Jump to content


Photo

Some Programs will not open all of a sudden???


  • Please log in to reply
14 replies to this topic

#1 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 13 August 2017 - 02:27 PM

Noticed when I tried a system restore for an earlier time I got a Error message(The disk OS(C:) has errors. Windows has detected file system

corruption on OS C:. You must check disc for errors before restored. I tried to scan the disk for errors and fix but got the (Windows can't check while in use.

I then checked to schedule disk check on next restart and when restarted while on black screen it checked so fast all I could get (after multiple attemps) was

a file number 766F6C756d652e63 3f1 I'm not sure what the problem is with that file(If it is a file? lol) I assume it could be a problem?

 

I am now only able to open certain files and I've noticed my Windows updates are having problems now too. Some will update some won't no matter how many times I attempt them? I assume there is a disk issue hopefully its not terminal because otherwise the computer is superfast and runs nice except for these issues I now have.

 

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/13/17
Scan Time: 1:19 PM
Log File: MBFile8-13-17.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2578
License: Free

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: DonVanHorne-HP\Don Van Horne

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 528512
Threats Detected: 20
Threats Quarantined: 20
Time Elapsed: 36 min, 19 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 6
PUP.Optional.SmartDriverUpdater, C:\USERS\DON VAN HORNE\APPDATA\ROAMING\Smart PC Solutions\Smart Driver Updater, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart PC Solutions\Smart Driver Updater\Check other products, Delete-on-Reboot, [736], [354585],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SMART PC SOLUTIONS\SMART DRIVER UPDATER, Delete-on-Reboot, [736], [354585],1.0.2578
PUP.Optional.Spigot.Generic, C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\jetpack\@Sports\simple-storage, Delete-on-Reboot, [1902], [362990],1.0.2578
PUP.Optional.Spigot.Generic, C:\USERS\DON VAN HORNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4CIQKB7X.DEFAULT-1468950079443\JETPACK\@SPORTS, Delete-on-Reboot, [1902], [362990],1.0.2578
PUP.Optional.SystemCleaner, C:\WINDOWS\SYSTEM32\TASKS\POINTSTONE\SYSTEM CLEANER, Delete-on-Reboot, [1385], [403443],1.0.2578

File: 14
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\Devices.ini, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\Drivers32.db, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\Drivers64.db, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\Exclusions.txt, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\PCInfo.ini, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.SmartDriverUpdater, C:\Users\Don Van Horne\AppData\Roaming\Smart PC Solutions\Smart Driver Updater\Scan.ini, Delete-on-Reboot, [736], [354586],1.0.2578
PUP.Optional.Spigot.Generic, C:\USERS\DON VAN HORNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4CIQKB7X.DEFAULT-1468950079443\PREFS.JS, Replaced, [1902], [361538],1.0.2578
PUP.Optional.ASK, C:\WINDOWS\INSTALLER\2ED84C.MSI, Delete-on-Reboot, [510], [113867],1.0.2578
PUP.Optional.Spigot.Generic, C:\USERS\DON VAN HORNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4CIQKB7X.DEFAULT-1468950079443\EXTENSIONS\@SPORTS.XPI, Delete-on-Reboot, [1902], [362994],1.0.2578
PUP.Optional.FullTab, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage, Delete-on-Reboot, [2025], [376100],1.0.2578
PUP.Optional.FullTab, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage-journal, Delete-on-Reboot, [2025], [376100],1.0.2578
PUP.Optional.Spigot.Generic, C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\jetpack\@Sports\simple-storage\store.json, Delete-on-Reboot, [1902], [362990],1.0.2578
PUP.Optional.FullTab, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage, Delete-on-Reboot, [2025], [376101],1.0.2578
PUP.Optional.FullTab, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage-journal, Delete-on-Reboot, [2025], [376101],1.0.2578

Physical Sector: 0
(No malicious items detected)


(end)

 

The Farbar Sec Scan Tool I clicked scan and after a few minutes got a error in bottom right that says something about

