• De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

[Opgelost] Browser slaat sommige wachtwoorden niet op

Status
Niet open voor verdere reacties.
Re: Browser slaat sommige wachtwoorden niet op

Laten we eens zien wat een standaard log erover zegt:

Download
51f51523a23a0-OTL_Canned_Nieuw.png
OTL.exe

Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters!

OTL.exe gebruiken:
    • Windows 2000 en Windows XP: dubbelklik op OTL.exe.
    • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".

  • Zet een vinkje bij Scan All Users, LOP Check en bij PURITY Check.
  • Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder
    4f9111a6d2a6c-OTL-2.png


    Code:
    services.*
    explorer.exe
    svchost.exe
    netsvcs
    msconfig
    PRC - Processes
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %PROGRAMFILES%\*
    CREATERESTOREPOINT
  • Klik vervolgens op de knop
    50cd93c69be5b-OTL_-_Run_Scan_knop.jpg
    .
  • Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
  • De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
    • Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.
In geval de inhoud van een van de logs of van beide logs te groot is om te posten, kijk dan hier: Hoe een bijlage toevoegen?
 
Re: Browser slaat sommige wachtwoorden niet op

Tot nu toe had ik altijd de klassieke variant van Startpage en die wordt dus door JRT weggegooid. Nu heb ik eens de "moderne" variant geprobeerd en die blijft wel staan. In SRWare Iron staat nog de klassieke.

Een ander probleem is de addon 'bug489729(disable detag and tear off tab)'. Ook die gooit JRT steeds weg, maar zonder deze addon opent een nieuw Firefox venster zodra ik op een link klik. Binnen 10 minuten staan dan 5 Firefoxen open. De installatie van deze addon was de uitkomst van een lange gedachtewisseling op het Mozilla forum.

Wat denkt u hiervan, Abraham54?
 
Re: Browser slaat sommige wachtwoorden niet op

Je mag ook tegen mij jijen hoor.
Indien je probleem op die wijze is opgelost, is het goed.
 
Re: Browser slaat sommige wachtwoorden niet op

Uw OTL-bericht zag ik pas na mijn vorige bijdrage (geen notificatie ontvangen). Dus de addon 'bug et cetera' kan geen kwaad?

Bekijk bijlage Extras.Txt

OTL text is blijkbaar te groot voor de bijlagen. Daarom maar een kopie van de inhoud hieronder. Ik zie namen die al lang verdwenen hadden moeten zijn en waardoor de "desktop" onder de "pictures" is beland begrijp ik ook niet.

OTL logfile created on: 4-2-2017 21:14:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lon\OneDrive\Pictures\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18537)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

3,86 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 61,57% Memory free
7,73 Gb Paging File | 5,87 Gb Available in Paging File | 75,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 295,98 Gb Free Space | 63,56% Space Free | Partition Type: NTFS

Computer Name: LON-PC | User Name: Lon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2017-02-04 21:10:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lon\OneDrive\Pictures\Desktop\OTL.exe
PRC - [2017-02-04 17:25:42 | 004,862,608 | ---- | M] (SurfRight B.V.) -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
PRC - [2016-08-10 11:54:21 | 001,153,448 | ---- | M] () -- C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
PRC - [2016-08-10 11:54:21 | 000,914,344 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
PRC - [2016-08-10 11:54:21 | 000,124,536 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
PRC - [2014-10-08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2014-10-08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012-05-12 01:27:04 | 000,473,088 | ---- | M] () -- C:\Program Files (x86)\NetTime\NetTimeService.exe
PRC - [2009-12-16 10:21:36 | 000,890,208 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe
PRC - [2007-04-02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe


========== Modules (No Company Name) ==========

MOD - [2016-08-10 11:54:21 | 001,153,448 | ---- | M] () -- C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe


========== Services (SafeList) ==========

SRV:64bit: - [2016-12-14 13:13:42 | 004,317,648 | ---- | M] (Malwarebytes) [On_Demand | Stopped] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2016-11-12 20:08:26 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2016-08-22 17:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2016-05-10 09:26:41 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014-07-23 00:31:23 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2013-05-27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-07-14 02:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2017-02-04 17:25:42 | 004,862,608 | ---- | M] (SurfRight B.V.) [Auto | Running] -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe -- (hmpalertsvc)
SRV - [2017-01-27 11:40:15 | 000,196,040 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016-11-29 22:34:16 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016-08-10 11:54:21 | 000,914,344 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) [Auto | Running] -- C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe -- (QHActiveDefense)
SRV - [2014-10-08 17:18:56 | 000,211,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2014-10-08 17:18:50 | 000,534,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2014-03-20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012-05-12 01:27:04 | 000,473,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NetTime\NetTimeService.exe -- (NetTimeSvc)
SRV - [2009-12-16 10:21:36 | 000,890,208 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragservice.exe -- (Ashampoo Defrag Service)
SRV - [2008-05-21 12:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2007-04-02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2017-02-04 17:26:05 | 000,267,088 | ---- | M] (SurfRight B.V.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hmpalert.sys -- (hmpalert)
DRV:64bit: - [2017-02-04 17:26:05 | 000,092,200 | ---- | M] (SurfRight B.V.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hmpnet.sys -- (hmpnet)
DRV:64bit: - [2016-10-12 17:45:03 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2016-10-12 17:38:56 | 000,033,960 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2016-10-12 17:29:44 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2016-08-10 23:13:22 | 000,158,848 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2016-08-10 11:54:20 | 000,391,392 | ---- | M] (360.cn) [File_System | System | Running] -- C:\Windows\SysNative\drivers\360fsflt.sys -- (360FsFlt)
DRV:64bit: - [2016-08-10 11:54:20 | 000,330,472 | ---- | M] (360.cn) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\360Box64.sys -- (360Box64)
DRV:64bit: - [2016-08-10 11:54:20 | 000,190,696 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BAPIDRV64.SYS -- (BAPIDRV)
DRV:64bit: - [2016-08-10 11:54:20 | 000,151,784 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\360AntiHacker64.sys -- (360AntiHacker)
DRV:64bit: - [2016-08-10 11:54:20 | 000,086,248 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\360AvFlt.sys -- (360AvFlt)
DRV:64bit: - [2016-08-10 11:54:20 | 000,040,520 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\360Camera64.sys -- (360Camera)
DRV:64bit: - [2016-05-20 09:50:40 | 000,047,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\MDA_NTDRV.sys -- (MDA_NTDRV)
DRV:64bit: - [2016-05-10 09:26:42 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2016-05-10 09:26:42 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2016-05-10 09:08:33 | 000,333,864 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57amd64.sys -- (k57nd)
DRV:64bit: - [2016-05-04 08:12:32 | 000,036,872 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2014-10-08 17:18:56 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvolwin7.sys -- (Sftvol)
DRV:64bit: - [2014-10-08 17:18:54 | 000,029,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirwin7.sys -- (Sftredir)
DRV:64bit: - [2014-10-08 17:18:52 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaywin7.sys -- (Sftplay)
DRV:64bit: - [2014-10-08 17:18:50 | 000,767,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfswin7.sys -- (Sftfs)
DRV:64bit: - [2014-08-19 04:07:06 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2013-10-02 03:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-10-11 18:06:34 | 000,241,800 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scrcamhrdrv_x64.sys -- (PCWinSoft)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011-07-22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011-07-12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-07-01 18:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010-02-12 22:52:02 | 002,203,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009-09-17 18:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2017-01-20 12:30:20 | 000,027,552 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2016-08-10 11:54:20 | 000,086,248 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\360AvFlt.sys -- (360AvFlt)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://classic.startpage.com/do/mypage.pl?prf=1ece35da504b5c8cf9c1872b9089ede0
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = F2 F8 F8 5A A6 02 D2 01 [binary data]
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\..\SearchScopes,DefaultScope = {32A3CF9F-B2EF-43DE-8304-E6A3BA468FE0}
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=;

