.3579891655127429,"hxxp://maps.randmcnally.com/",1.554346120345925,"hxxp://pix04.revsci.net/",0.4100046852880986,"hxxp://pixel.traveladvertising.com/",0.4620202050634544,"hxxp://randmcnally-temp.s3.amazonaws.com/",0.5660512446141659,"hxxp://s0.2mdn.net/",0.5660512446141659,"hxxp://www.google.com/",0.5140357248388097,"hxxp://www.randmcnally.com/",1.647465912390019,"hxxp://www.traveladvertising.com/",0.4620202050634544]],["hxxp://www.realitytvworld.com/",["hxxp://bid.openx.net/",0.06457755739909867,"hxxp://www.burstnet.com/",0.1848864314576936,"hxxps://www.facebook.com/",0.05956468764665716]],["hxxp://www.retrevo.com/",["hxxp://ad.doubleclick.net/",0.05851763920149107,"hxxp://b.scorecardresearch.com/",0.05430238553019721,"hxxp://c.betrad.com/",0.07959390755796038,"hxxp://ib.adnxs.com/",0.07537865388666641,"hxxp://l.betrad.com/",0.05008713185890333,"hxxp://r.nexac.com/",0.05008713185890333,"hxxp://tags.bluekai.com/",0.05008713185890333,"hxxp://view.atdmt.com/",0.08380916122925410,"hxxp://www.retrevo.com/",0.2271277860532449]],["hxxp://www.rockymountainministries.org/",["hxxp://connect.facebook.net/",0.4382040352989707,"hxxp://www.rockymountainministries.org/",1.520605455823777]],["hxxp://www.shopping.hp.com/",["hxxp://hpshopping.speedera.net/",0.2159986408237353]],["hxxp://www.shopwqed.org/",["hxxp://www.google-analytics.com/",1.448926806362203,"hxxp://www.shopwqed.org/",5.089783273804766]],["hxxp://www.siriusxm.com/",["hxxp://www.siriusxm.com/",0.1202537241003957]],["hxxp://www.smartmomsknow.com/",["hxxp://pagead2.googlesyndication.com/",0.0804162632000970]],["hxxp://www.snagajob.com/",["hxxp://ad.doubleclick.net/",0.2420873692027379,"hxxp://d.audienceiq.com/",0.2420873692027379,"hxxp://goweb.snagajob.com/",0.2420873692027379,"hxxp://leadback.advertising.com/",0.2420873692027379,"hxxp://media.snagajob.com/",0.2772624570356143,"hxxp://pixel.quantserve.com/",0.2420873692027379,"hxxp://rta.criteo.com/",0.2420873692027379,"hxxp://snagajobinc.tt.omtrdc.net/",0.2772624570356143,"hxxp://www.snagajob.com/",1.965666673013683,"hxxps://media.snagajob.com/",0.2420873692027379]],["hxxp://www.sott.net/",["hxxp://www.sott.net/",0.1767842205841694]],["hxxp://www.stumbleupon.com/",["hxxp://su.edgesuite.net/",0.07192979189861642]],["hxxp://www.sun-sentinel.com/",["hxxp://a.collective-media.net/",0.9204808925936929,"hxxp://edge.sharethis.com/",0.9204808925936929,"hxxp://l.collective-media.net/",1.154035745938361,"hxxp://ping.chartbeat.net/",0.8037034659213589,"hxxp://seg.sharethis.com/",0.9204808925936929,"hxxp://wd-edge.sharethis.com/",0.8037034659213589,"hxxp://www.facebook.com/",1.387590599283029,"hxxp://www.sun-sentinel.com/",12.42172021210135,"hxxps://plusone.google.com/",1.154035745938361,"hxxps://www.facebook.com/",1.387590599283029]],["hxxp://www.sunbiz.org/",["hxxp://www.sunbiz.org/",0.3137109318363656]],["hxxp://www.tampabay.com/",["hxxp://brightcove.vo.llnwd.net/",0.1514165504566804,"hxxp://www.tampabay.com/",0.1261353942643598]],["hxxp://www.tedmontgomery.com/",["hxxp://www.tedmontgomery.com/",0.2311459292032149]],["hxxp://www.thefreedictionary.com/",["hxxp://img.tfd.com/",0.07986122102591665,"hxxp://www.facebook.com/",0.05306567976064198,"hxxps://plusone.google.com/",0.05306567976064198,"hxxps://www.facebook.com/",0.05306567976064198]],["hxxp://www.trulia.com/",["hxxp://ad.doubleclick.net/",0.2984710255766510,"hxxp://css.trulia-cdn.com/",0.3679779767383367,"hxxp://js.trulia-cdn.com/",0.3448089930177751,"hxxp://maps.googleapis.com/",0.2521330581355273,"hxxp://maps.gstatic.com/",0.3911469604588990,"hxxp://mt0.googleapis.com/",0.3679779767383367,"hxxp://mt1.googleapis.com/",0.3448089930177751,"hxxp://static.trulia-cdn.com/",0.6460057813850805,"hxxp://tags.mathtag.com/",0.1594571232532794,"hxxp://view.atdmt.com/",0.1826261069738414]],["hxxp://www.truthforlife.org/",["hxxp://api-public.addthis.com/",0.5363927041682115,"hxxp://mediacdn.disqus.com/",1.627516324612948,"hxxp://s7.addthis.com/",1.004017112930241,"hxxp://truthforlife.disqus.com/",0.7702049085492259,"hxxp://truthforlife.org/",0.6922675070888882,"hxxp://www.facebook.com/",0.6143301056285497,"hxxp://www.google-analytics.com/",0.6143301056285497,"hxxp://www.truthforlife.org/",2.874514747978362,"hxxps://www.facebook.com/",0.6143301056285497]],["hxxp://www.umc.org/",["hxxp://connect.facebook.net/",0.07745497520065837,"hxxp://juggler.services.disqus.com/",0.08870911689648056,"hxxp://mediacdn.disqus.com/",0.3363002342045677,"hxxp://pubads.g.doubleclick.net/",0.1112174002881248,"hxxp://s7.addthis.com/",0.1449798253755912,"hxxp://umc.disqus.com/",0.09996325859230271,"hxxp://www.facebook.com/",0.1562339670714134,"hxxp://www.google-analytics.com/",0.09996325859230271,"hxxp://www.umc.org/",0.7752117603416313,"hxxps://www.facebook.com/",0.1562339670714134]],["hxxp://www.urbandictionary.com/",["hxxp://ajax.googleapis.com/",0.08948870848798138,"hxxp://api.urbandictionary.com/",0.05764786114720129,"hxxp://beacon-1.newrelic.com/",0.05198391427459272,"hxxp://pixel.quantserve.com/",0.05198391427459272,"hxxp://static0.urbandictionary.com/",0.08948870848798138,"hxxp://www.google-analytics.com/",0.05764786114720129,"hxxp://www.googletagservices.com/",0.05198391427459272,"hxxps://d1ros97qkrwjf5.cloudfront.net/",0.05198391427459272,"hxxps://www.facebook.com/",0.07065049400442937]],["hxxp://www.vat19.com/",["hxxp://images1.vat19.com/",0.07431903801585141]],["hxxp://www.vets4vets.us/",["hxxp://farm3.staticflickr.com/",0.9021338485453212,"hxxp://farm4.staticflickr.com/",0.9021338485453212,"hxxp://farm6.staticflickr.com/",0.9021338485453212,"hxxp://geo.yahoo.com/",0.9021338485453212,"hxxp://greatnonprofits.org/",1.164292402823449,"hxxp://in.getclicky.com/",1.164292402823449,"hxxp://www.google-analytics.com/",2.737243