it being corrupt and to run Check Disc Utility? But it started scanning right after and here are the files:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
Ran by Don Van Horne (administrator) on DONVANHORNE-HP (13-08-2017 14:13:15)
Running from C:\Users\Don Van Horne\Downloads
Loaded Profiles: Don Van Horne (Available Profiles: Don Van Horne & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe
(Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe
() C:\Program Files (x86)\Philips\CamSuite\2.0.15.0\ACPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files (x86)\Atomic Alarm Clock\timeserv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hide My IP) C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\n360.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\n360.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\conathst.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ATTENTION
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-16] (Glarysoft Ltd)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {0c7b13d5-52e3-11e7-a092-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {d1ff534f-e17d-11e5-9127-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {fd8c2287-f628-11e2-81e0-e06995fa1427} - J:\iStudio.exe
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-25]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disabled [2013-05-24] ()
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ivacy.lnk [2017-08-13]
ShortcutTarget: Ivacy.lnk -> C:\Program Files (x86)\Ivacy\Ivacy.exe ()
BootExecute: autocheck autochk /p \??\C:autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\SysWOW64\HMIPCore.dll [356864 2015-08-10] (Hide My IP)
Winsock: Catalog9 02 C:\Windows\SysWOW64\HMIPCore.dll [356864 2015-08-10] (Hide My IP)
Winsock: Catalog9 03 C:\Windows\SysWOW64\HMIPCore.dll [356864 2015-08-10] (Hide My IP)
Winsock: Catalog9 04 C:\Windows\SysWOW64\HMIPCore.dll [356864 2015-08-10] (Hide My IP)
Winsock: Catalog9 15 C:\Windows\SysWOW64\HMIPCore.dll [356864 2015-08-10] (Hide My IP)
Winsock: Catalog9-x64 01 C:\Windows\system32\HMIPCore64.dll [463360 2015-08-10] (Hide My IP)
Winsock: Catalog9-x64 02 C:\Windows\system32\HMIPCore64.dll [463360 2015-08-10] (Hide My IP)
Winsock: Catalog9-x64 03 C:\Windows\system32\HMIPCore64.dll [463360 2015-08-10] (Hide My IP)
Winsock: Catalog9-x64 04 C:\Windows\system32\HMIPCore64.dll [463360 2015-08-10] (Hide My IP)
Winsock: Catalog9-x64 15 C:\Windows\system32\HMIPCore64.dll [463360 2015-08-10] (Hide My IP)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6C98BE56-189D-4D2C-88D2-A4C7E642731F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{CA66EA55-F081-4FE4-88E4-23D5ABB24D40}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {EDECF09A-4FFA-4871-B01A-9F71AE7066E9} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1122&geo=US&ver=22.9.3.13&locale=en_US&guid=8C397C67-5390-11E1-9798-E06995FA1427&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar64.dll [2016-07-28] (Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar.dll [2016-07-28] (Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 [2017-08-13]
FF Homepage: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> hxxps://www.google.com/
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> autoconfig_url", "data:text/javascript,var%20pac_engine%20%3D%20(function%20quine(browser)%7B%0A%0Avar%20E%20%3D%20%7B%7D%3B%0A%2F%2F%20XXX%20shachar%3A%20remove%20this%20and%20everything%20that%20uses%20it%0AE.def_ext%20%3D%20%5B'gif'%2C%20'png'%2C%20'jpg'%2C%20'mp3'%2C%20'css'%2C%20'mp4'%2C%20'wmv'%2C%20'flv'%2C%20'swf'%2C%0A%20%20%20%20'mkv'%2C%20'ico'%2C%20'f4v'%2C%20'h264'%2C%20'webp'%2C%20'webm'%5D%3B%0A%0A%2F%2F%20XXX%20note%20that%20console.log%20cannot%20be%20used%20in%20the%20pac%20file%20since%20it%20causes%0A%2F%2F%20IE10%20to%20reject%20the%20pac%20file%0Avar%20g_pac_engine%20%3D%20%7B%7D%3B%0A%0Afunction%20pac_redir(url%2C%20host%2C%20do_redir)%7B%0A%20%20%20%20if%20(!do_redir%20%7C%7C%20!g_pac_engine.redir_direct)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20ip%20%3D%20E.dns_resolver(host)%3B%0A%20%20%20%20if%20(browser.isInNet(ip%2C%20'10.0.0.0'%2C%20'255.0.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'172.16.0.0'%2C%20'255.240.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'192.168.0.0'%2C%20'255.255.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'127.0.0.0'%2C%20'255.0.0.0'))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(browser.isPlainHostName(host))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20m%20%3D%20url.match(%2F%5E.%2B%3A(%5B0-9%5D%2B)%5C%2F.*%24%2F)%3B%0A%20%20%20%20if%20(m%20%26%26%20m.length%3D%3D2%20%26%26%20m%5B1%5D!%3D'80')%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20if%20(url.match(%2F%5Ehttps%3A.*%24%2F))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20false%2C%0A%20%20%20%20%20%20%20%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.redir_port%2B'%3B%20DIRECT'%7D%3B%0A%7D%0A%0Afunction%20get_ext(url)%7B%0A%20%20%20%20var%20ext%20%3D%20''%2C%20index%20%3D%20url.indexOf('%3F')%3B%0A%20%20%20%20if%20(index%3E%3D0)%0A%20%20%20%20%20%20%20%20url%20%3D%20url.slice(0%2C%20index)%3B%0A%20%20%20%20var%20ext_index%20%3D%20url.lastIndexOf('.'%2C%20url.length)%3B%0A%20%20%20%20var%20_ext_index%20%3D%20url.lastIndexOf('%2F'%2C%20url.length)%3B%0A%20%20%20%20if%20(ext_index%3E%3D0%20%26%26%20ext_index%3E_ext_index)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(ext_index%2B1)%3B%0A%20%20%20%20else%20if%20(_ext_index%3E%3D0)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(_ext_index%2B1)%3B%0A%20%20%20%20return%20ext%3B%0A%7D%0A%0Afunction%20is_ip(host)%7B%20return%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2F.test(host)%3B%20%7D%0A%0Afunction%20handle_then(value%2C%20url%2C%20host%2C%20do_redir%2C%20exception%2C%20orig_proxy)%7B%0A%20%20%20%20if%20(value%3D%3D'DIRECT')%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20var%20n%20%3D%20value.split('%20')%3B%0A%20%20%20%20if%20(exception%20%26%26%20n%5B0%5D%3D%3D'PROXY')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(n.length%3D%3D1)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20%20%20%20%20if%20(n%5B1%5D%3D%3D'XX'%20%26%26%20orig_proxy)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20c%20%3D%20orig_proxy.split('%20')%5B1%5D.split('.')%5B0%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20'%2Bc%7D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(n.length%3C2)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20else%20if%20(!%7BPROXY%3A%201%2C%20SOCKS%3A%201%2C%20SOCKS5%3A%201%7D%5Bn%5B0%5D%5D)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20if%20(g_pac_engine.ext)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20value%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.proxy_port%7D%3B%0A%7D%0A%0Afunction%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20if%20(!cmd%5B'if'%5D)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(cmd.dst_dns)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20cmd%5B'if'%5D%20%3D%20%5B%7Bext%3A%20'def-ext'%2C%20type%3A%20'in'%2C%20then%3A%20'DIRECT'%7D%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20ext%20%3D%20get_ext(url)%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmd%5B'if'%5D.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_if%20%3D%20cmd%5B'if'%5D%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20var%20arg%20%3D%20null%2C%20value%20%3D%20null%3B%0A%20%20%20%20%20%20%20%20var%20type%20%3D%20'%3D%3D'%3B%0A%20%20%20%20%20%20%20%20if%20(!_if.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(_if.type)%0A%20%20%20%20%20%20%20%20%20%20%20%20type%20%3D%20_if.type%3B%0A%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20host%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.host%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20url%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.url%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(value%3D%3D'def-ext'%20%26%26%20!(value%20%3D%20rule%5B'def-ext'%5D))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20E.def_ext%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.main)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20opt.is_main%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.main%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20var%20cmp%3B%0A%20%20%20%20%20%20%20%20switch%20(type)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20case%20'%3D%3D'%3A%20cmp%20%3D%20arg%3D%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!%3D'%3A%20cmp%20%3D%20arg!%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3D~'%3A%20cmp%20%3D%20arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!~'%3A%20cmp%20%3D%20!arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Da'%3A%0A%20%20%20%20%20%20%20%20case%20'in'%3A%20cmp%20%3D%20value.indexOf(arg)!%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!a'%3A%0A%20%20%20%20%20%20%20%20case%20'not_in'%3A%20cmp%20%3D%20value.indexOf(arg)%3D%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Do'%3A%20cmp%20%3D%20!!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!o'%3A%20cmp%20%3D%20!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20default%3A%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(cmp)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(_if%5B'else'%5D)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if%5B'else'%5D%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.exception%2C%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%7D%0A%0Afunction%20inet_aton(str)%7B%0A%20%20%20%20var%20laddr%20%3D%200%2C%20i%2C%20parts%20%3D%20%2F%5E(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%24%2F.exec(str)%3B%0A%20%20%20%20if%20(!parts)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20parts.shift()%3B%0A%20%20%20%20for%20(i%3D0%3B%20i%3Cparts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20laddr%20*%3D%20256%3B%0A%20%20%20%20%20%20%20%20laddr%20%2B%3D%20%2Bparts%5Bi%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20laddr%3B%0A%7D%0A%0Afunction%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%7B%0A%20%20%20%20var%20_cif%20%3D%20cmd%5B'if'%5D%2C%20i%3B%0A%20%20%20%20if%20(_cif)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%3D0%3B%20i%3C_cif.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_if%20%3D%20_cif%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.type%3D%3D'%3D~'%20%7C%7C%20_if.type%3D%3D'!~')%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.host%20%3D%20new%20RegExp(_if.host)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.url%20%3D%20new%20RegExp(_if.url)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.ext%20%3D%20new%20RegExp(_if.ext)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!cmd.hosts)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.hosts%5B'*'%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%7D%0A%20%20%20%20for%20(i%3D0%3B%20i%3Ccmd.hosts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_host%20%3D%20cmd.hosts%5Bi%5D%2C%20n%3B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20_host.match(%2F%5E((%5Cd%7B1%2C3%7D%5C.)%7B3%7D%5Cd%7B1%2C3%7D)(%5C%2F(%5Cd%2B))%3F%24%2F))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!cmd.ips)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20cmd.ips%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20bits%20%3D%2032%20-%20(n%5B4%5D%20%3F%20%2Bn%5B4%5D%20%3A%2032)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(bits%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20bits%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20mask%20%3D%20inet_aton(n%5B1%5D)%20%3E%3E%3E%20bits%20%3C%3C%20bits%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.ips.push(%7Bmask%3A%20mask%2C%20bits%3A%20bits%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20func%3A%20function(url%2C%20host%2C%20do_redir%2C%20exception)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20exception)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%7D)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20hosts.hosts%5B_host%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%7D%0A%7D%0A%0Afunction%20parse_cmds(name%2C%20rule%2C%20rules%2C%20hosts%2C%20by_rules)%7B%0A%20%20%20%20var%20cmds%20%3D%20rule.cmds%3B%0A%20%20%20%20if%20(!cmds)%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmds.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20cmd%20%3D%20cmds%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(cmd.rule)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_name%20%3D%20cmd.rule%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20parse_cmds(_name%2C%20rules%5B_name%5D%2C%20rules%2C%20hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(!cmd.hosts%20%26%26%20!by_rules)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(!cmd.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%3B%0A%20%20%20%20%7D%0A%7D%0Afunction%20hex_decode(h)%7B%0A%20%20%20%20var%20s%20%3D%20''%3B%0A%20%20%20%20for%20(var%20i%20%3D%200%3B%20i%20%3C%20h.length%3B%20i%2B%3D2)%0A%20%20%20%20%20%20%20%20s%20%2B%3D%20String.fromCharCode(parseInt(h.substr(i%2C%202)%2C%2016))%3B%0A%20%20%20%20return%20decodeURIComponent(escape(s))%3B%0A%7D%0Afunction%20local_hola_cb(url)%7B%0A%20%20%20%20var%20n%3B%0A%20%20%20%20try%20%7B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20url.match(%2F%5Ehttp%3A%5C%2F%5C%2F(.*).local.hola%5C%2F%3F%24%2F))%0A%20%20%20%20%20%20%20%20%20%20%20%20n%20%3D%20JSON.parse(hex_decode(n%5B1%5D))%3B%0A%20%20%20%20%7D%20catch(e)%7B%20n%20%3D%20null%3B%20%7D%0A%20%20%20%20if%20(!n%20%7C%7C%20n.key!%3Dg_pac_engine.key)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%20%20%20%20if%20(!g_pac_engine.local_redir)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_redir%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_counter%20%3D%200%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20set%20%3D%20n.set%3B%0A%20%20%20%20var%20proxy%20%3D%20n.proxy%3B%0A%20%20%20%20var%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%3B%0A%20%20%20%20if%20(!entry%20%7C%7C%20entry.proxy%20!%3D%20proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%20%3D%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20proxy%3A%20proxy%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20count%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20entry.count%2B%2B%3B%0A%20%20%20%20entry.ts%20%3D%20Date.now()%3B%0A%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%7D%0A%0AE.init%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20options%20%3D%20options%7C%7C%7B%7D%3B%0A%20%20%20%20g_pac_engine%20%3D%20%7B%0A%20%20%20%20%20%20%20%20hosts%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20exceptions%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20ext%3A%20options.ext%7C%7C0%2C%0A%20%20%20%20%20%20%20%20by_rules%3A%20options.by_rules%7C%7C0%2C%0A%20%20%20%20%20%20%20%20do_redir%3A%20options.do_redir%7C%7C0%2C%0A%20%20%20%20%20%20%20%20redir_direct%3A%20options.redir_direct%3D%3D%3Dundefined%20%7C%7C%20options.redir_direct%2C%0A%20%20%20%20%20%20%20%20proxy_port%3A%20options.proxy_port%7C%7C6857%2C%0A%20%20%20%20%20%20%20%20redir_port%3A%20options.redir_port%7C%7C6850%2C%0A%20%20%20%20%20%20%20%20key%3A%20options.key%2C%0A%20%20%20%20%7D%3B%0A%20%20%20%20if%20(!json.unblocker_rules)%0A%20%20%20%20%20%20%20%20return%20-1%3B%0A%20%20%20%20var%20rules%20%3D%20json.unblocker_rules%2C%20rule%2C%20i%3B%0A%20%20%20%20if%20(!g_pac_engine.by_rules)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20else%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.rules%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.root_url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.cmds)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20g_pac_engine.rules%5Bi%5D%20%3D%20%7Bhosts%3A%20%7B%7D%2C%20ips%3A%20%5B%5D%2C%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.rules%5Bi%5D%2C%201)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'local.hola'%5D%20%3D%20local_hola_cb%3B%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'127.255.255.255'%5D%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20'%2Bhost%2B'%3A0'%7D%3B%20%7D%3B%0A%20%20%20%20if%20(json.unblocker_globals)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20json.unblocker_globals%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.exceptions)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%200%3B%0A%7D%3B%0A%0Afunction%20find_proxy_for_url(url%2C%20host%2C%20hosts%2C%20opt)%7B%0A%20%20%20%20opt%20%3D%20opt%7C%7C%7B%7D%3B%0A%20%20%20%20var%20do_redir%20%3D%20g_pac_engine.do_redir%3B%0A%20%20%20%20if%20(hosts.hosts_cache)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20c%20%3D%20hosts.hosts_cache%5Bhost%5D%3B%0A%20%20%20%20%20%20%20%20if%20(c%20%26%26%20c.func)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20c.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20if%20©%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(hosts.hosts_counter%3E5000)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.hosts_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20hosts.hosts_cache%20%3D%20%7B%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(is_ip(host))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ip%20%3D%20inet_aton(host)%3B%0A%20%20%20%20%20%20%20%20var%20ips%20%3D%20hosts.ips%3B%0A%20%20%20%20%20%20%20%20for%20(var%20i%3D0%3B%20i%3Cips.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_ip%20%3D%20ips%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20((ip%20%3E%3E%3E%20_ip.bits%20%3C%3C%20_ip.bits)%5E_ip.mask)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20_ip.func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20_ip.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20var%20index%20%3D%20-1%3B%0A%20%20%20%20for%20(%3B%3B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20func%20%3D%20hosts.hosts%5B'*'%5D%7C%7Chosts.hosts%5Bhost.substr(index%2B1)%5D%3B%0A%20%20%20%20%20%20%20%20if%20(func)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20((index%20%3D%20host.indexOf('.'%2C%20index%2B1))%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20break%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(opt.exception)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7B%7D%3B%0A%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%7D%0A%0AE.FindProxyForURL%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20locals%20%3D%20pac.local_redir%2C%20ret%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.local%5C.hola%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20'local.hola'%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20if%20(locals%20%26%26%20host!%3D'local.hola')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20then%20%3D%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20if%20(then%20%26%26%20Date.now()%20-%20then.ts%20%3E%202000)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20then%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(then)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!--then.count)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20handle_then(then.proxy%2C%20url%2C%20host%2C%20pac.do_redir)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20pac.local_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20if%20(!(pac.local_counter%251000))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20cur_ts%20%3D%20Date.now()%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20for%20(var%20i%20in%20locals)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20local%20%3D%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(cur_ts-local.ts%20%3E%2010000)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20pac.local_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!ret)%0A%20%20%20%20%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.hosts)%3B%0A%20%20%20%20if%20(ret.proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.proxy%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_rule%20%3D%20function(rule%2C%20url%2C%20host%2C%20is_main%2C%20no_global)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20ret%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%2F))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%20%20%20%20url%20%3D%20url.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20r%20%3D%20pac.rules%20%26%26%20rule%20%3F%20pac.rules%5Brule%5D%20%3A%20pac.hosts%3B%0A%20%20%20%20if%20(!r)%0A%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20r%2C%20%7Bis_main%3A%20is_main%7D)%3B%0A%20%20%20%20if%20(ret.proxy%20%26%26%20!no_global)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.proxy%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_exception%20%3D%20function(url%2C%20host%2C%20orig)%7B%0A%20%20%20%20var%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20g_pac_engine.exceptions%2C%0A%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20orig%7D)%3B%0A%20%20%20%20return%20ret%20%3F%20ret.str%20%3A%20orig%3B%0A%7D%3B%0A%0AE.t%20%3D%20%7B%0A%20%20%20%20global_var%3A%20function()%7B%20return%20g_pac_engine%3B%20%7D%2C%0A%20%20%20%20pac_redir%3A%20pac_redir%2C%0A%20%20%20%20get_ext%3A%20get_ext%2C%0A%7D%3B%0A%0AE.gen_pac%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20return%20'var%20pac_engine%20%3D%20('%2Bquine%2B')(%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'function%20FindProxyForURL(url%2C%20host)%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%7D%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.dns_resolver%20%3D%20dnsResolve%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.init('%2BJSON.stringify(json)%2B'%2C%20'%0A%20%20%20%20%20%20%20%20%20%20%20%20%2BJSON.stringify(options)%2B')%3B%5Cn'%3B%0A%7D%3B%0A%0Areturn%20E%3B%20%7D)(%7B%0A%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%0Afunction%20FindProxyForURL(url%2C%20host)%7B%0A%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%0A%7D%0Apac_engine.dns_resolver%20%3D%20dnsResolve%3B%0Apac_engine.init(%7B%22unblocker_rules%22%3A%7B%7D%7D%2C%20%7B%22do_redir%22%3Afalse%2C%22ext%22%3A1%2C%22key%22%3A%223374cb64c7dda728296058af26c97e0b6e4e7af418acb7f580884625242e3a%22%7D)%3B%0A"
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> type", 2
FF Extension: (Sports) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\@Sports.xpi [2017-02-03]
FF Extension: (FlashStopper) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\flashstopper@byo.co.il.xpi [2017-07-05]
FF Extension: (Hola Better Internet) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2017-08-02]
FF Extension: (Honey) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2017-07-10]
FF Extension: (AdBlocker for Facebook™) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2016-12-19]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\support@lastpass.com [2017-07-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\translator@zoli.bod.xpi [2017-02-03]
FF Extension: (Image Zoom) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2017-03-16]
FF Extension: (No Name) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2017-07-14]
FF Extension: (Adblock Plus) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2017-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt
FF Extension: (Allavsoft Firefox Extension) - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt [2016-11-10] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\xfinity.xml [2012-02-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2011-08-11] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2017-04-18] (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-11-03] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-11-03] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Don Van Horne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2013-08-01] (Lamantine Software a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-11-03] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2007-05-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2007-05-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2007-05-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2007-05-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2007-05-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-11-03] (RealPlayer)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-18] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default ->  Not-active:"chrome-extension://agimnfedoejnbcaboobehgdeppecefap/index.html"
CHR Profile: C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default [2017-08-13]
CHR Extension: (Google Translate) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-11-12]
CHR Extension: (Google Slides) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Plugins) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-03]
CHR Extension: (Norton Security Toolbar) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-06-06]
CHR Extension: (Google Search) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Google Sheets) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Google Docs Offline) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-13]
CHR Extension: (AdBlock) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-06-06]
CHR Extension: (Norton Safe) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-04-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-08-03]
CHR Extension: (Xfinity) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb [2014-11-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-02-15]
CHR Extension: (PlayOn) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2017-08-05]
CHR Extension: (Wikibuy) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2017-08-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Gmail) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]
CHR Extension: (Social Translator (discontinued)) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin [2016-10-14]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-22]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-22]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDChromeExt.crx [2016-11-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx [2013-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2015-10-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACPService; C:\Program Files (x86)\Philips\CamSuite\2.0.15.0\ACPService.exe [687104 2010-08-26] () [File not signed]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtomicAlarmClock; C:\Program Files (x86)\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-21] (BlueStack Systems, Inc.)
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-28] (WildTangent)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [505056 2013-09-09] ()
R2 HideMyIpSRV; C:\Program Files (x86)\Hide My IP 6\HideMyIpSRV.exe [4375792 2015-10-07] (Hide My IP)
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.