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "NL"
FF - prefs.js..browser.search.region: "NL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: " https://www.startpage.com/do/mypage.pl?prf=40314736ed4bdf0017a1df2398e87a3f"
FF - prefs.js..extensions.enabledAddons: %7BB5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC%7D:0.3.8.4.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: WebProtection%40360safe.com:5.0.0.1008
FF - prefs.js..extensions.enabledAddons: s3menu%40wizard:5.05
FF - prefs.js..extensions.enabledAddons: bug489729%40alice0775:2.1.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:51.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@updates.epicbrowser.com/Epic Privacy Browser Installer;version=3: C:\Users\Lon\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@updates.epicbrowser.com/Epic Privacy Browser Installer;version=9: C:\Users\Lon\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2017-02-03 10:25:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Extensions
[2017-02-04 14:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\browser-extension-data
[2017-02-04 13:29:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\browser-extension-data\gmailnoads@mywebber.com
[2017-02-04 14:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\browser-extension-data\jid1-MnnxcxisBPnSXQ@jetpack
[2017-02-04 21:08:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extension-data
[2017-02-04 21:11:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions
[2017-02-04 18:28:24 | 000,000,000 | ---D | M] (Flash Video Downloader - YouTube HD Download [4K]) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\artur.dubovoy@gmail.com
[2017-02-04 21:11:49 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="bug489729@alice0775" em:version="2.1.1-signed.1-signed" em:type="2" em:unpack="true" em:name="bug489729(Disable detach and tear off tab)" em:description="Workaround Bug 489729 - Clicking a tab once and then moving your mouse in a downward motion causes a new window to open." em:creator="Alice0775" em:eek:ptionsURL="chrome://bug489729/content/pref.xul" em:homepageURL="http://space.geocities.yahoo.co.jp/gl/alice0775">) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\bug489729@alice0775
[2017-02-04 15:13:08 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\de-DE@dictionaries.addons.mozilla.org
[2017-02-04 15:12:45 | 000,000,000 | ---D | M] (Dictionnaire français) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\fr-dicollecte@dictionaries.addons.mozilla.org
[2017-02-04 15:12:26 | 000,000,000 | ---D | M] (British English Dictionary (Marco Pinto)) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\marcoagpinto@mail.telepac.pt
[2017-02-04 15:11:57 | 000,000,000 | ---D | M] (Woordenboek Nederlands) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\nl-NL@dictionaries.addons.mozilla.org
[2017-02-04 13:33:56 | 000,000,000 | ---D | M] (360 Internet Protection for Firefox) -- C:\Users\Lon\AppData\Roaming\mozilla\Firefox\Profiles\tq9b6bnt.default-1486210513190\extensions\WebProtection@360safe.com
[2017-02-04 18:36:52 | 000,010,991 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\@google-image.xpi
[2017-02-04 13:32:12 | 000,442,914 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
[2017-02-04 18:54:26 | 005,277,444 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\firefox@mega.co.nz.xpi
[2017-02-04 13:29:38 | 000,385,969 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\gmailnoads@mywebber.com.xpi
[2017-02-04 14:06:14 | 001,720,050 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\hotspot-shield@anchorfree.com.xpi
[2017-02-04 18:30:11 | 000,033,907 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\jid1-hnmMaq1milpehc6uI@jetpack.xpi
[2017-02-04 13:28:09 | 000,153,739 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi
[2017-02-04 14:06:47 | 001,804,214 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi
[2017-02-04 13:37:40 | 000,135,331 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\s3menu@wizard.xpi
[2017-02-04 13:55:08 | 000,044,685 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\TabAutoReload@schuzak.jp.xpi
[2017-02-04 13:29:11 | 001,547,755 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\uBlock0@raymondhill.net.xpi
[2017-02-04 13:33:56 | 000,033,210 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi
[2017-02-04 13:28:13 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\features\{53c75906-61f3-4b5f-b59e-64f1429d46ff}\diagnostics@mozilla.org.xpi
[2017-02-04 13:28:16 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Lon\AppData\Roaming\mozilla\firefox\profiles\tq9b6bnt.default-1486210513190\features\{53c75906-61f3-4b5f-b59e-64f1429d46ff}\hsts-priming@mozilla.org.xpi
File not found (No name found) -- C:\USERS\LéON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ9B6BNT.DEFAULT-1486210513190\EXTENSIONS\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.XPI
File not found (No name found) -- C:\USERS\LéON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ9B6BNT.DEFAULT-1486210513190\EXTENSIONS\BUG489729@ALICE0775
File not found (No name found) -- C:\USERS\LéON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ9B6BNT.DEFAULT-1486210513190\EXTENSIONS\S3MENU@WIZARD.XPI
File not found (No name found) -- C:\USERS\LéON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TQ9B6BNT.DEFAULT-1486210513190\EXTENSIONS\WEBPROTECTION@360SAFE.COM