728492213,"hxxp://www.google.com/",1.426450957101576,"hxxp://www.vets4vets.us/",7.587176982637566,"hxxp://www.youtube.com/",0.9021338485453212]],["hxxp://www.vetstreet.com/",["hxxp://s3.amazonaws.com/",2.461340633730833,"hxxp://static.ak.facebook.com/",0.3531214572730828,"hxxp://statse.webtrendslive.com/",0.2816564004440068,"hxxp://www.facebook.com/",0.4245865141021594,"hxxp://www.google-analytics.com/",0.2459238720294686,"hxxps://plusone.google.com/",0.2816564004440068,"hxxps://s-static.ak.facebook.com/",0.2816564004440068,"hxxps://s3.amazonaws.com/",0.4603190425166974,"hxxps://ssl.gstatic.com/",0.2459238720294686,"hxxps://www.facebook.com/",0.4960515709312355]],["hxxp://www.vindy.com/",["hxxp://media2.vindy.com/",1.159751790260911,"hxxp://media3.vindy.com/",2.778211378162330,"hxxp://media5.vindy.com/",3.219609447589989,"hxxp://platform.twitter.com/",1.159751790260911,"hxxp://static.ak.facebook.com/",1.159751790260911,"hxxp://trgc.opt.fimserve.com/",1.012619100451691,"hxxp://www.facebook.com/",1.159751790260911,"hxxps://plusone.google.com/",1.159751790260911,"hxxps://s-static.ak.facebook.com/",1.159751790260911,"hxxps://www.facebook.com/",1.159751790260911]],["hxxp://www.visualphotos.com/",["hxxp://www.visualphotos.com/",0.07946349158241520]],["hxxp://www.walmart.com/",["hxxp://i.walmartimages.com/",0.1906492580979528,"hxxp://i2.walmartimages.com/",0.1737688550371966]],["hxxp://www.washingtonpost.com/",["hxxp://commerce.washingtonpost.com/",1.228719130438231,"hxxp://d34wpjv4rf3nwa.cloudfront.net/",1.228719130438231,"hxxp://img.wpdigital.net/",4.814011518507993,"hxxp://img3.wpdigital.net/",2.977841595569212,"hxxp://js.washingtonpost.com/",20.48298798366501,"hxxp://static.ak.facebook.com/",1.540483685922558,"hxxp://www.facebook.com/",1.540483685922558,"hxxp://www.surveygizmo.com/",1.072836852696067,"hxxp://www.washingtonpost.com/",20.14653948068085,"hxxps://www.facebook.com/",1.540483685922558]],["hxxp://www.yahoo.com/",["hxxp://ad.doubleclick.net/",1.631074259141757,"hxxp://d.audienceiq.com/",0.7852079619709004,"hxxp://dstest3.yahoo.com/",0.5888054596093199,"hxxp://l.yimg.com/",13.64379493812347,"hxxp://l1.yimg.com/",7.572429039513624,"hxxp://s0.2mdn.net/",1.631074259141757,"hxxp://socialprofiles.zenfs.com/",1.351711339782644,"hxxp://srd.yahoo.com/",0.7852079619709004,"hxxp://us.bc.yahoo.com/",1.351711339782644,"hxxp://www.yahoo.com/",0.9816104643324813]],["hxxp://www.yelp.com/",["hxxp://connect.facebook.net/",0.8514975635906711,"hxxp://media1.ak.yelpcdn.com/",1.346385036446787,"hxxp://media3.ak.yelpcdn.com/",2.307174680874570,"hxxp://s3-media2.ak.yelpcdn.com/",1.457346034993204,"hxxp://secure-us.imrworldwide.com/",0.8514975635906711,"hxxp://www.facebook.com/",0.9752194318047001,"hxxp://www.google-analytics.com/",1.222663168232758,"hxxp://www.yelp.com/",0.8514975635906711,"hxxps://s-static.ak.fbcdn.net/",0.9752194318047001,"hxxps://www.facebook.com/",0.9752194318047001]],["hxxp://www.youtube.com/",["hxxp://clients1.google.com/",2.378618083305070,"hxxp://csi.gstatic.com/",1.180499345047702,"hxxp://i1.ytimg.com/",1.362988188766524,"hxxp://i2.ytimg.com/",1.938376138434949,"hxxp://i3.ytimg.com/",2.222550972873532,"hxxp://i4.ytimg.com/",1.107230837771799,"hxxp://s.ytimg.com/",2.60370040,"hxxp://s0.2mdn.net/",1.629793871894216,"hxxp://www.gstatic.com/",1.030734502765531,"hxxps://clients1.google.com/",1.030734502765531]],["hxxp://www.youversion.com/",["hxxp://beacon-1.newrelic.com/",0.3098496157268584,"hxxp://www.google-analytics.com/",0.3548705000632396,"hxxp://www.youversion.production.s3.amazonaws.com/",1.345329955463623,"hxxps://d1ros97qkrwjf5.cloudfront.net/",0.3098496157268584]],["hxxp://www.zazzle.com/",["hxxp://asset.zcache.com/",0.5965913899198754,"hxxp://googleads.g.doubleclick.net/",0.08948870848798138,"hxxp://rlv.zcache.com/",0.5835887570626474,"hxxp://tlcint.teracent.net/",0.08948870848798138,"hxxp://track.www.zazzle.com/",0.1024913413452095,"hxxp://www.zazzle.com/",0.4795676942048233,"hxxps://www.googleadservices.com/",0.08948870848798138]],["hxxp://www.zedge.net/",["hxxp://www.zedge.net/",0.09096356971029332]],["hxxp://y.cdn.adblade.com/",["hxxp://b.scorecardresearch.com/",1.067163394361186,"hxxp://edge.quantserve.com/",0.7852079619709004,"hxxp://pixel.quantserve.com/",0.7852079619709004,"hxxp://static.cdn.adblade.com/",1.134279064717669]],["hxxp://yahoo.com/",["hxxp://www.yahoo.com/",0.4291301025998824]],["hxxp://youtube.com/",["hxxp://www.youtube.com/",0.3145341672676688]],["hxxp://ytaahg.hs.llnwd.net/",["hxxp://ytaahg.hs.llnwd.net/",0.1106305572969446]],["hxxps://aalf.fldfs.com/",["hxxps://aalf.fldfs.com/",0.07092966271702028]],["hxxps://accounts.google.com/",["hxxps://accounts.youtube.com/",0.8019614090470532,"hxxps://apis.google.com/",0.7002200362575015,"hxxps://lh6.googleusercontent.com/",0.7002200362575015,"hxxps://mail.google.com/",0.8019614090470532,"hxxps://plus.google.com/",1.005444154626156,"hxxps://ssl.google-analytics.com/",0.8019614090470532,"hxxps://ssl.gstatic.com/",1.514151018573913]],["hxxps://acrobat.com/",["hxxps://acrobat.com/",0.6012381688179009,"hxxps://adobe.demdex.net/",0.1373479024077203,"hxxps://adobe.tt.omtrdc.net/",0.1218848935273809,"hxxps://secure.eloqua.com/",0.1218848935273809,"hxxps://sstats.adobe.com/",0.1218848935273809,"hxxps://use.typekit.com/",0.1064218846470415,"hxxps://www.adobe.com/",0.1528109112880595]],["hxxps://apps.facebook.com/",["hxxps://apps.facebook.com/",1.688240235367076,"hxxps://fbcdn-photos-a.akamaihd.net/",1.867021392405337,"hxxps://fbcdn-profile-a.akamaihd.net/",1.474060504014537,"hxxps://puzzledhearts.com/",2.116599698072155,"hxxps://s-static.ak.facebook.com/",0.1993488609024297,"hxxps://s-static.ak.fbcdn.net/",2.106305060435548,"hxxps://view.atdmt.com/",0.2321202981126769