#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,530 posts

Posted 16 August 2017 - 03:09 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 16 August 2017 - 06:47 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
IncrediMail (HKLM-x32\...\{18DB3375-0649-4EA3-959A-44F1ACD278BA}) (Version: 6.2.9.5163 - IncrediMail) Hidden
Toolbar Cleaner (HKLM-x32\...\Toolbar Cleaner) (Version: - Visicom Media Inc.)
===

Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Task: {6691875F-3E53-43C4-9026-69622086FD53} - System32\Tasks\Check Updates => C:\Users\Don Van Horne\AppData\Local\GeniusBox\updater.exe
Task: {E1C82961-6483-417E-B9F7-F0651C4081CB} - System32\Tasks\Validate Installation => C:\Users\Don Van Horne\AppData\Local\GeniusBox\updater.exe
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> autoconfig_url", "data:text/javascript,var%20pac_engine%20%3D%20(function%20quine(browser)%7B%0A%0Avar%20E%20%3D%20%7B%7D%3B%0A%2F%2F%20XXX%20shachar%3A%20remove%20this%20and%20everything%20that%20uses%20it%0AE.def_ext%20%3D%20%5B'gif'%2C%20'png'%2C%20'jpg'%2C%20'mp3'%2C%20'css'%2C%20'mp4'%2C%20'wmv'%2C%20'flv'%2C%20'swf'%2C%0A%20%20%20%20'mkv'%2C%20'ico'%2C%20'f4v'%2C%20'h264'%2C%20'webp'%2C%20'webm'... (long line)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-18] <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default ->  Not-active:"chrome-extension://agimnfedoejnbcaboobehgdeppecefap/index.html"
CHR Extension: (Plugins) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-03]
CHR Extension: (PlayOn) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2017-08-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2015-10-29]
C:\Windows\System32\Tasks\Check Updates
C|\Windows\System32\Tasks\Validate Installation
C:\Users\Don Van Horne\AppData\Local\GeniusBox

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended.
https://www.java.com...d/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmic...java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.co...oads/index.html

How to disable Java in your browsers
http://www.infoworld...browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
===

Please post the logs and let me know if the problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 16 August 2017 - 11:38 AM

# AdwCleaner 7.0.1.0 - Logfile created on Wed Aug 16 14:19:19 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-16-2017.2
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, hola_svc
PUP.Optional.Legacy, hola_updater
PUP.Optional.Legacy, YahooAUService