Hosts file not found
O4 - HKLM..\Run: [DefragTaskBar] C:\Program Files (x86)\Ashampoo\Ashampoo Magical Defrag 3\defragtaskbar.exe ()
O4 - HKLM..\Run: [NetTime] C:\Program Files (x86)\NetTime\NetTime.exe ()
O4 - HKLM..\Run: [QHSafeTray] C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000..\Run: [f.lux] C:\Users\Lon\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000..\Run: [OneDrive] C:\Users\Lon\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000..\Run: [RadioSure] C:\Users\Lon\AppData\Local\RadioSure\RadioSure.exe (TheBestWare Studio)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3985488779-3452437005-2477218925-1000\..Trusted Domains: localhost ([]* in Trusted sites)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06E0C2FC-B357-4533-BC6C-C8D50EC9D645}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB1F482B-769C-44DA-8B61-72A57419643F}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^Users^Lon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe - (Mega Limited)
MsConfig:64bit - StartUpReg: FreeAC - hkey= - key= - C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
MsConfig:64bit - StartUpReg: stack - hkey= - key= - C:\Program Files (x86)\stack\stack.exe (TransIP)
MsConfig:64bit - State: "services" - Reg Error: Key error.
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2017-02-04 21:10:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lon\OneDrive\Pictures\Desktop\OTL.exe
[2017-02-04 21:00:49 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\CrashRpt
[2017-02-04 17:28:50 | 000,000,000 | R--D | C] -- C:\Users\Lon\Searches
[2017-02-04 17:26:05 | 000,903,312 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\hmpalert.dll
[2017-02-04 17:26:05 | 000,834,192 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysWow64\hmpalert.dll
[2017-02-04 17:26:05 | 000,267,088 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\drivers\hmpalert.sys
[2017-02-04 17:26:05 | 000,092,200 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\drivers\hmpnet.sys
[2017-02-04 17:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
[2017-02-04 17:26:04 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro.Alert
[2017-02-04 17:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HitmanPro.Alert
[2017-02-04 14:20:55 | 001,663,040 | ---- | C] (Malwarebytes) -- C:\Users\Lon\OneDrive\Pictures\Desktop\JRT.exe
[2017-02-04 10:34:37 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2017-02-03 11:16:25 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\ZD Soft
[2017-02-03 11:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZD Soft
[2017-02-03 10:29:22 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\Opera Software
[2017-02-03 10:29:22 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Opera Software
[2017-02-03 10:17:18 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\Moonchild Productions
[2017-02-03 10:17:18 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Moonchild Productions
[2017-01-31 13:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Photo Unblur
[2017-01-31 13:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Photo Unblur
[2017-01-30 11:01:41 | 000,000,000 | ---D | C] -- C:\Users\Lon\OneDrive\Documents\Any Audio Converter
[2017-01-27 16:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitFactor 4.3.0
[2017-01-27 16:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BelaDaddy Software
[2017-01-27 16:08:21 | 000,037,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\VIREG32.EXE
[2017-01-26 21:49:24 | 000,000,000 | -H-D | C] -- C:\Users\Lon\Nieuwe map F
[2017-01-26 16:11:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2017-01-26 12:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Audio Cutter
[2017-01-26 12:54:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2017-01-26 12:54:05 | 000,751,616 | ---- | C] (MoonLight Software Inc. 1999-2004) -- C:\Windows\SysWow64\VBOLock.ocx
[2017-01-26 12:54:05 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Comdlg32.ocx
[2017-01-26 12:53:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF32.DLL
[2017-01-26 12:53:57 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\W95INF16.DLL
[2017-01-26 12:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\My Audio Cutter
[2017-01-26 12:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Audio Cutter
[2017-01-25 11:23:15 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Downloaded Installations
[2017-01-24 13:56:59 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\wps
[2017-01-24 13:56:59 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\office6
[2017-01-24 13:52:50 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Kingsoft
[2017-01-24 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\kingsoft
[2017-01-24 13:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\kingsoft
[2017-01-22 16:39:47 | 000,000,000 | ---D | C] -- C:\Users\Lon\OneDrive\Documents\Artland
[2017-01-22 16:39:22 | 000,000,000 | ---D | C] -- C:\Users\Lon\OneDrive\Documents\Toshibake
[2017-01-22 16:38:41 | 000,000,000 | ---D | C] -- C:\Users\Lon\OneDrive\Documents\Haren
[2017-01-20 12:30:37 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2017-01-20 12:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2017-01-20 12:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
[2017-01-20 12:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2017-01-20 12:29:33 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\IObit
[2017-01-20 11:49:48 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\MailStore Home
[2017-01-20 11:49:31 | 000,000,000 | ---D | C] -- C:\ProgramData\firebird
[2017-01-20 11:49:23 | 000,000,000 | -H-D | C] -- C:\Users\Lon\OneDrive\Documents\MailStore Home
[2017-01-20 11:49:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MailStore Home
[2017-01-20 11:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\deepinvent
[2017-01-17 17:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\2LogicalSolutions
[2017-01-16 11:54:07 | 000,000,000 | -H-D | C] -- C:\Users\Lon\OneDrive\Documents\SoftMaker
[2017-01-16 11:54:07 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\SoftMaker
[2017-01-14 14:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Ashampoo
[2017-01-14 14:39:25 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Folderico
[2017-01-14 14:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
[2017-01-14 14:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Folderico
[2017-01-14 14:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Folderico
[2017-01-14 14:03:24 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\SoftorinoUpdates
[2017-01-14 13:22:32 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\ArcticLine
[2017-01-12 17:40:58 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\Jarte
[2017-01-12 16:41:20 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\GottCode
[2017-01-11 10:38:49 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017-01-11 10:38:48 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017-01-11 10:38:48 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017-01-11 10:38:48 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017-01-11 10:38:48 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017-01-11 10:38:47 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017-01-11 10:38:47 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017-01-11 10:38:47 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017-01-11 10:38:47 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017-01-11 10:38:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017-01-11 10:38:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017-01-11 10:38:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017-01-11 10:38:46 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017-01-11 10:38:46 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017-01-11 10:38:46 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017-01-11 10:38:46 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017-01-11 10:38:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017-01-11 10:38:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017-01-11 10:38:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017-01-11 10:38:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017-01-10 12:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Photo Denoise
[2017-01-10 12:54:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Easy Photo Denoise
[2017-01-09 15:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3Gain
[2017-01-08 10:54:42 | 000,000,000 | --SD | C] -- C:\Users\Lon\Downloads
[2017-01-06 14:40:33 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Roaming\Abelssoft
[2017-01-06 14:40:32 | 000,000,000 | ---D | C] -- C:\ProgramData\XDMessagingv4
[2017-01-06 14:40:31 | 000,000,000 | ---D | C] -- C:\Users\Lon\AppData\Local\Abelssoft
[2017-01-06 14:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CheckDrive
[2017-01-06 14:40:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckDrive
[2017-01-06 14:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2017-01-06 14:32:54 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011-04-18 21:51:20 | 000,653,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCR90.dll
[2011-04-18 21:51:20 | 000,569,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCP90.dll
[2010-12-16 20:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmmux.dll
[2010-12-16 20:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8encoder.dll
[2010-12-16 20:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8decoder.dll
[2010-12-16 20:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmsplit.dll