,"hxxps://woobox.com/",0.2816564004440068,"hxxps://wwf-fb.zyngawithfriends.com/",0.05681858213643413,"hxxps://www.facebook.com/",1.250475155519695]],["hxxps://banking.chase.com/",["hxxps://ad.doubleclick.net/",0.8252104394869666,"hxxps://banking.chase.com/",2.536219182283205,"hxxps://chaseonline.chase.com/",3.604287458394328,"hxxps://www.chase.com/",1.151851834584849]],["hxxps://bay.gateway.messenger.live.com/",["hxxps://bay.gateway.messenger.live.com/",0.5240487815654054]],["hxxps://bay157.mail.live.com/",["hxxps://accountservices.msn.com/",0.2321202981126769,"hxxps://bay157.mail.live.com/",0.7380235119479980,"hxxps://geo.messenger.services.live.com/",0.2321202981126769,"hxxps://gfx5.hotmail.com/",0.2321202981126769,"hxxps://gfx7.hotmail.com/",0.6507764511980512,"hxxps://h.live.com/",0.1105434796892706,"hxxps://js2.wlxrs.com/",0.2563842153691006,"hxxps://secure.shared.live.com/",0.3152362417471168,"hxxps://secure.wlxrs.com/",0.7936595572269670]],["hxxps://bay163.mail.live.com/",["hxxps://bay163.mail.live.com/",3.436133845267418,"hxxps://geo.messenger.services.live.com/",0.5784570645989755,"hxxps://gfx5.hotmail.com/",0.9146543329129095,"hxxps://gfx6.hotmail.com/",1.334900918305328,"hxxps://gfx7.hotmail.com/",3.183985894031967,"hxxps://h.live.com/",0.9146543329129095,"hxxps://js2.wlxrs.com/",2.096063159281260,"hxxps://login.live.com/",0.5784570645989755,"hxxps://secure.shared.live.com/",1.546143833331183,"hxxps://secure.wlxrs.com/",7.924649114950558]],["hxxps://baymsg1020226.gateway.messenger.live.com/",["hxxps://baymsg1020226.gateway.messenger.live.com/",0.05402292983497204]],["hxxps://baymsg1020323.gateway.messenger.live.com/",["hxxps://baymsg1020323.gateway.messenger.live.com/",1.014599868330638,"hxxps://secure.shared.live.com/",0.9021338485453212]],["hxxps://baymsg1030110.gateway.messenger.live.com/",["hxxps://baymsg1030110.gateway.messenger.live.com/",0.2677157915317719,"hxxps://secure.shared.live.com/",0.2321202981126769]],["hxxps://bookextras.amazon.com/",["hxxps://bookextras.amazon.com/",0.5019353454915151,"hxxps://images-na.ssl-images-amazon.com/",0.2321202981126769]],["hxxps://by2msg3010508.gateway.messenger.live.com/",["hxxps://by2msg3010508.gateway.messenger.live.com/",0.1438794773587755,"hxxps://secure.shared.live.com/",0.06182038183259062]],["hxxps://by2msg3010513.gateway.messenger.live.com/",["hxxps://by2msg3010513.gateway.messenger.live.com/",0.3670278218020959]],["hxxps://by2msg3020112.gateway.messenger.live.com/",["hxxps://by2msg3020112.gateway.messenger.live.com/",0.2947848428664119]],["hxxps://by2msg4010513.gateway.messenger.live.com/",["hxxps://by2msg4010513.gateway.messenger.live.com/",0.9406187243133490]],["hxxps://by2msg4030118.gateway.messenger.live.com/",["hxxps://by2msg4030118.gateway.messenger.live.com/",0.9172866129825965]],["hxxps://care.siriusxm.com/",["hxxps://care.siriusxm.com/",0.2046568162107177]],["hxxps://chaseonline.chase.com/",["hxxps://chaseonline.chase.com/",22.28065359567194,"hxxps://cm.g.doubleclick.net/",0.2747833115694878,"hxxps://d.xp1.ru4.com/",0.3147090918830031,"hxxps://dsa.csdata1.com/",0.9664379393807875,"hxxps://mfasa.chase.com/",0.5674862235207854,"hxxps://poc.clixmetrix.com/",0.6578382309785912,"hxxps://s.xp1.ru4.com/",0.8147414961413221,"hxxps://www.chase.com/",1.975772209965414]],["hxxps://d3l3lkinz3f56t.cloudfront.net/",["hxxps://altfarm.mediaplex.com/",0.1004484818254005,"hxxps://secure.img-cdn.mediaplex.com/",0.1004484818254005]],["hxxps://docs.google.com/",["hxxps://docs.google.com/",0.6926131043075241,"hxxps://ssl.gstatic.com/",0.3099342542442337,"hxxps://www.google.com/",0.1997114813661075]],["hxxps://facebook.involver.com/",["hxxps://ajax.googleapis.com/",1.351711339782644,"hxxps://embednr.involver.com/",5.8689688940990,"hxxps://facebook.involver.com/",1.548113842144225]],["hxxps://fls.doubleclick.net/",["hxxps://ad.yieldmanager.com/",1.159751790260911,"hxxps://ads.revsci.net/",1.012619100451691,"hxxps://cs.specificclick.net/",1.012619100451691,"hxxps://ds.contextweb.com/",1.012619100451691,"hxxps://ib.adnxs.com/",1.012619100451691,"hxxps://mpp.specificclick.net/",1.012619100451691,"hxxps://p.opt.fimserve.com/",1.012619100451691,"hxxps://roi.adsonar.com/",1.012619100451691,"hxxps://secure.ace-tag.advertising.com/",1.012619100451691,"hxxps://smp.specificmedia.com/",1.012619100451691]],["hxxps://geo.messenger.services.live.com/",["hxxps://geo.messenger.services.live.com/",0.2757802865071738,"hxxps://secure.shared.live.com/",0.2172828576019555]],["hxxps://home.mcafee.com/",["hxxps://home.mcafee.com/",1.239517334004204]],["hxxps://js2.wlxrs.com/",["hxxps://js2.wlxrs.com/",0.07061699325982597]],["hxxps://login.yahoo.com/",["hxxps://akamai.turn.com/",0.1288232791794224,"hxxps://login.yahoo.com/",0.06925028873458280,"hxxps://login.yahoo.net/",0.09729336826236705,"hxxps://s.yimg.com/",0.2689960949600274]],["hxxps://login.yahoo.net/",["hxxps://ad.doubleclick.net/",0.1951867866354886,"hxxps://s.yimg.com/",0.1664519551164774,"hxxps://static.doubleclick.net/",0.1951867866354886]],["hxxps://mail.google.com/",["hxxps://apis.google.com/",0.4908798317005592,"hxxps://chatenabled.mail.google.com/",0.5699724385260910,"hxxps://clients2.google.com/",0.4040370376060454,"hxxps://lh6.googleusercontent.com/",0.4811876602123704,"hxxps://mail-attachment.googleusercontent.com/",0.5699724490695962,"hxxps://mail.google.com/",23.38449139015640,"hxxps://pagead2.googleadservices.com/",0.3225168359980598,"hxxps://plus.google.com/",1.745611691565691,"hxxps://ssl.gstatic.com/",5.579795993813218,"hxxps://www.google.com/",0.5699724385260910]],["hxxps://messagecenter.chase.com/",["hxxps://messagecenter.chase.com/",2.475563273246260,"hxxps://www.chase.com/",0.9837898346618312]],["hxxps://mfasa.chase.com/",["hxxps