***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\ProgramData\Application Data\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare, C:\Users\Don Van Horne\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy, C:\Program Files\Hola
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\Hola
PUP.Optional.Legacy, C:\Users\Don Van Horne\YTDownloader
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
PUP.Optional.Legacy, C:\ProgramData\SuperEasy Software
PUP.Optional.Legacy, C:\ProgramData\Application Data\SuperEasy Software
PUP.Optional.Legacy, C:\Program Files (x86)\SuperEasy Software
PUP.Optional.Legacy, C:\Users\All Users\SuperEasy Software
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\SuperEasy Software
PUP.Optional.Legacy, C:\ProgramData\Yahoo! Companion
PUP.Optional.Legacy, C:\ProgramData\Application Data\Yahoo! Companion
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\Yahoo! Companion
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
PUP.Optional.Legacy, C:\Users\All Users\Yahoo! Companion
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\LocalLow\Yahoo! Companion
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\IncrediMail_MediaBar_2
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IncrediMail_MediaBar_2
PUP.Optional.Legacy, C:\Program Files (x86)\Toolbar Cleaner
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Toolbar Cleaner
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\Vuze_Remote
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Vuze_Remote
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Local\VirtualStore\Program Files\Web Assistant
PUP.Optional.Legacy, C:\Windows\System32\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
PUP.Optional.Legacy, C:\Program Files (x86)\Yahoo!\Companion
PUP.Optional.Legacy, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\LocalLow\Yahoo!\Companion
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\Yahoo!\Companion
PUP.Optional.Legacy, C:\Windows\System32\C2MP
PUP.Optional.Legacy, C:\Windows\SysWOW64\C2MP
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\acestream
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\LocalLow\.acestream
PUP.Optional.Legacy, C:\Users\Don Van Horne\AppData\Roaming\.acestream
PUP.Optional.Legacy, C:\_acestream_cache_
PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader
PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader
PUP.Optional.Conduit, C:\Windows\System32\config\systemprofile\AppData\LocalLow\Conduit
PUP.Optional.Conduit, C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Conduit
PUP.Optional.1ClickDownload, C:\Users\Don Van Horne\AppData\Local\VirtualStore\Program Files (x86)\1ClickDownload
PUP.Optional.RegCurePro, C:\ProgramData\PARETOLOGIC
PUP.Optional.RegCurePro, C:\ProgramData\Application Data\PARETOLOGIC
PUP.Optional.RegCurePro, C:\Program Files (x86)\PARETOLOGIC
PUP.Optional.RegCurePro, C:\Program Files (x86)\Common Files\PARETOLOGIC
PUP.Optional.RegCurePro, C:\Users\All Users\PARETOLOGIC
PUP.Optional.RegCurePro, C:\Users\Don Van Horne\AppData\Roaming\PARETOLOGIC
PUP.Optional.Conduit.A, C:\Users\Don Van Horne\AppData\Roaming\RHEng
Rogue.ForcedExtension, C:\ProgramData\apn
Rogue.ForcedExtension, C:\ProgramData\Application Data\apn
Rogue.ForcedExtension, C:\Users\All Users\apn
PUP.Optional.PremiumDownloadManager, C:\Users\Don Van Horne\AppData\LocalLow\DownloadManager
PUP.Adware.Heuristic, C:\Program Files (x86)\iRecordMax Sound Recorder
PUP.Adware.Heuristic, C:\ProgramData\9235a06e615e5fb5
PUP.Adware.Heuristic, C:\ProgramData\Avg_Update_1014av
PUP.Adware.Heuristic, C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
PUP.Adware.Heuristic, C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}
PUP.Adware.Heuristic, C:\ProgramData\{1EA2C7B4-2EAA-4644-8506-BB70DD984779}
PUP.Adware.Heuristic, C:\ProgramData\{1F34AB84-82BF-430B-8958-5A34483DA776}
PUP.Adware.Heuristic, C:\ProgramData\{33CC04A6-7C06-4D73-B22D-D63FE2603F84}
PUP.Adware.Heuristic, C:\ProgramData\{4912538D-53F0-4B18-9DF2-EFBBAAC0DDE6}
PUP.Adware.Heuristic, C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
PUP.Adware.Heuristic, C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
PUP.Adware.Heuristic, C:\ProgramData\{A494BE66-E69A-41E9-A2FE-4EDBD6B80570}
PUP.Adware.Heuristic, C:\ProgramData\{BDF256EE-292E-4963-84D8-E71715E4D166}
PUP.Adware.Heuristic, C:\ProgramData\{C437D41F-A277-4A3E-BF29-78D6AD51991A}
PUP.Adware.Heuristic, C:\ProgramData\{C4BA02BC-C5ED-41EA-A49D-FF5D0F54811A}
PUP.Adware.Heuristic, C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
PUP.Adware.Heuristic, C:\ProgramData\{E0F706A9-EFDE-4C4E-9761-DE8B2A8887C6}
PUP.Adware.Heuristic, C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
PUP.Adware.Heuristic, C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}


***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Don Van Horne\Desktop\Toolbar Cleaner.lnk
PUP.Optional.Legacy, C:\Program Files (x86)\Yahoo!\Common\unyt.exe
PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hola.lnk


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, validate installation
PUP.Optional.Legacy, Check Updates
PUP.Optional.Legacy, Validate Installation
PUP.Optional.Legacy, check updates


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\d2m2wsoho8qq12.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\d30ke5tqu2tkyx.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\d30ke5tqu2tkyx.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\dogosearch.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\smartsuggestor.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.smartsuggestor.com
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\WNLT
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKCU\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Toolbar Cleaner
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\UpdateStar
PUP.Optional.Legacy, [Key] - HKCU\Software\UpdateStar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\AppDataLow\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\Yahoo\Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\Yahoo\YFriendsBar
PUP.Optional.Legacy, [Key] - HKCU\Software\Yahoo\YFriendsBar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Hola
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hola
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Hola
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\Hola
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {EEE6C35B-6118-11DC-9C72-001320C79847}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22511E2E-7970-414E-BC7C-28D16C4AF54D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{23C5311E-016D-4999-BCB1-499898429D6C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2C4B6DB8-6413-403B-A038-16A352CFE8B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{46803190-228D-470E-90FE-F5E0CEA9C4F2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B9BCCE8-A70B-402A-A7E1-DB96831EE26F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5180FE16-2E09-497B-9C8B-5A6F029ECECB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A4F6E1B3-469E-46EF-A936-FBA9D5EFD2B9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{C97AF157-6A27-4F57-9D47-E2D3E4761B77}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{ED0D2C81-7DB5-4599-B7C0-1033418B5672}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED721A76-8160-4DA0-A18E-7FD7C4574774}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{1E57256D-9F39-4267-AB39-D7813D644C5A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{31371420-098D-4C0E-A11E-EBEC2305DD01}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A06AA27-D94B-48C2-BB55-9FD0FF2120E3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{46140CE4-76FE-440E-AE88-4C2272BC05C7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{9F9C4C5C-2BA8-4E00-A697-9F710BB1026B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{C60CCE95-6AF9-4E74-B66B-3212D19F1D2F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{FBE30D66-39A2-4b72-8B43-6D4C335A6F34}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3C16E079-E4C7-493C-BE9F-E0F2BB0B7430}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{6EB4349D-4333-442F-ACA4-4C72AF28B6ED}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{7DB8B625-DBF0-4491-B544-5A06F7B17BB4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E74A0AE-F0ED-47ED-A940-A8E99687646B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{9DE77B51-89F6-468E-9402-16050382E950}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
PUP.Optional.Legacy, [Key] - HKCU\SOFTWARE\Classes\MIME\Database\Content Type\application\x-acestream-plugin
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\yt.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\MIME\Database\Content Type\application\x-acestream-plugin
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
PUP.Optional.Legacy, [Key] - HKLM\SYSTEM\CurrentControlSet\Control\iSafeKrnlBoot
PUP.Optional.SweetPacks, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {EEE6C35C-6118-11DC-9C72-001320C79847}
PUP.Optional.TenorShare, [Key] - HKLM\SOFTWARE\WISECLEANER
PUP.Optional.WebWatcher, [Key] - HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
PUP.Optional.WebWatcher, [Key] - HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
PUP.Optional.WebWatcher, [Key] - HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}