========== Files - Modified Within 30 Days ==========

[2017-02-04 21:10:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lon\OneDrive\Pictures\Desktop\OTL.exe
[2017-02-04 19:49:14 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017-02-04 19:49:14 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017-02-04 19:38:02 | 000,291,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017-02-04 19:37:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017-02-04 19:37:14 | 3111,514,112 | -HS- | M] () -- C:\hiberfil.sys
[2017-02-04 17:26:05 | 000,903,312 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\hmpalert.dll
[2017-02-04 17:26:05 | 000,834,192 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysWow64\hmpalert.dll
[2017-02-04 17:26:05 | 000,267,088 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\drivers\hmpalert.sys
[2017-02-04 17:26:05 | 000,092,200 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\drivers\hmpnet.sys
[2017-02-04 14:20:58 | 001,663,040 | ---- | M] (Malwarebytes) -- C:\Users\Lon\OneDrive\Pictures\Desktop\JRT.exe
[2017-02-02 09:07:30 | 000,250,816 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017-01-27 18:55:35 | 004,015,056 | ---- | M] () -- C:\Users\Lon\OneDrive\Pictures\Desktop\adwcleaner_6.043.exe
[2017-01-27 16:08:57 | 000,001,251 | ---- | M] () -- C:\Users\Lon\OneDrive\Pictures\Desktop\HitFactor 4.3.0.lnk
[2017-01-20 22:23:16 | 000,001,190 | ---- | M] () -- C:\Users\Lon\OneDrive\Pictures\Desktop\Privacy Eraser.lnk
[2017-01-20 12:30:20 | 000,027,552 | ---- | M] (REALiX(tm)) -- C:\Windows\SysWow64\drivers\HWiNFO64A.SYS
[2017-01-11 11:35:29 | 000,802,904 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017-01-11 11:35:29 | 000,144,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2017-02-04 19:37:28 | 000,291,920 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017-01-27 18:55:30 | 004,015,056 | ---- | C] () -- C:\Users\Lon\OneDrive\Pictures\Desktop\adwcleaner_6.043.exe
[2017-01-27 16:08:57 | 000,001,251 | ---- | C] () -- C:\Users\Lon\OneDrive\Pictures\Desktop\HitFactor 4.3.0.lnk
[2017-01-26 12:54:06 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe
[2017-01-26 12:54:06 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe
[2017-01-26 12:54:05 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2017-01-26 12:54:05 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
[2017-01-26 12:53:56 | 000,001,069 | ---- | C] () -- C:\Windows\SysWow64\vbrun60.inf
[2016-12-21 16:53:43 | 000,000,246 | ---- | C] () -- C:\Windows\SAWReg.ini
[2016-10-12 17:03:32 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2016-07-29 16:46:46 | 000,000,007 | -H-- | C] () -- C:\ProgramData\doceditors.asc
[2016-07-17 08:12:17 | 000,007,605 | ---- | C] () -- C:\Users\Lon\AppData\Local\Resmon.ResmonCfg
[2016-07-15 17:01:07 | 000,000,066 | ---- | C] () -- C:\Windows\progress.ini
[2016-07-07 08:08:40 | 000,086,448 | ---- | C] () -- C:\Windows\vssMgr.exe
[2016-07-07 08:08:40 | 000,086,448 | ---- | C] () -- C:\Windows\suite.vssMgr.exe
[2016-06-14 17:51:32 | 000,004,989 | ---- | C] () -- C:\ProgramData\mzemgkrx.fuc
[2016-05-29 09:28:42 | 000,000,246 | ---- | C] () -- C:\Windows\LSExeLock.ini
[2016-05-18 18:41:38 | 000,815,220 | ---- | C] () -- C:\Users\Lon\AppData\Local\census.cache
[2016-05-18 18:40:59 | 000,159,988 | ---- | C] () -- C:\Users\Lon\AppData\Local\ars.cache
[2016-05-18 18:31:34 | 000,000,010 | ---- | C] () -- C:\Users\Lon\AppData\Local\sponge.last.runtime.cache
[2016-05-18 18:22:07 | 000,000,036 | ---- | C] () -- C:\Users\Lon\AppData\Local\housecall.guid.cache
[2016-05-10 09:38:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2016-05-10 01:42:28 | 001,654,844 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016-01-28 13:32:24 | 000,796,768 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012-05-11 13:16:16 | 000,171,520 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
[2011-01-12 01:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files (x86)\Common Files\wmpinfo.dll
[2011-01-12 01:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
[2011-01-12 01:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
[2011-01-12 01:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
[2011-01-12 01:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll

========== ZeroAccess Check ==========

[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016-08-29 16:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016-08-29 16:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016-11-12 11:43:24 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\10-strike
[2016-10-28 10:28:29 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\360safe
[2016-10-10 13:07:31 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\360TotalSecurity
[2017-01-06 14:40:33 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Abelssoft
[2017-02-04 12:02:34 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Allavsoft
[2017-02-03 21:57:58 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Anvsoft
[2016-12-21 17:08:03 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\apm
[2017-01-14 13:22:32 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\ArcticLine
[2016-12-24 15:44:31 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Artweaver Free
[2017-01-14 13:27:41 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Ashampoo
[2016-05-12 08:55:04 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\ChemTable Software
[2016-05-10 21:56:02 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Cybertron
[2016-05-11 05:49:10 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Digiarty
[2016-09-23 20:33:33 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\DVDVideoSoft
[2016-10-21 11:46:56 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Engelmann Distribution
[2017-02-03 16:24:05 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Everything
[2017-01-03 20:54:10 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Fighters
[2016-12-04 16:28:31 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Geek Uninstaller
[2017-01-22 16:23:10 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\GemistDownloader
[2017-01-20 12:29:33 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\IObit
[2016-11-28 11:58:47 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\iPodder
[2017-01-12 17:45:38 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Jarte
[2016-06-09 10:23:24 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\JixiPixCommon
[2016-05-29 17:39:28 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\JPEGView
[2016-09-22 07:28:27 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\KC Softwares
[2017-01-24 13:56:56 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\kingsoft
[2017-02-03 10:20:07 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Moonchild Productions
[2016-12-04 17:12:04 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\mp3DirectCut
[2017-02-03 22:04:33 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Mp3tag
[2017-01-24 13:56:59 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\office6
[2017-02-03 10:41:22 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Opera Software
[2016-06-09 10:23:31 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\Romantic Photo
[2016-11-20 15:44:41 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\SecurityXploded
[2017-02-04 20:46:54 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\SoftGrid Client
[2017-01-16 12:04:06 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\SoftMaker
[2016-05-16 05:23:36 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\SumatraPDF
[2016-08-12 17:18:06 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\SuperEZ Wave Editor Pro
[2016-05-18 17:10:37 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\TP
[2016-11-03 08:13:12 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\videos
[2017-01-24 13:56:59 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\wps
[2017-01-31 17:11:46 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\youtubejs
[2016-11-23 10:41:32 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\YoWindow
[2017-02-03 11:16:25 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\ZD Soft
[2017-01-04 11:45:00 | 000,000,000 | ---D | M] -- C:\Users\Lon\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}