://mfasa.chase.com/",1.853835518121537]],["hxxps://myaccount.metropcs.com/",["hxxps://myaccount.metropcs.com/",0.2172119087609895,"hxxps://ssl.google-analytics.com/",0.06603537856732562]],["hxxps://payments.chase.com/",["hxxps://chaseonline.chase.com/",2.745854700912397,"hxxps://chat.chase.com/",1.097107513595605,"hxxps://payments.chase.com/",1.484227057907064,"hxxps://poc.clixmetrix.com/",1.344563115942485,"hxxps://www.chase.com/",2.474049467294583,"hxxps://xos.chase.com/",1.950532394969525]],["hxxps://plus.google.com/",["hxxps://plus.google.com/",1.320604615120]],["hxxps://plusone.google.com/",["hxxps://apis.google.com/",0.06496407869187547]],["hxxps://poc.clixmetrix.com/",["hxxps://poc.clixmetrix.com/",0.5839369578857595]],["hxxps://quality-s.qvc.com/",["hxxps://quality-s.qvc.com/",0.09407189059462802]],["hxxps://read.amazon.com/",["hxxps://bookextras.amazon.com/",0.2321202981126769,"hxxps://dsck18ahv3gbi.cloudfront.net/",0.6368428691809343,"hxxps://read.amazon.com/",1.716103058696285]],["hxxps://s-static.ak.facebook.com/",["hxxps://facebook.involver.com/",0.1117242815144551]],["hxxps://secure.metropcs.com/",["hxxps://hola.metropcs.com/",0.2389224193927897,"hxxps://sales.liveperson.net/",0.2389224193927897,"hxxps://secure.metropcs.com/",1.870537915929873,"hxxps://server.iad.liveperson.net/",0.4472137593762470,"hxxps://ssl.google-analytics.com/",0.3083528660539422]],["hxxps://secure.shared.live.com/",["hxxps://bay.gateway.messenger.live.com/",0.05680247032440249,"hxxps://baymsg1020323.gateway.messenger.live.com/",0.08694376159341274,"hxxps://by2msg4030118.gateway.messenger.live.com/",0.05680247032440249,"hxxps://js2.wlxrs.com/",0.05563270905182591]],["hxxps://secure.vimeo.com/",["hxxps://gw012.lphbs.com/",0.1028926112341386,"hxxps://gw074.lphbs.com/",0.07972473850592197,"hxxps://player.vimeo.com/",0.1376444203264635,"hxxps://sb.scorecardresearch.com/",0.09130867487003032,"hxxps://secure-a.vimeocdn.com/",0.1028926112341386]],["hxxps://service.mcafee.com/",["hxxps://service.mcafee.com/",0.05789008387375567]],["hxxps://signin.ebay.com/",["hxxps://secureinclude.ebaystatic.com/",0.8764500978772359,"hxxps://secureir.ebaystatic.com/",2.022577148947466,"hxxps://securepics.ebaystatic.com/",1.767882248709637,"hxxps://srv.main.ebayrtm.com/",0.8764500978772359]],["hxxps://signup.netflix.com/",["hxxps://ad.yieldmanager.com/",0.09867701354733653,"hxxps://netflix.hs.llnwd.net/",2.619304462695387,"hxxps://r.casalemedia.com/",0.06461448045074147,"hxxps://secure.adnxs.com/",0.06461448045074147,"hxxps://secure.leadback.advertising.com/",0.06461448045074147,"hxxps://signup.netflix.com/",0.3711772783200963,"hxxps://switch.atdmt.com/",0.06461448045074147,"hxxps://view.atdmt.com/",0.09867701354733653]],["hxxps://snt101.mail.live.com/",["hxxps://geo.messenger.services.live.com/",0.1488378099287698,"hxxps://gfx5.hotmail.com/",0.2569678427830043,"hxxps://gfx6.hotmail.com/",0.3472983771779918,"hxxps://gfx7.hotmail.com/",0.4892657701146714,"hxxps://gfx8.hotmail.com/",0.1704638164996168,"hxxps://h.live.com/",0.1704638164996168,"hxxps://js2.wlxrs.com/",0.1853707366282146,"hxxps://secure.shared.live.com/",0.2119714784602604,"hxxps://secure.wlxrs.com/",0.8466523481942617,"hxxps://snt101.mail.live.com/",0.5081732890105077]],["hxxps://support.google.com/",["hxxps://apis.google.com/",0.6956277844816872,"hxxps://clients1.google.com/",0.6956277844816872,"hxxps://fonts.googleapis.com/",0.7967019070132142,"hxxps://plusone.google.com/",0.6956277844816872,"hxxps://ssl.google-analytics.com/",0.9988501520762677,"hxxps://ssl.gstatic.com/",0.6956277844816872,"hxxps://support.google.com/",1.403146642202376,"hxxps://themes.googleusercontent.com/",0.7967019070132142,"hxxps://www.google.com/",2.211739622454593]],["hxxps://talkgadget.google.com/",["hxxps://apis.google.com/",0.09599522855974119,"hxxps://talkgadget.google.com/",0.7736796103230978]],["hxxps://view.atdmt.com/",["hxxps://a248.e.akamai.net/",0.5634880255414210]],["hxxps://woobox.com/",["hxxps://ajax.googleapis.com/",0.1623097555394491,"hxxps://connect.facebook.net/",0.1623097555394491,"hxxps://s-static.ak.facebook.com/",0.2330601618002349,"hxxps://ssl.google-analytics.com/",0.1858932242930445,"hxxps://woobox.com/",0.2330601618002349,"hxxps://www.facebook.com/",0.1858932242930445]],["hxxps://wwf-fb.zyngawithfriends.com/",["hxxps://api.zynga.com/",0.1531993967543666,"hxxps://fbcdn-profile-a.akamaihd.net/",0.1531993967543666,"hxxps://graph.facebook.com/",0.1977188795718749,"hxxps://s-static.ak.facebook.com/",0.3090175866156457,"hxxps://s-static.ak.fbcdn.net/",0.1754591381631209,"hxxps://wwf-fb.static.zgncdn.com/",1.392711920272606,"hxxps://zbar.zynga.com/",0.1531993967543666,"hxxps://zbar2.zynga.com/",0.1531993967543666,"hxxps://zynga1-a.akamaihd.net/",0.2888066164872832,"hxxps://zynga2-a.akamaihd.net/",0.8468581604716311]],["hxxps://www.amazon.com/",["hxxps://ad.doubleclick.net/",0.3324604995313940,"hxxps://bs.serving-sys.com/",0.1004484818254005,"hxxps://d2o307dm5mqftz.cloudfront.net/",0.1341753627477553,"hxxps://d3l3lkinz3f56t.cloudfront.net/",0.1150435603812280,"hxxps://fls.doubleclick.net/",0.05303118627145138,"hxxps://images-na.ssl-images-amazon.com/",38.66775494966080,"hxxps://pda-as.amazon.com/",0.1341753627477553,"hxxps://pda-bes.amazon.com/",0.2321202981126769,"hxxps://www.amazon.com/",2.888545557270807]],["hxxps://www.arbys.com/",["hxxps://www.arbys.com/",0.3697924426450799,"hxxps://www.facebook.com/",0.05124321335516110]],["hxxps://www.cashbackchasedebit.com/",["hxxps://a248.e.akamai.net/",4.986216854311672,"hxxps://pt200200.unica.com/",0.9837898346618312,"hxxps://www.chase.com/",0.9837898346618312]],["hxxps://www.chase.com/",["hxxps://ad.doubleclick.net/",1.950532394969525,"hxxps://ad.yieldmanager.com/",1.703076