***** [ Firefox (and derivatives) ] *****

Plugin found: Honey -


***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [20459 B] - [2014/10/29 22:43:3]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-08-2017
Ran by Don Van Horne (administrator) on DONVANHORNE-HP (16-08-2017 10:24:04)
Running from C:\Users\Don Van Horne\Downloads
Loaded Profiles: Don Van Horne (Available Profiles: Don Van Horne & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe
(Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
() C:\Program Files (x86)\Atomic Alarm Clock\timeserv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\n360.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\n360.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Ivacy\Ivacy.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ATTENTION
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-16] (Glarysoft Ltd)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {0c7b13d5-52e3-11e7-a092-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {d1ff534f-e17d-11e5-9127-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {fd8c2287-f628-11e2-81e0-e06995fa1427} - J:\iStudio.exe
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-25]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disabled [2013-05-24] ()
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ivacy.lnk [2017-08-16]
ShortcutTarget: Ivacy.lnk -> C:\Program Files (x86)\Ivacy\Ivacy.exe ()
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6C98BE56-189D-4D2C-88D2-A4C7E642731F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{CA66EA55-F081-4FE4-88E4-23D5ABB24D40}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {EDECF09A-4FFA-4871-B01A-9F71AE7066E9} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL =
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1122&geo=US&ver=22.9.3.13&locale=en_US&guid=8C397C67-5390-11E1-9798-E06995FA1427&doi=2016-09-01&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar64.dll [2016-07-28] (Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar.dll [2016-07-28] (Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 [2017-08-16]
FF NewTab: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> hxxp://search.searchliveson.com?uid=7168e807-174c-4024-b494-1696b83a80a1&uc=20170203&ap=appfocus213&source=1-bb8&page=newtab&implementation_id=sports_0.2.0
FF Homepage: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> hxxps://www.google.com/
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> autoconfig_url", "data:text/javascript,var%20pac_engine%20%3D%20(function%20quine(browser)%7B%0A%0Avar%20E%20%3D%20%7B%7D%3B%0A%2F%2F%20XXX%20shachar%3A%20remove%20this%20and%20everything%20that%20uses%20it%0AE.def_ext%20%3D%20%5B'gif'%2C%20'png'%2C%20'jpg'%2C%20'mp3'%2C%20'css'%2C%20'mp4'%2C%20'wmv'%2C%20'flv'%2C%20'swf'%2C%0A%20%20%20%20'mkv'%2C%20'ico'%2C%20'f4v'%2C%20'h264'%2C%20'webp'%2C%20'webm'%5D%3B%0A%0A%2F%2F%20XXX%20note%20that%20console.log%20cannot%20be%20used%20in%20the%20pac%20file%20since%20it%20causes%0A%2F%2F%20IE10%20to%20reject%20the%20pac%20file%0Avar%20g_pac_engine%20%3D%20%7B%7D%3B%0A%0Afunction%20pac_redir(url%2C%20host%2C%20do_redir)%7B%0A%20%20%20%20if%20(!do_redir%20%7C%7C%20!g_pac_engine.redir_direct)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20ip%20%3D%20E.dns_resolver(host)%3B%0A%20%20%20%20if%20(browser.isInNet(ip%2C%20'10.0.0.0'%2C%20'255.0.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'172.16.0.0'%2C%20'255.240.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'192.168.0.0'%2C%20'255.255.0.0')%20%7C%7C%0A%20%20%20%20%20%20%20%20browser.isInNet(ip%2C%20'127.0.0.0'%2C%20'255.0.0.0'))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(browser.isPlainHostName(host))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20var%20m%20%3D%20url.match(%2F%5E.%2B%3A(%5B0-9%5D%2B)%5C%2F.*%24%2F)%3B%0A%20%20%20%20if%20(m%20%26%26%20m.length%3D%3D2%20%26%26%20m%5B1%5D!%3D'80')%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20if%20(url.match(%2F%5Ehttps%3A.*%24%2F))%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20false%2C%20str%3A%20'DIRECT'%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20false%2C%0A%20%20%20%20%20%20%20%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.redir_port%2B'%3B%20DIRECT'%7D%3B%0A%7D%0A%0Afunction%20get_ext(url)%7B%0A%20%20%20%20var%20ext%20%3D%20''%2C%20index%20%3D%20url.indexOf('%3F')%3B%0A%20%20%20%20if%20(index%3E%3D0)%0A%20%20%20%20%20%20%20%20url%20%3D%20url.slice(0%2C%20index)%3B%0A%20%20%20%20var%20ext_index%20%3D%20url.lastIndexOf('.'%2C%20url.length)%3B%0A%20%20%20%20var%20_ext_index%20%3D%20url.lastIndexOf('%2F'%2C%20url.length)%3B%0A%20%20%20%20if%20(ext_index%3E%3D0%20%26%26%20ext_index%3E_ext_index)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(ext_index%2B1)%3B%0A%20%20%20%20else%20if%20(_ext_index%3E%3D0)%0A%20%20%20%20%20%20%20%20ext%20%3D%20url.slice(_ext_index%2B1)%3B%0A%20%20%20%20return%20ext%3B%0A%7D%0A%0Afunction%20is_ip(host)%7B%20return%20%2F%5E%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%5C.%5Cd%2B%24%2F.test(host)%3B%20%7D%0A%0Afunction%20handle_then(value%2C%20url%2C%20host%2C%20do_redir%2C%20exception%2C%20orig_proxy)%7B%0A%20%20%20%20if%20(value%3D%3D'DIRECT')%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20var%20n%20%3D%20value.split('%20')%3B%0A%20%20%20%20if%20(exception%20%26%26%20n%5B0%5D%3D%3D'PROXY')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(n.length%3D%3D1)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20%20%20%20%20if%20(n%5B1%5D%3D%3D'XX'%20%26%26%20orig_proxy)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20c%20%3D%20orig_proxy.split('%20')%5B1%5D.split('.')%5B0%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20'%2Bc%7D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(n.length%3C2)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20else%20if%20(!%7BPROXY%3A%201%2C%20SOCKS%3A%201%2C%20SOCKS5%3A%201%7D%5Bn%5B0%5D%5D)%0A%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20if%20(g_pac_engine.ext)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20value%7D%3B%0A%20%20%20%20return%20%7Bproxy%3A%20true%2C%20str%3A%20'PROXY%20127.0.0.1%3A'%2Bg_pac_engine.proxy_port%7D%3B%0A%7D%0A%0Afunction%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20if%20(!cmd%5B'if'%5D)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20if%20(cmd.dst_dns)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20cmd%5B'if'%5D%20%3D%20%5B%7Bext%3A%20'def-ext'%2C%20type%3A%20'in'%2C%20then%3A%20'DIRECT'%7D%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20ext%20%3D%20get_ext(url)%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmd%5B'if'%5D.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_if%20%3D%20cmd%5B'if'%5D%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20var%20arg%20%3D%20null%2C%20value%20%3D%20null%3B%0A%20%20%20%20%20%20%20%20var%20type%20%3D%20'%3D%3D'%3B%0A%20%20%20%20%20%20%20%20if%20(!_if.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(_if.type)%0A%20%20%20%20%20%20%20%20%20%20%20%20type%20%3D%20_if.type%3B%0A%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20host%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.host%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20url%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.url%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.ext%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(value%3D%3D'def-ext'%20%26%26%20!(value%20%3D%20rule%5B'def-ext'%5D))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20E.def_ext%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%20if%20(_if.main)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20arg%20%3D%20opt.is_main%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20value%20%3D%20_if.main%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20else%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20var%20cmp%3B%0A%20%20%20%20%20%20%20%20switch%20(type)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20case%20'%3D%3D'%3A%20cmp%20%3D%20arg%3D%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!%3D'%3A%20cmp%20%3D%20arg!%3Dvalue%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3D~'%3A%20cmp%20%3D%20arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!~'%3A%20cmp%20%3D%20!arg.match(value)%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Da'%3A%0A%20%20%20%20%20%20%20%20case%20'in'%3A%20cmp%20%3D%20value.indexOf(arg)!%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!a'%3A%0A%20%20%20%20%20%20%20%20case%20'not_in'%3A%20cmp%20%3D%20value.indexOf(arg)%3D%3D-1%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'%3Do'%3A%20cmp%20%3D%20!!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20case%20'!o'%3A%20cmp%20%3D%20!value%5Barg%5D%3B%20break%3B%0A%20%20%20%20%20%20%20%20default%3A%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(cmp)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(_if%5B'else'%5D)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20handle_then(_if%5B'else'%5D%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20opt.exception%2C%20opt.orig_proxy)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%20handle_then(cmd.then%2C%20url%2C%20host%2C%20do_redir%2C%20opt.exception%2C%0A%20%20%20%20%20%20%20%20opt.orig_proxy)%3B%0A%7D%0A%0Afunction%20inet_aton(str)%7B%0A%20%20%20%20var%20laddr%20%3D%200%2C%20i%2C%20parts%20%3D%20%2F%5E(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%5C.(%5Cd%2B)%24%2F.exec(str)%3B%0A%20%20%20%20if%20(!parts)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20parts.shift()%3B%0A%20%20%20%20for%20(i%3D0%3B%20i%3Cparts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20laddr%20*%3D%20256%3B%0A%20%20%20%20%20%20%20%20laddr%20%2B%3D%20%2Bparts%5Bi%5D%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20laddr%3B%0A%7D%0A%0Afunction%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%7B%0A%20%20%20%20var%20_cif%20%3D%20cmd%5B'if'%5D%2C%20i%3B%0A%20%20%20%20if%20(_cif)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%3D0%3B%20i%3C_cif.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_if%20%3D%20_cif%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.type%3D%3D'%3D~'%20%7C%7C%20_if.type%3D%3D'!~')%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(_if.host)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.host%20%3D%20new%20RegExp(_if.host)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.url%20%3D%20new%20RegExp(_if.url)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20else%20if%20(_if.ext)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20_if.ext%20%3D%20new%20RegExp(_if.ext)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!cmd.hosts)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.hosts%5B'*'%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20%7D%0A%20%20%20%20for%20(i%3D0%3B%20i%3Ccmd.hosts.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20_host%20%3D%20cmd.hosts%5Bi%5D%2C%20n%3B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20_host.match(%2F%5E((%5Cd%7B1%2C3%7D%5C.)%7B3%7D%5Cd%7B1%2C3%7D)(%5C%2F(%5Cd%2B))%3F%24%2F))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!cmd.ips)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20cmd.ips%20%3D%20%5B%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20bits%20%3D%2032%20-%20(n%5B4%5D%20%3F%20%2Bn%5B4%5D%20%3A%2032)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(bits%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20bits%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20mask%20%3D%20inet_aton(n%5B1%5D)%20%3E%3E%3E%20bits%20%3C%3C%20bits%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.ips.push(%7Bmask%3A%20mask%2C%20bits%3A%20bits%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20func%3A%20function(url%2C%20host%2C%20do_redir%2C%20exception)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20exception)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%7D)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20hosts.hosts%5B_host%5D%20%3D%20function(url%2C%20host%2C%20do_redir%2C%20opt)%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20host_cb(name%2C%20rule%2C%20cmd%2C%20url%2C%20host%2C%20do_redir%2C%20opt)%3B%20%7D%3B%0A%20%20%20%20%7D%0A%7D%0A%0Afunction%20parse_cmds(name%2C%20rule%2C%20rules%2C%20hosts%2C%20by_rules)%7B%0A%20%20%20%20var%20cmds%20%3D%20rule.cmds%3B%0A%20%20%20%20if%20(!cmds)%0A%20%20%20%20%20%20%20%20return%3B%0A%20%20%20%20for%20(var%20i%3D0%3B%20i%3Ccmds.length%3B%20i%2B%2B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20cmd%20%3D%20cmds%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20if%20(cmd.rule)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_name%20%3D%20cmd.rule%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20parse_cmds(_name%2C%20rules%5B_name%5D%2C%20rules%2C%20hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(!cmd.hosts%20%26%26%20!by_rules)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20if%20(!cmd.then)%0A%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20set_rule(name%2C%20rule%2C%20cmd%2C%20hosts)%3B%0A%20%20%20%20%7D%0A%7D%0Afunction%20hex_decode(h)%7B%0A%20%20%20%20var%20s%20%3D%20''%3B%0A%20%20%20%20for%20(var%20i%20%3D%200%3B%20i%20%3C%20h.length%3B%20i%2B%3D2)%0A%20%20%20%20%20%20%20%20s%20%2B%3D%20String.fromCharCode(parseInt(h.substr(i%2C%202)%2C%2016))%3B%0A%20%20%20%20return%20decodeURIComponent(escape(s))%3B%0A%7D%0Afunction%20local_hola_cb(url)%7B%0A%20%20%20%20var%20n%3B%0A%20%20%20%20try%20%7B%0A%20%20%20%20%20%20%20%20if%20(n%20%3D%20url.match(%2F%5Ehttp%3A%5C%2F%5C%2F(.*).local.hola%5C%2F%3F%24%2F))%0A%20%20%20%20%20%20%20%20%20%20%20%20n%20%3D%20JSON.parse(hex_decode(n%5B1%5D))%3B%0A%20%20%20%20%7D%20catch(e)%7B%20n%20%3D%20null%3B%20%7D%0A%20%20%20%20if%20(!n%20%7C%7C%20n.key!%3Dg_pac_engine.key)%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%20%20%20%20if%20(!g_pac_engine.local_redir)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_redir%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20g_pac_engine.local_counter%20%3D%200%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20set%20%3D%20n.set%3B%0A%20%20%20%20var%20proxy%20%3D%20n.proxy%3B%0A%20%20%20%20var%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%3B%0A%20%20%20%20if%20(!entry%20%7C%7C%20entry.proxy%20!%3D%20proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20entry%20%3D%20g_pac_engine.local_redir%5Bset%5D%20%3D%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20proxy%3A%20proxy%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20count%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20entry.count%2B%2B%3B%0A%20%20%20%20entry.ts%20%3D%20Date.now()%3B%0A%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20127.0.0.1%3A0'%7D%3B%0A%7D%0A%0AE.init%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20options%20%3D%20options%7C%7C%7B%7D%3B%0A%20%20%20%20g_pac_engine%20%3D%20%7B%0A%20%20%20%20%20%20%20%20hosts%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20exceptions%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20ips%3A%20%5B%5D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%2C%0A%20%20%20%20%20%20%20%20%7D%2C%0A%20%20%20%20%20%20%20%20ext%3A%20options.ext%7C%7C0%2C%0A%20%20%20%20%20%20%20%20by_rules%3A%20options.by_rules%7C%7C0%2C%0A%20%20%20%20%20%20%20%20do_redir%3A%20options.do_redir%7C%7C0%2C%0A%20%20%20%20%20%20%20%20redir_direct%3A%20options.redir_direct%3D%3D%3Dundefined%20%7C%7C%20options.redir_direct%2C%0A%20%20%20%20%20%20%20%20proxy_port%3A%20options.proxy_port%7C%7C6857%2C%0A%20%20%20%20%20%20%20%20redir_port%3A%20options.redir_port%7C%7C6850%2C%0A%20%20%20%20%20%20%20%20key%3A%20options.key%2C%0A%20%20%20%20%7D%3B%0A%20%20%20%20if%20(!json.unblocker_rules)%0A%20%20%20%20%20%20%20%20return%20-1%3B%0A%20%20%20%20var%20rules%20%3D%20json.unblocker_rules%2C%20rule%2C%20i%3B%0A%20%20%20%20if%20(!g_pac_engine.by_rules)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20else%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20g_pac_engine.rules%20%3D%20%7B%7D%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(rule.internal%20%7C%7C%20(g_pac_engine.ext%20%26%26%20!rule.enabled))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.root_url)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.hosts)%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!rule.cmds)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20g_pac_engine.rules%5Bi%5D%20%3D%20%7Bhosts%3A%20%7B%7D%2C%20ips%3A%20%5B%5D%2C%20hosts_cache%3A%20%7B%7D%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20hosts_counter%3A%200%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.rules%5Bi%5D%2C%201)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'local.hola'%5D%20%3D%20local_hola_cb%3B%0A%20%20%20%20g_pac_engine.hosts.hosts%5B'127.255.255.255'%5D%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20%20%20%20%20return%20%7Bproxy%3A%200%2C%20str%3A%20'PROXY%20'%2Bhost%2B'%3A0'%7D%3B%20%7D%3B%0A%20%20%20%20if%20(json.unblocker_globals)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20rules%20%3D%20json.unblocker_globals%3B%0A%20%20%20%20%20%20%20%20for%20(i%20in%20rules)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20rule%20%3D%20rules%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20parse_cmds(i%2C%20rule%2C%20rules%2C%20g_pac_engine.exceptions)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20return%200%3B%0A%7D%3B%0A%0Afunction%20find_proxy_for_url(url%2C%20host%2C%20hosts%2C%20opt)%7B%0A%20%20%20%20opt%20%3D%20opt%7C%7C%7B%7D%3B%0A%20%20%20%20var%20do_redir%20%3D%20g_pac_engine.do_redir%3B%0A%20%20%20%20if%20(hosts.hosts_cache)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20c%20%3D%20hosts.hosts_cache%5Bhost%5D%3B%0A%20%20%20%20%20%20%20%20if%20(c%20%26%26%20c.func)%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20c.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20if%20©%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(hosts.hosts_counter%3E5000)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20hosts.hosts_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20hosts.hosts_cache%20%3D%20%7B%7D%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(is_ip(host))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ip%20%3D%20inet_aton(host)%3B%0A%20%20%20%20%20%20%20%20var%20ips%20%3D%20hosts.ips%3B%0A%20%20%20%20%20%20%20%20for%20(var%20i%3D0%3B%20i%3Cips.length%3B%20i%2B%2B)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20_ip%20%3D%20ips%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20((ip%20%3E%3E%3E%20_ip.bits%20%3C%3C%20_ip.bits)%5E_ip.mask)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20continue%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20_ip.func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20_ip.func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20var%20index%20%3D%20-1%3B%0A%20%20%20%20for%20(%3B%3B)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20func%20%3D%20hosts.hosts%5B'*'%5D%7C%7Chosts.hosts%5Bhost.substr(index%2B1)%5D%3B%0A%20%20%20%20%20%20%20%20if%20(func)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7Bfunc%3A%20func%7D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20return%20func(url%2C%20host%2C%20do_redir%2C%20opt)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20((index%20%3D%20host.indexOf('.'%2C%20index%2B1))%3C0)%0A%20%20%20%20%20%20%20%20%20%20%20%20break%3B%0A%20%20%20%20%7D%0A%20%20%20%20if%20(opt.exception)%0A%20%20%20%20%20%20%20%20return%20null%3B%0A%20%20%20%20hosts.hosts_cache%5Bhost%5D%20%3D%20%7B%7D%3B%0A%20%20%20%20hosts.hosts_counter%2B%2B%3B%0A%20%20%20%20return%20pac_redir(url%2C%20host%2C%20do_redir)%3B%0A%7D%0A%0AE.FindProxyForURL%20%3D%20function(url%2C%20host)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20locals%20%3D%20pac.local_redir%2C%20ret%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.local%5C.hola%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20'local.hola'%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%24%2F))%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20if%20(locals%20%26%26%20host!%3D'local.hola')%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20then%20%3D%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20if%20(then%20%26%26%20Date.now()%20-%20then.ts%20%3E%202000)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20then%20%3D%20false%3B%0A%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20if%20(then)%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20if%20(!--then.count)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Burl%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20handle_then(then.proxy%2C%20url%2C%20host%2C%20pac.do_redir)%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20pac.local_counter%2B%2B%3B%0A%20%20%20%20%20%20%20%20if%20(!(pac.local_counter%251000))%0A%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20var%20cur_ts%20%3D%20Date.now()%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20for%20(var%20i%20in%20locals)%0A%20%20%20%20%20%20%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20local%20%3D%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(cur_ts-local.ts%20%3E%2010000)%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20delete%20locals%5Bi%5D%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20pac.local_counter%20%3D%200%3B%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%20%20if%20(!ret)%0A%20%20%20%20%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.hosts)%3B%0A%20%20%20%20if%20(ret.proxy)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.proxy%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_rule%20%3D%20function(rule%2C%20url%2C%20host%2C%20is_main%2C%20no_global)%7B%0A%20%20%20%20var%20pac%20%3D%20g_pac_engine%2C%20ret%3B%0A%20%20%20%20if%20(host.match(%2F%5E(.*)%5C.trigger%5C.hola%5C.org%2F))%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20host%20%3D%20host.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%20%20%20%20url%20%3D%20url.replace('.trigger.hola.org'%2C%20'')%3B%0A%20%20%20%20%7D%0A%20%20%20%20var%20r%20%3D%20pac.rules%20%26%26%20rule%20%3F%20pac.rules%5Brule%5D%20%3A%20pac.hosts%3B%0A%20%20%20%20if%20(!r)%0A%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20r%2C%20%7Bis_main%3A%20is_main%7D)%3B%0A%20%20%20%20if%20(ret.proxy%20%26%26%20!no_global)%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20var%20ex%20%3D%20find_proxy_for_url(url%2C%20host%2C%20pac.exceptions%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20ret.proxy%7D)%3B%0A%20%20%20%20%20%20%20%20if%20(ex)%0A%20%20%20%20%20%20%20%20%20%20%20%20ret%20%3D%20ex%3B%0A%20%20%20%20%7D%0A%20%20%20%20return%20ret.str%3B%0A%7D%3B%0A%0AE.find_proxy_for_url_exception%20%3D%20function(url%2C%20host%2C%20orig)%7B%0A%20%20%20%20var%20ret%20%3D%20find_proxy_for_url(url%2C%20host%2C%20g_pac_engine.exceptions%2C%0A%20%20%20%20%20%20%20%20%7Bexception%3A%201%2C%20orig_proxy%3A%20orig%7D)%3B%0A%20%20%20%20return%20ret%20%3F%20ret.str%20%3A%20orig%3B%0A%7D%3B%0A%0AE.t%20%3D%20%7B%0A%20%20%20%20global_var%3A%20function()%7B%20return%20g_pac_engine%3B%20%7D%2C%0A%20%20%20%20pac_redir%3A%20pac_redir%2C%0A%20%20%20%20get_ext%3A%20get_ext%2C%0A%7D%3B%0A%0AE.gen_pac%20%3D%20function(json%2C%20options)%7B%0A%20%20%20%20return%20'var%20pac_engine%20%3D%20('%2Bquine%2B')(%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'function%20FindProxyForURL(url%2C%20host)%7B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'%7D%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.dns_resolver%20%3D%20dnsResolve%3B%5Cn'%0A%20%20%20%20%20%20%20%20%2B'pac_engine.init('%2BJSON.stringify(json)%2B'%2C%20'%0A%20%20%20%20%20%20%20%20%20%20%20%20%2BJSON.stringify(options)%2B')%3B%5Cn'%3B%0A%7D%3B%0A%0Areturn%20E%3B%20%7D)(%7B%0A%20%20%20%20isInNet%3A%20isInNet%2C%20isPlainHostName%3A%20isPlainHostName%7D)%3B%0Afunction%20FindProxyForURL(url%2C%20host)%7B%0A%20%20%20%20return%20pac_engine.FindProxyForURL(url%2C%20host)%3B%0A%7D%0Apac_engine.dns_resolver%20%3D%20dnsResolve%3B%0Apac_engine.init(%7B%22unblocker_rules%22%3A%7B%7D%7D%2C%20%7B%22do_redir%22%3Afalse%2C%22ext%22%3A1%2C%22key%22%3A%22baf030c62c3ec9594cf05786d01218102837a26752d8cea4a2792ca96dd6aa0%22%7D)%3B%0A"
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> type", 2
FF Extension: (FlashStopper) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\flashstopper@byo.co.il.xpi [2017-07-05]
FF Extension: (Hola Better Internet) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2017-08-02]
FF Extension: (AdBlocker for Facebook™) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2016-12-19]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\support@lastpass.com [2017-07-11]
FF Extension: (Google Translator for Firefox) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\translator@zoli.bod.xpi [2017-02-03]
FF Extension: (Image Zoom) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2017-03-16]
FF Extension: (No Name) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2017-07-14]
FF Extension: (Adblock Plus) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-11-18] [not signed]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2017-07-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt
FF Extension: (Allavsoft Firefox Extension) - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt [2016-11-10] [not signed]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\xfinity.xml [2012-02-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2011-08-11] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2017-04-18] (MediaMall Technologies, Inc.)
FF Plug

Edited by mvtrucking, 16 August 2017 - 11:59 AM.


#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 17 August 2017 - 06:27 AM

Hi,

I suggest your run the AdwCleaner program and clean all the items found.

===

Next run the Farbar fix as I have suggested.
If you have any problem understanding my instructions please ask.


The fix will generate a Fixlog.txt. Post the results for my review.

Let me know what problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 17 August 2017 - 08:48 AM

I'm sorry I thought I posted the FixLog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Don Van Horne (16-08-2017 10:25:42) Run:3
Running from C:\Users\Don Van Horne\Downloads
Loaded Profiles: Don Van Horne (Available Profiles: Don Van Horne & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Task: {6691875F-3E53-43C4-9026-69622086FD53} - System32\Tasks\Check Updates => C:\Users\Don Van Horne\AppData\Local\GeniusBox\updater.exe
Task: {E1C82961-6483-417E-B9F7-F0651C4081CB} - System32\Tasks\Validate Installation => C:\Users\Don Van Horne\AppData\Local\GeniusBox\updater.exe
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
FF NetworkProxy: Mozilla\Firefox\Profiles\4ciqkb7x.default-1468950079443 -> autoconfig_url", "data:text/javascript,var%20pac_engine%20%3D%20(function%20quine(browser)%7B%0A%0Avar%20E%20%3D%20%7B%7D%3B%0A%2F%2F%20XXX%20shachar%3A%20remove%20this%20and%20everything%20that%20uses%20it%0AE.def_ext%20%3D%20%5B'gif'%2C%20'png'%2C%20'jpg'%2C%20'mp3'%2C%20'css'%2C%20'mp4'%2C%20'wmv'%2C%20'flv'%2C%20'swf'%2C%0A%20%20%20%20'mkv'%2C%20'ico'%2C%20'f4v'%2C%20'h264'%2C%20'webp'%2C%20'webm'... (long line)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-18] <==== ATTENTION
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default ->  Not-active:"chrome-extension://agimnfedoejnbcaboobehgdeppecefap/index.html"
CHR Extension: (Plugins) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-03]
CHR Extension: (PlayOn) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2017-08-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lggaaajacmlhgbpldaboipiinndchjgm] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2015-10-29]
C:\Windows\System32\Tasks\Check Updates
C|\Windows\System32\Tasks\Validate Installation
C:\Users\Don Van Horne\AppData\Local\GeniusBox

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6691875F-3E53-43C4-9026-69622086FD53} => key not found.
C:\Windows\System32\Tasks\Check Updates => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Check Updates => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1C82961-6483-417E-B9F7-F0651C4081CB} => key not found.
C:\Windows\System32\Tasks\Validate Installation => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Validate Installation => key not found.
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => value removed successfully
HKLM\Software\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => key not found.
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => value removed successfully
HKLM\Software\Classes\CLSID\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} => key not found.
Firefox Proxy settings were reset.
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully
Chrome StartupUrls => removed successfully
Chrome NewTab => removed successfully
CHR Extension: (Plugins) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-03] => Error: No automatic fix found for this entry.
CHR Extension: (PlayOn) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggaaajacmlhgbpldaboipiinndchjgm [2017-08-05] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Web Store Payments) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-05] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-12] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lggaaajacmlhgbpldaboipiinndchjgm => key removed successfully
C:\Program Files (x86)\MediaMall\toolbar\ce.crx => moved successfully
"C:\Windows\System32\Tasks\Check Updates" => not found.
C|\Windows\System32\Tasks\Validate Installation => Error: No automatic fix found for this entry.
"C:\Users\Don Van Horne\AppData\Local\GeniusBox" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28408996 B
Java, Flash, Steam htmlcache => 42005 B
Windows/system/drivers => 739560 B
Edge => 0 B
Chrome => 488879170 B
Firefox => 419931347 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 76186 B
Public => 0 B
ProgramData => 0 B
systemprofile => 319871023 B
systemprofile32 => 136193127 B
LocalService => 66228 B
NetworkService => 68937 B
Don Van Horne => 20197137 B
Guest => 56820 B

RecycleBin => 736039709 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:32:58 ====



#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 17 August 2017 - 12:10 PM

Any remaining issues?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 18 August 2017 - 10:12 AM

Much better but Now I am unable to open tv via my Xfinity account, very strange I can't watch anything I keep getting video error

its never happened in since I got the service. I can not watch any video even .avi files that I have won't open? The only video

that plays is youtube.



#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 19 August 2017 - 07:20 AM

Read this topic.
http://forums.xfinit...es/td-p/2868372


Your version of Flash Playger is:
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)

Mine is 26.0.0.171 get the lates.

and check this
MOST IMPORTANTLY, you need to make sure that the box "Always Allowed to Run" is checked !
===

Go to this page with Firefox or Opera to download the current version for your browser:
https://get.adobe.com/flashplayer/

Note:
Flash Player is pre-installed in Google Chrome and updates automatically!
Flash Player is pre-installed in IE/Hedge and updates automatically!
===

This may also help.
https://www.xfinity....-74f185befce9-4
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 19 August 2017 - 09:49 AM

I attempted to install Flash 26.0.0.171 but it was not available for FF 64 bit for some reason? Opened Chrome and you are spot on no problems.

The only issue having now is some of programs when I click on them via double click or right click "Run as Admin" won't open at all? Also

I have many video files .avi that have worked for years and will not open as I get alot of EAcess Violation? I went to check what files were assoc

with which programs and many had been changed to Unknown so I set avi, mkv etc to my video player and still got the same issue? Thank you guys for

all the great help over the years



#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 19 August 2017 - 10:15 AM

Open your Task Manager.

Let me know if you get an error of if it's working.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 19 August 2017 - 10:31 AM

 Task Manager Working fine


Edited by mvtrucking, 19 August 2017 - 10:31 AM.


#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 19 August 2017 - 01:10 PM

Repair these services.

Boot with Safe Mode with Networking. Execute the following.

Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Execute the instructions on Step 1 Important
  • Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
  • On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
  • Click Repairs - Open Repairs in the bottom right corner
  • Uncheck the All repair button then select just the item(s) listed below

  • 01 - Repair Registry Permissions
    03 - Reset Service permissions
    04 - Register System Files
    05 - Repair WMI
    10 - Remove Policies Set By Infections
    17 - Repair Windows Updates
    21 - Repair MSI (Windows Installer)
    26 - Restore Important Windows Services
    27 - Set Windows Service to Default Startup
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.
===

Restart the computer normally.

How is the computer running now?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#14 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 105 posts

Posted 19 August 2017 - 06:58 PM

Seems quite better

 

 

 

 

 

Tweaking.com - Windows Repair 2018 (v4.0.3)
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601.23879
OS Service Pack: Service Pack 1
Computer Name: DONVANHORNE-HP
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Don Van Horne
Current Profile SID: S-1-5-21-2844776404-49628929-1600567784-1001
Current Profile Classes: S-1-5-21-2844776404-49628929-1600567784-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Don Van Horne\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:21:03

Process Count: 25
Commit Total: 1.41 GB
Commit Limit: 15.96 GB
Commit Peak: 1.73 GB
Handle Count: 6666
Kernel Total: 517.55 MB
Kernel Paged: 428.29 MB
Kernel Non Paged: 89.27 MB
System Cache: 1.15 GB
Thread Count: 373
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.98 GB
Memory Used: 1.39 GB(17.4146%)
Memory Avail.: 6.59 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.98 GB
Memory Used: 1.13 GB(14.1856%)
Memory Avail.: 6.85 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (8/19/2017 5:25:32 PM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 125
 
01 - Reset Registry Permissions
   Restore Windows 7/8/10 Default Registry Permissions
   Start (8/19/2017 5:25:33 PM)


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hku.7z
Done,  0.18 seconds.


Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hklm.7z
Done,  1.48 seconds.

   Running Repair Under System Account
   Done (8/19/2017 5:26:07 PM)

03 - Reset Service Permissions
   Start (8/19/2017 5:26:07 PM)

   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:26:19 PM)

04 - Register System Files
   Start (8/19/2017 5:26:19 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:27:15 PM)

05 - Repair WMI
   Start (8/19/2017 5:27:15 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Norton Security Suite Exported.

   Exporting AntiSpyware Info...
   Windows Defender Exported.
   Norton Security Suite Exported.

   Exporting 3rd Party Firewall Info...
   Norton Security Suite Exported.

   Running Repair Under Current User Account
   Done (8/19/2017 5:38:00 PM)

10 - Remove Policies Set By Infections
   Start (8/19/2017 5:38:00 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:38:03 PM)

16 - Repair Windows Updates
   Start (8/19/2017 5:38:03 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.13 seconds.

   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (8/19/2017 5:39:19 PM)

20 - Repair MSI (Windows Installer)
   Start (8/19/2017 5:39:19 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.13 seconds.

   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:39:30 PM)

25 - Restore Important Windows Services
   Start (8/19/2017 5:39:30 PM)

Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.13 seconds.

   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:39:36 PM)

26 - Set Windows Services To Default Startup
   Start (8/19/2017 5:39:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/19/2017 5:39:40 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (8/19/2017 5:39:40 PM)
   Total Repair Time: 00:14:10


...YOU MUST RESTART YOUR SYSTEM...

 

 

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Repair WMI File

 

The following services are dependent on the Windows Management Instrumentation service.
Stopping the Windows Management Instrumentation service will also stop these services.

   Malwarebytes Service

The Malwarebytes Service service is stopping.
The Malwarebytes Service service was stopped successfully.

The Windows Management Instrumentation service is stopping.
The Windows Management Instrumentation service was stopped successfully.

Could Not Find C:\Windows\System32\LogFiles\WMI\RtBackup\*.*
The directory is not empty.
Deleted file - C:\Windows\System32\Wbem\Repository\INDEX.BTR
Deleted file - C:\Windows\System32\Wbem\Repository\MAPPING1.MAP
Deleted file - C:\Windows\System32\Wbem\Repository\MAPPING2.MAP
Deleted file - C:\Windows\System32\Wbem\Repository\MAPPING3.MAP
Deleted file - C:\Windows\System32\Wbem\Repository\OBJECTS.DATA
Deleted file - C:\Windows\System32\Wbem\AutoRecover\1BA88ACB624E02A260404A9D8F7BD8E5.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\26A5A04A346330E389400293E01228AC.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\32C943873CC624333BD0BF2A77384240.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\341285245F81AA74FE6654017E06C685.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\3FA3650B664BC96A8672EC85A7AE4225.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\451233ED13E097000776690B79D8D753.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\4A870B469F34065CA18AB1FDF6312BDF.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\4D63DBC2E2F583689FBD5757DE239E05.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\542DC56D520FDDEDA279A0D2F398203D.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\6792FDA793556851BD20EA3DD8BD4F6B.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\6F8564A71977AE6B940705DCC4847A8D.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\7073EBB8E2F3C70E0FA1F650B7DEA970.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\716FDC254E211F547A560E1A71D0E6CA.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\779E080B33F322115205BB50F1E0B8D1.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\7C45C8B7490D3AD44A961494C7FBFAFD.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\807DD20ADF6F5D5EEA0C4E4CF016E69E.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\BBF206490BAA431B592F9A13534F43F6.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\C848E1EED73B9992693EEDD7389E07F8.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\CF881EBD6F50B8BAA9BD57DC3DAC5CB2.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\CF8C0786491B25E81EAF9CD909AF06EA.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\D361F8B496FD6DAF7BEEF497E09C0DC1.mof
Deleted file - C:\Windows\System32\Wbem\AutoRecover\E6195BA9E153534E5472835E2F29A5B0.mof
Service configuration changes failed
Error code:  0x0000007E
WMI repository reset failed
Error code:  0x8007007E
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\as.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\av.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\fw.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v2.0.50727\adonetdiag.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\microsoft.net\framework\v2.0.50727\adonetdiag.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v2.0.50727\aspnet.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v2.0.50727\clr.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v4.0.30319\adonetdiag.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\microsoft.net\framework\v4.0.30319\adonetdiag.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v4.0.30319\aspnet.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v4.0.30319\mof\servicemodel.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework\v4.0.30319\mof\servicemodel35.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v2.0.50727\adonetdiag.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\microsoft.net\framework64\v2.0.50727\adonetdiag.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v2.0.50727\aspnet.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v2.0.50727\clr.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v4.0.30319\adonetdiag.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\microsoft.net\framework64\v4.0.30319\adonetdiag.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v4.0.30319\aspnet.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v4.0.30319\mof\servicemodel.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\microsoft.net\framework64\v4.0.30319\mof\servicemodel35.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\restartmanager.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\restartmanager.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\restartmanageruninstall.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\restartmanageruninstall.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\en-us\restartmanager.mfl
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\en-us\restartmanager.mfl does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\en-us\restartmanageruninstall.mfl
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\en-us\restartmanageruninstall.mfl does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\msdtc\trace\msdtctr.mof
c:\windows\system32\msdtc\trace\msdtctr.mof (5): error SYNTAX 0X8004400a: Unexpected token at file scope

Compiler returned error 0x8004400aMicrosoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\aeinv.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\auditrsop.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\authfwcfg.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\authfwcfg.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\auxiliarydisplayapi.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\auxiliarydisplayapi.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\auxiliarydisplaycpl.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\auxiliarydisplaycpl.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\auxiliarydisplaydriverlib.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\auxiliarydisplaydriverlib.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\auxiliarydisplayservices.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\auxiliarydisplayservices.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\bcd.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\bcd.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\bthmtpenum.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\bthmtpenum.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\cimdmtf.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\cimwin32.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\cli.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\cliegaliases.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\devicepairinghandler.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\devicepairinghandler.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\dimsjob.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\dimsjob.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\dimsroam.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\dimsroam.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\dot3.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\dot3.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\drvinst.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\drvinst.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\dshowrdpfilter.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\dshowrdpfilter.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\dsprov.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\eaimeapi.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\eaimeapi.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fdphost.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fdphost.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fdrespub.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fdrespub.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fdssdp.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fdssdp.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fdwnet.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fdwnet.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fdwsd.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fdwsd.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\filetrace.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\filetrace.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\firewallapi.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\firewallapi.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fundisc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fundisc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\fwcfg.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\fwcfg.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\hbaapi.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\hnetcfg.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\imapiv2-base.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\imapiv2-base.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\imapiv2-filesystemsupport.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\imapiv2-filesystemsupport.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\imapiv2-legacyshim.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\imapiv2-legacyshim.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\interop.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ipbusenum.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\ipbusenum.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ipsecsvc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\ipsecsvc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\irda.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\irda.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\irmon.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\irmon.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\iscsidsc.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\iscsihba.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\iscsiprf.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\iscsirem.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\iscsirem.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\kerberos.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\krnlprov.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\l2gpstore.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\l2gpstore.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\l2sechc.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\lltdio.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\lltdio.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\lltdsvc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\lltdsvc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\lsasrv.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\lsasrv.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mblctr.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mblctr.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\microsoft-windows-remote-filesystem.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\microsoft-windows-remote-filesystem.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mmc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mmc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mountmgr.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mountmgr.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mpsdrv.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mpsdrv.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mpssvc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mpssvc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\msfeeds.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\msfeeds.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\msfeedsbs.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\msfeedsbs.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\msi.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\msiscsi.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\msiscsi.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mstsc.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mstscax.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\msv1_0.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\mswmdm.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\mswmdm.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\napclientprov.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\napclientschema.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\nci.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ncprov.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ncsi.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\ncsi.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ndistrace.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\netprofm.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\netprofm.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\networkitemfactory.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\networkitemfactory.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\networkmap.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\networkmap.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\newdev.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\newdev.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\nlasvc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\nlasvc.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\nlsvc.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\nshipsec.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\nshipsec.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ntevt.mof
MOF file has been successfully parsed
Storing data in the repository...
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\ntfs.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\ntfs.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\onex.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\onex.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\p2p-collab.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\p2p-collab.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\p2p-mesh.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\p2p-mesh.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\p2p-pnrp.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\p2p-pnrp.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\partmgr.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\partmgr.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\pnpsetup.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32\wbem\pnpsetup.mof does not contain #PRAGMA AUTORECOVER.
If the WMI repository is rebuilt in the future, the contents of this MOF file will not be included in the new WMI repository.
To include this MOF file when the WMI Repository is automatically reconstructed, place the #PRAGMA AUTORECOVER statement on the first line of the MOF file.
Done!
Microsoft ® MOF Compiler Version 6.1.7600.16385
Copyright © Microsoft Corp. 1997-2006. All rights reserved.
Parsing MOF file: c:\windows\system32\wbem\pnpxassoc.mof
MOF file has been successfully parsed
Storing data in the repository...
WARNING: File c:\windows\system32

Edited by mvtrucking, 19 August 2017 - 06:59 PM.


#15 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 20 August 2017 - 08:00 AM


Hi,

If you still have problems running some audio, etc... files?

I suggest you reinstall the program you were using to open them.

Let me know if the problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!