========== Purity Check ==========



========== Custom Scans ==========

< services.* >
[2009-07-14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 06:08:49 | 000,032,622 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< explorer.exe >

< svchost.exe >

< PRC - Processes >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2017-01-20 12:30:20 | 000,027,552 | ---- | M] (REALiX(tm)) -- C:\Windows\system32\drivers\HWiNFO64A.SYS

< %PROGRAMFILES%\* >
[2009-07-14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

========== Files - Unicode (All) ==========
[2016-05-17 04:45:21 | 000,016,384 | ---- | M] ()(C:\Windows\SysWow64\??{) -- C:\Windows\SysWow64\??{
[2016-05-17 04:45:17 | 000,016,384 | ---- | C] ()(C:\Windows\SysWow64\??{) -- C:\Windows\SysWow64\??{
[2016-05-16 15:45:43 | 000,016,384 | ---- | M] ()(C:\Windows\SysWow64\?Ua) -- C:\Windows\SysWow64\?Ua
[2016-05-16 15:45:39 | 000,016,384 | ---- | C] ()(C:\Windows\SysWow64\?Ua) -- C:\Windows\SysWow64\?Ua
[2016-05-12 05:36:34 | 000,016,384 | ---- | M] ()(C:\Windows\SysWow64\H4?) -- C:\Windows\SysWow64\H4?
[2016-05-12 05:36:31 | 000,016,384 | ---- | C] ()(C:\Windows\SysWow64\H4?) -- C:\Windows\SysWow64\H4?
[2016-05-11 14:24:46 | 000,016,384 | ---- | M] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\??
[2016-05-11 14:24:43 | 000,016,384 | ---- | C] ()(C:\Windows\SysWow64\??) -- C:\Windows\SysWow64\??

========== Alternate Data Streams ==========

@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:39413AC3

< End of report >
 
Re: Browser slaat sommige wachtwoorden niet op

OTL rapporteert dat jouw Windows op dit moment geen hostfile heeft.

Dat gaan we repareren!


In Windows Vista/Windows 7/Windows 8/Windows 10: open een nieuw kladblokdocument middels rechtsklik en kiezen voor "Als administrator uitvoeren.

Klik in de menubalk op "Bestand" en kies dan voor "Openen"
Verander rechtsonder in het document de instelling naar "Alle bestanden".

Navigeer dan vervolgens naar C:\Windows\System32\drivers\etc

Voorbeeld:

504dc1522864c-hostsfile.jpg


Klik nu op hosts.
De inhoud van hosts zal nu in het document getoond worden.

Druk de toetscombinatie CTRL+A in en daarna de Delete-toets - nu is het hostbestand leeg.


Kopieer nu onderstaande, vetblauw aangeven tekst en plak die in het lege hostbestand.
Daarna via Bestand voor Opslaan kiezen.

Code:
[B][SIZE=4][COLOR="#0000FF"]# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost[/COLOR][/SIZE][/B]


Na deze aktie bevat Windows weer het origele MS-hostbestand.

N.B.: het kan gebeuren dat bij opslaan van het nieuwe hosts-bestand een foutmelding komt.
Dat betekent dat de gebruikte antivirus de host-file beschermd - dan dus eerst de antivirus deaktiveren.

Alternatief kan je bovenstaande ook uitvoeren in Veilige modus.
Hoe daar te komen zie je hier: http://users.telenet.be/marcvn/spyware/veilige-modus.html



Sluit voordat
51f51523a23a0-OTL_Canned_Nieuw.png
OTL de fix gaat doen, eerst alle andere openstaande vensters!

  • Windows 2000 en Windows XP: dubbelklik op OTL.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".
    [*]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het venster onder
    4f9111a6d2a6c-OTL-2.png

Code:
:OTL 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_ 194.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKCU\Software\MozillaPlugins\@updates.epicbrowser. com/Epic Privacy Browser Installer;version=3: C:\Users\Lon\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@updates.epicbrowser. com/Epic Privacy Browser Installer;version=9: C:\Users\Lon\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll File not found
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:39413AC3


:Services


:Reg


:Files
ipconfig /flushdns /c
C:\ProgramData\TEMP:39413AC3

:Commands
[purity]
[emptytemp]
[resethosts]
[emptyjava]
[emptyflash]
[createrestorepoint]
[reboot]


  • Klik daarna bovenaan op
    4f911cee9da59-OTL-4.png
  • Laat het programma ongestoord zijn werk doen.
  • OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.
  • Klik op OK
  • Na het opnieuw opstarten wordt enkel een nieuw log geopend.
  • Post via kopiren en plakken de inhoud van dat OTL-scanlog.
 