792622645,"hxxps://googleads.g.doubleclick.net/",1.703076792622645,"hxxps://mfasa.chase.com/",1.950532394969525,"hxxps://s.xp1.ru4.com/",1.703076792622645,"hxxps://secure.media6degrees.com/",0.4112925011465182,"hxxps://segment-pixel.invitemedia.com/",0.7581368758157722,"hxxps://stags.bluekai.com/",0.8186304823514012,"hxxps://www.chase.com/",19.96561380243717,"hxxps://www.googleadservices.com/",0.7581368758157722]],["hxxps://www.facebook.com/",["hxxps://s-static.ak.fbcdn.net/",1.142016863655550]],["hxxps://www.google.com/",["hxxps://lh6.googleusercontent.com/",0.2549141810344484,"hxxps://ssl.gstatic.com/",0.5105704644970797,"hxxps://www.google.com/",2.589548748831663]],["hxxps://www.justapinch.com/",["hxxps://www.justapinch.com/",0.06910204799487217]],["hxxps://www.linkedin.com/",["hxxps://pixel.quantserve.com/",1.419618143218490,"hxxps://s3-s.licdn.com/",1.599718952432776,"hxxps://s4-s.licdn.com/",1.779819761647061,"hxxps://sb.scorecardresearch.com/",1.599718952432776,"hxxps://secure-us.imrworldwide.com/",1.419618143218490,"hxxps://secure.quantserve.com/",1.239517334004204,"hxxps://ssl.google-analytics.com/",1.959920570861347,"hxxps://www.linkedin.com/",1.599718952432776]],["hxxps://www.metropcs.com/",["hxxps://fls.doubleclick.net/",0.3430680893845182,"hxxps://hola.metropcs.com/",0.2736376427233659,"hxxps://server.iad.liveperson.net/",0.2736376427233659,"hxxps://ssl.google-analytics.com/",0.4124985360456709,"hxxps://www.metropcs.com/",2.946709839177736]],["hxxps://www.shopwqed.org/",["hxxps://ssl.google-analytics.com/",1.775345902749937,"hxxps://www.shopwqed.org/",3.678094000493354]],["hxxps://www.siriusxm.com/",["hxxps://ssl.google-analytics.com/",0.8024596894134499,"hxxps://www.siriusxm.com/",1.604450450940627]],["hxxps://www.youtube.com/",["hxxps://ad-g.doubleclick.net/",0.05078531495358859,"hxxps://s.youtube.com/",0.2099627186610551,"hxxps://s.ytimg.com/",0.2517430565660072,"hxxps://s2.youtube.com/",0.3716859103899902,"hxxps://static.doubleclick.net/",0.09461320883577234,"hxxps://www.youtube.com/",0.6999906844297114]]],"startup_list":[1,"hxxp://36ohk6dgmcd1n-c.c.yom.mail.yahoo.net/","hxxp://3cp9lcoq32dpn-c.c.yom.mail.yahoo.com/","hxxp://ad.doubleclick.net/","hxxp://ads.yimg.com/","hxxp://d7.zedo.com/","hxxp://image-c.c.yom.mail.yahoo.net/","hxxp://l.yimg.com/","hxxp://mail.yimg.com/","hxxp://us.mg4.mail.yahoo.com/","hxxps://s.yimg.com/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"autoupdate":{"last_check":"12979081832716689","next_check":"12979194468973015"},"blacklistupdate":{"lastpingday":"12979033194545689","version":"0.0.0.100"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"settings":{"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_index":-2,"app_launcher_ordinal":"h","page_index":0,"page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true},"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"active_bit":false,"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"n","from_bookmark":true,"from_webstore":false,"install_time":"12976281597627746","last_active_pingday":"12979033194655689","lastpingday":"12979033194655689","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enabled":true,"origin":"hxxp://www.youtube.com"}},"current_locale":"en_US","default_locale":"en","description":"The world's most popular online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","permissions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"cofpahiphpdfimjjeohcldngadhfbaan":{"active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"w","from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"]},"install_time":"12976479533546406","lastpingday":"12979033194655689","location":1,"manifest":{"app":{"browse_urls":["hxxp://jokstop.com/"],"launch":{"web_url":"hxxp://jokstop.com/"},"urls":["hxxp://jokstop.com/"]},"description":"The best stop for free, clean, hilarious, funny jokes. So smile, laugh out loud, have fun. And most important, share the smile.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png","64":"64.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSagUaGTtnXAZ/Kp9OVPcDXtSYWpOua9efjV1aCp0n18M2ayr7itJrUKySP6i8cYsxhklGqCRMi907BBqfCel2LCT6hxOqQRDjtMtC7cX1Vjvk3Qcf/CB+xB/TIOrmZFY8Dyk9T45husxYk4oTH0f0aBkodvBl1f55t1B42Js1pQIDAQAB","name":"The Joke Stop","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"2.2"},"page_ordinal":"n","path":"cofpahiphpdfimjjeohcldngadhfbaan\\2.2_0","state":1},"coobgpohoikkiipiblmjeljniedjpjpf":{"active_bit":true,"app_launcher_ordinal":"x","from_bookmark":true,"from_webstore":false,"install_time":"12977687769688044","last_active_pingday":"12977996397029573","lastpingday":"12979033194655689","location":2,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google.com/webhp","*://www.google.com/imgres"]},"current_locale":"en_US","default_locale":"en","description":"The fastest way to search the web.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Google Search","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fheoggkfdfchfphceeifdbepaooicaho":{"active_permissions":{"api":["plugin","tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"from_bookmark":false,"from_webstore":false,"install_time":"12977158702301676","lastpingday":"12979033194655689","location":3,"manifest":{"background_page":"Background.html","content_scripts":[{"all_frames":true,"js":["ContentScript.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_end"},{"all_frames":true,"js":["ContentOnDocStart.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"}],"description":"SiteAdvisor","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrOrksCVomv4HZxXZu6eb3fMbFPlYcSWHnBa0eGSLlBx4YJU3hgqATLB9FrVu1I2kjEKU02kDNejzwnooAjAMpQLMN6rDnVLt/xgvBvwfUcqVOX2vmJvzBFUNhrShiAco662ZtJRD2B4MshsjoggFtWvpBDi3VXRzpr1I0jA0tUwIDAQAB","name":"SiteAdvisor","page_action":{"default_popup":"popup.html","default_title":"SiteAdvisor"},"permissions":["tabs","hxxp://*/*","hxxps://*/*","chrome://*"],"plugins":[{"path":"McChPlg.dll","public":false}],"version":"3.41.123.2"},"path":"fheoggkfdfchfphceeifdbepaooicaho\\3.41.123.2_0","state":1},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true},"gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":true},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kolbbghckjilleabphhgeggcgpfidofi":{"blacklist":true},"lambangeielkjcnmioccboaphdfcffib":{"from_bookmark":false,"from_webstore":true,"install_time":"12976479534041406","lastpingday":"12979033194655689","location":1,"manifest":{"browser_action":{"default_icon":"48.png","popup":"popup.html"},"description":"Live TV around the world.","icons":{"128":"128.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDW/U6hpsu4WbKn1shEfJZlDhtMtGyP3dUgXKECmPF0/Mg/6vCldzFh6ZInFFchdrnzOdfD5+dBbIyzJ+47Fe1DrbuqQE0ehD0lxSYgo/idmo7W5iTSgYudzY5YVEZq9OjSFUtKpxC2u7MLVVhNbMMs8z2YkV5/yMaOtSMUCbyGSQIDAQAB","name":"TV for Google Chrome™","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"2.2.4"},"path":"lambangeielkjcnmioccboaphdfcffib\\2.2.4_0","state":1},"lbficnmfealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjppdidhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mdiehnlecbjlppbpaaipmlnhhjgepfcg":{"blacklist":true},"mfffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljgg":{"blacklist":true},"mkobblpffgbncfhijabakfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedbhndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnkod":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":true},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"blacklist":true},"pjdhkkcnlbfebiokpeghfffajaabahfo":{"blacklist":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"active_bit":false,"active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"t","from_bookmark":true,"from_webstore":false,"install_time":"12976281599717746","last_active_pingday":"12978514794326283","lastpingday":"12979033194655689","location":2,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"en_US","default_locale":"en","description":"Fast, searchable email with less spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","state":1},"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimgafpp":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true}},"toolbar":["lambangeielkjcnmioccboaphdfcffib"],"toolbarsize":-1},"google":{"services":{"username":"[email protected]"}},"homepage":"","homepage_changed":true,"homepage_is_newtabpage":true,"hxxp_throttling":{"enabled":true},"instant":{"enabled_time":"12976237809399664"},"net":{"hxxp_server_properties":{"accounts.google.com:443":{"supports_spdy":true},"accounts.youtube.com:443":{"supports_spdy":true},"ad-emea.doubleclick.net:443":{"supports_spdy":true},"ad-g.doubleclick.net:443":{"supports_spdy":true},"ad.doubleclick.net:443":{"supports_spdy":true},"ajax.googleapis.com:443":{"supports_spdy":true},"apis.google.com:443":{"supports_spdy":true},"calendar.google.com:443":{"supports_spdy":true},"chart.googleapis.com:443":{"supports_spdy":true},"chatenabled.mail.google.com:443":{"supports_spdy":true},"checkout.google.com:443":{"supports_spdy":true},"chrome.google.com:443":{"supports_spdy":true},"clients1.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients4.google.com:443":{"supports_spdy":true},"clients6.google.com:443":{"supports_spdy":true},"csi.gstatic.com:443":{"supports_spdy":true},"docs.google.com:443":{"supports_spdy":true},"encrypted-tbn0.google.com:443":{"supports_spdy":true},"encrypted-tbn1.google.com:443":{"supports_spdy":true},"encrypted-tbn2.google.com:443":{"supports_spdy":true},"encrypted-tbn3.google.com:443":{"supports_spdy":true},"feedback.googleusercontent.com:443":{"supports_spdy":true},"fls.doubleclick.net:443":{"supports_spdy":true},"fonts.googleapis.com:443":{"supports_spdy":true},"gmail.com:443":{"supports_spdy":true},"googleads.g.doubleclick.net:443":{"supports_spdy":true},"i1.ytimg.com:443":{"supports_spdy":true},"i2.ytimg.com:443":{"supports_spdy":true},"i3.ytimg.com:443":{"supports_spdy":true},"i4.ytimg.com:443":{"supports_spdy":true},"id.google.com:443":{"supports_spdy":true},"igoogle-skins.googleusercontent.com:443":{"supports_spdy":true},"lh3.googleusercontent.com:443":{"supports_spdy":true},"lh4.googleusercontent.com:443":{"supports_spdy":true},"lh5.googleusercontent.com:443":{"supports_spdy":true},"lh6.googleusercontent.com:443":{"supports_spdy":true},"mail-attachment.googleusercontent.com:443":{"supports_spdy":true},"mail.google.com:443":{"supports_spdy":true},"maps.google.com:443":{"supports_spdy":true},"mw2.google.com:443":{"supports_spdy":true},"news.google.com:443":{"supports_spdy":true},"pagead2.googleadservices.com:443":{"supports_spdy":true},"partner.googleadservices.com:443":{"supports_spdy":true},"play.google.com:443":{"supports_spdy":true},"plus.google.com:443":{"supports_spdy":true},"plusone.google.com:443":{"supports_spdy":true},"profiles.google.com:443":{"supports_spdy":true},"qa-lighthouse.sandbox.google.com:443":{"supports_spdy":true},"s.youtube.com:443":{"supports_spdy":true},"s.ytimg.com:443":{"supports_spdy":true},"s2.googleusercontent.com:443":{"supports_spdy":true},"s2.youtube.com:443":{"supports_spdy":true},"sites.google.com:443":{"supports_spdy":true},"ssl.google-analytics.com:443":{"supports_spdy":true},"ssl.gstatic.com:443":{"supports_spdy":true},"static.doubleclick.net:443":{"supports_spdy":true},"sunsentinelvideo.appspot.com:443":{"supports_spdy":true},"support.google.com:443":{"supports_spdy":true},"talkgadget.google.com:443":{"supports_spdy":true},"themes.googleusercontent.com:443":{"supports_spdy":true},"toolbarqueries.google.com:443":{"supports_spdy":true},"www.google.com:443":{"supports_spdy":true},"www.googleadservices.com:443":{"supports_spdy":true},"www.googletagservices.com:443":{"supports_spdy":true},"www.gstatic.com:443":{"supports_spdy":true},"www.youtube.com:443":{"supports_spdy":true}}},"ntp":{"app_page_names":["Apps"],"promo_build":11,"promo_closed":false,"promo_end":1333353540.0,"promo_feature_mask":0,"promo_group":84,"promo_group_max":99,"promo_group_timeslice":0,"promo_is_logged_in_to_plus":true,"promo_line":"<b>New!</b> Browse the web with twice the mice. <a href=\"hxxp://google.com/chrome/multitask\">Try Chrome Multitask Mode</a>","promo_platform":15,"promo_resource_cache_update":"1334666517.685895","promo_start":1333267260.0,"promo_views":0,"promo_views_max":15,"sign_in_promo":{"group_max":100}},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Users\\Vicky\\AppData\\Local\\Google\\Chrome\\Application\\18.0.1025.162","plugins_list":[{"enabled":true,"name":"Remoting Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Remoting Viewer"},{"enabled":true,"name":"Native Client","path":"C:\\Users\\Vicky\\AppData\\Local\\Google\\Chrome\\Application\\18.0.1025.162\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Native Client"},{"enabled":false,"name":"Chrome PDF Viewer","path":"C:\\Users\\Vicky\\AppData\\Local\\Google\\Chrome\\Application\\18.0.1025.162\\pdf.dll","version":""},{"enabled":false,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Users\\Vicky\\AppData\\Local\\Google\\Chrome\\Application\\18.0.1025.162\\gcswf32.dll","version":"11,1,102,63"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll","version":"10.1.2.45"},{"enabled":true,"name":"Adobe Acrobat"},{"enabled":true,"name":"Google Talk Plugin","path":"C:\\Users\\Vicky\\AppData\\Roaming\\Mozilla\\plugins\\npgoogletalk.dll","version":"2.8.5.6620"},{"enabled":true,"name":"Google Talk Plugin Video Accelerator","path":"C:\\Users\\Vicky\\AppData\\Roaming\\Mozilla\\plugins\\npgtpo3dautoplugin.dll","version":"0,1,44,15"},{"enabled":true,"name":"Google Talk Plugin"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~4\\Office14\\NPAUTHZ.DLL","version":"14.0.4730.1010"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~2\\MICROS~4\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"AmazonMP3DownloaderPlugin","path":"C:\\Program Files (x86)\\Amazon\\MP3 Downloader\\npAmazonMP3DownloaderPlugin.dll","version":"1.0.15"},{"enabled":true,"name":"AmazonMP3DownloaderPlugin"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll","version":"1.3.21.111"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Java™ Platform SE 6 U31","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\plugin2\\npjp2.dll","version":"6.0.310.5"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"McAfee SiteAdvisor","path":"C:\\Program Files (x86)\\McAfee\\SiteAdvisor\\npmcffplg32.dll","version":"3,4,0,134"},{"enabled":true,"name":"McAfee SiteAdvisor"},{"enabled":true,"name":"Windows Live™ Photo Gallery","path":"C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll","version":"15.4.3538.0513_ship.wlx.w4m4 (ship)"},{"enabled":true,"name":"Windows Live™ Photo Gallery"},{"enabled":true,"name":"Facebook Video Calling Plugin","path":"C:\\Users\\Vicky\\AppData\\Local\\Facebook\\Video\\Skype\\npFacebookVideoCalling.dll","version":"1.2.0.159"},{"enabled":true,"name":"Facebook Video Calling Plugin"},{"enabled":true,"name":"Silverlight Plug-In","path":"c:\\Program Files (x86)\\Microsoft Silverlight\\5.0.61118.0\\npctrl.dll","version":"5.0.61118.0"},{"enabled":true,"name":"Silverlight Plug-In"},{"enabled":true,"name":"McAfee SecurityCenter","path":"c:\\progra~2\\mcafee\\msc\\npmcsn~1.dll","version":"11,0,630,0"},{"enabled":true,"name":"McAfee SecurityCenter"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Default Plug-in"}]},"profile":{"avatar_index":0,"content_settings":{"pattern_pairs":{"[*.]www.youtube.com,*":{"fullscreen":1},"hxxps://mail.google.com:443,*":{"notifications":1}},"patterns":{"[*.]www.youtube.com":{"fullscreen":1}},"pref_version":1},"exited_cleanly":true,"name":"First user","notification_allowed_sites":["hxxps://mail.google.com/"]},"savefile":{"default_directory":"C:\\Users\\Vicky\\Desktop","type":1},"selectfile":{"last_directory":"C:\\Users\\Vicky\\Pictures\\2012-04-16 001"},"session":{"restore_on_startup":null,"urls_to_restore_on_startup":null},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Encryption keys","Search Engines","Sessions","Apps","App Notifications"],"app_notifications":true,"apps":true,"autofill":true,"autofill_profile":true,"bookmarks":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAACz7RBhZES0Ggb4qYf4y08gAAAAACAAAAAAAQZgAAAAEAACAAAADf556OrE3awJOPOEe93x8xFNYUyheeOEjc4REhH4HKNgAAAAAOgAAAAAIAACAAAAB88bKoi2ibyWAPwj7mnlw+s/fIQPNst3xXZulRkeG77UAAAABtzUWQ5le4zooHZQI7yGPvW+UDIAnn8tKls5XL1GZQniwT4aXxsYNXKaZX04jIisCBXwx8hszBWFWck/i2QpAEQAAAAM5h3vtk/vKfSaVVwakJJq4OMMZqa3aanl7esh4Du87Jt8sknieW4+Owh0J6tSvcFuWC7wO20vCQif2PELesnT8=","extensions":true,"has_setup_completed":true,"keep_everything_synced":true,"last_synced_time":"12979182600804673","max_invalidation_versions":{"10":"1332834603172000","11":"1334113476644000","13":"1333286162893000","2":"1334438706768000","3":"1332697410312000","4":"1334113609562000","5":"1333687502208000","6":"1334323146088000","8":"1334457657227000"},"passwords":true,"preferences":true,"search_engines":true,"suppress_start":false,"themes":true,"typed_urls":true,"using_oauth":false},"sync_promo":{"show_ntp_bubble":false,"startup_count":1,"user_skipped":true,"view_count":2},"translate_accepted_count":{"de":11,"en":1,"zh-CN":1},"translate_denied_count":{"de":0,"en":0,"zh-CN":0},"translate_whitelists":{"de":"en"}}

*************************

AdwCleaner[R1].txt - [118616 octets] - [24/03/2013 21:51:41]

########## EOF - C:\AdwCleaner[R1].txt - [118678 octets] ##########

Edited by Vicky227, 24 March 2013 - 08:06 PM.

#7
godawgs

Posted 25 March 2013 - 03:53 PM

Teacher

Retired Staff
8,228 posts

Hi Vicki,

The OTL log is posted below, but there is no other OTL Extras report anywhere in my computer with today's date.

The Exxtras.txt log is only generated automatically when OTL is run the first time. The log you posted shows that this was the fourth time OTL had been run.

OTL logfile created on: 3/18/2013 4:30:42 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vicky\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

Also the date on the OTL .exe file looks like it was created back in January.

PRC - [2013/01/14 13:43:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vicky\Downloads\OTL.exe

So I'm thinking that you didn't do all the cleanup when your topic was completed back then. I'm gonna have you cleanup the old OTL. This will remove all of the OTL files. Then we will download a fresh copy and I will give you instructions that will get us the Extras.txt log.

The aswMBR scan didn't show any problems with the Master Boot Record.....that's good. The files that RogueKiller found belong to the ClickFree backup program so if you have it on the computer, or have ever had it on the computer, the files are a false positive.

AdwCleaner, on the other hand, found a bunch of junk. We will rerun AdwClwaner and have it kill everything it found and then get new OTL and Extras.txt logs.

Step-1.

Re-open the OTL program and click the Posted Image

button. This will remove the old OTL from the downloads folder.

Step-2.

Re-run AdwCleaner Fix

Close all open windows and browsers.

Re-open AdwCleaner

(Vista and 7 users)right click The adwcleaner.exe, click Run as administrator and accept the UAC prompt to run AdwCleaner.
Click the Delete button and wait for the scan.
Everything that was found will be deleted.
When the scan ends, a report appears.
Once done it will ask to reboot, allow this
On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner[S1].txt

NOTE: OTL, and all the tools are designed to be run from the desktop of the hard drive with the operating system on it. In this case the C:\ drive. All tools need to be downloaded to the desktop. If you aren't sure how to change the file download location in your browser(s) please reread my original post.Then please read the following instructions for the OTL settings carefully.

Step-3.

Posted Image

OTL

Download OTL to the Desktop. It is important that it is download to the Desktop. (FireFox users should right click the download link and click "Save File As". On the window that comes up, make sure the download location is the Desktop and click the Save button.)
(Vista and 7 users:) right click on the OTL icon and click Run as Administrator. Make sure all other windows are closed and let it run uninterrupted.
You will see a console like the one below:
Check the box beside Scan All Users at the top of the console.
Make sure the Output box at the top is set to Standard Output.
In the Extra Registry section click the radio button beside Use Safelist<---Very Important
Check the boxes beside LOP Check and Purity Check.
Click the button. Do not change any settings unless otherwise told to do so.
Let the scan run uninterrupted.
When the scan completes, it will open two notepad windows, OTL.Txt will open on the desktop and Extras.Txt will be minimized on the taskbar. These files are saved in the same location as OTL.
Please copy the contents of these files, one at a time, and paste them into your reply. To do that:
On the .txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
Right-click inside the forum post window then click Paste. This will paste the contents of the .txt file in the in the post window.

Step-4.

Things For Your Next Post:
Please post the logs in the order requested. Do Not attach the logs unless I request it.
1. The AdwCleaner[S1].txt log
2. The new OTL.txt log
3. The Extras.txt log

#8
godawgs

Posted 29 March 2013 - 04:44 PM

Teacher

Retired Staff
8,228 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.