Laatst bewerkt:
Re: Browser slaat sommige wachtwoorden niet op

Hallo Abraham54,

Wat mij al 5 keer of zo is overkomen is dit:

Er is/was een klein probleem. In dit geval: SRWare Iron weigert de gebruikersnaam en het wachtwoord van mijn bibliotheek op te slaan. Ik wend mij tot een computer forum.

Een paar dagen later zit ik midden in een "ernstig Windows probleem". Het komt tot een reparatie. Vervolgens stort de hele Windows in. Ik moet de laptop naar de winkel brengen en flink dokken. Sinds afgelopen mei heb ik gelukkig een opstartbare usb-stick met Windows 7 en kan ik zelf Windows opnieuw installeren. Met allerlei update gedoe, verlies van programmas, enzovoort, enzovoort, enzovoort.

Ik heb vandaag nog een sfc /scannow gedaan en "er werden geen schendingen van de integriteit gevonden.

Vraag: is deze reparatie echt noodzakelijk? Wat is precies/ongeveer het probleem?

Misschien vind je mij wel een zeikerd, maar als ezel wil ik mij niet voor de zesde keer aan dezelfde steen stoten.
 
Re: Browser slaat sommige wachtwoorden niet op

Het is heel simpel: not found en middels de fix verwijderen stroomlijnt Firefox en Windows.

Je wil toch weten waarom ik vrijwel nooit problemen met de vos heb?
 
Re: Browser slaat sommige wachtwoorden niet op

Aangekomen bij 'C:\Windows\System32\drivers\etc': 'hosts' staat er niet bij.

De vier die er onder staan (in de afbeelding hierboven), zie ik wel.

--- Update ---

Kijk hier maar eens, waarom jij de host file werkend wil hebben.

Hallo aarie25,

Het artikel van Menno Schoone overtuigt mij juist niet. Hij heeft het volgens mij over een hostsbestand dat steeds weer ge-update zou moeten worden. (Via de Hostsman). Op deze Hostsman zit ik ook niet echt te wachten.

Overigens ben ik eerder uit op probleemvermijding dan op snelheid. Ik heb tijd genoeg, zolang ik maar niet hoef te wachten op langdurig draaiende rondjes.
 
Laatst bewerkt door een moderator:
Re: Browser slaat sommige wachtwoorden niet op

Hallo Leono,

Het linkje ging mij om het eerste deel, dat je weet waarvoor de host file dient, je hoeft niet de Hostsman te gebuiken :smile:
zoals dit ->
The computer file hosts is an operating system file that maps hostnames to IP addresses.

The hosts file is one of several system facilities that assists in addressing network nodes in a computer network. It is a common part of an operating system's Internet Protocol (IP) implementation, and serves the function of translating human-friendly hostnames into numeric protocol addresses, called IP addresses, that identify and locate a host in an IP network.
 
Re: Browser slaat sommige wachtwoorden niet op

Als ik geen hosts-bestand heb, zoals Abraham54 zelf constateerde, hoe kan ik er dan naar toe navigeren om het te ledigen?

Zonder hosts-bestand is de mens teruggeworpen op zichzelf. :smile:
 
Re: Browser slaat sommige wachtwoorden niet op

Heb je gedaan zoals Abraham het heeft uitgelegd?
 
Re: Browser slaat sommige wachtwoorden niet op

Download HostsXpert hier
HostEpert gebruiken:

  • Windows 2000 en Windows XP: open de map "HostExpert" en dubbelklik op Hoster.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10 : open de map "HostExpert" en start Hoster.exe middels rechtsklik daarop waarbij jij kiest voor Als Administrator uitvoeren.
  • Klik nu op de knop Make Writeable?
    • Indien je enkel een Make Read-Only selection ziet, dan is het herschrijven al aktief.
  • Klik nu eerst op de knop Restore Microsofts Original Hosts File.
  • Klik vervolgens op de knop OK en sluit dan het het programma.
 
Laatst bewerkt:
Re: Browser slaat sommige wachtwoorden niet op

Gaat het internetten nu beter?
 
Re: Browser slaat sommige wachtwoorden niet op

Echt beter gaat het sinds de fix niet, op zijn best gaat het even goed.

--- Update ---

Vergeleken met 2 februari 2017, 20:16 uur is de situatie in elk geval zeer sterk verbeterd.

Hartelijk dank heren 25, Rubensky en 54! We kunnen er weer even tegen.
 
Re: Browser slaat sommige wachtwoorden niet op

Geen dank! Mooi dat het nu beter werkt.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan