Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015 Ran by Gebruiker at 2015-01-12 14:07:25 Run:1 Running from E:\wvh\Downloads\ZOEK.exe\Farbar recovery scan Loaded Profile: Gebruiker (Available profiles: Gebruiker) Boot Mode: Normal ============================================== Content of fixlist: ***************** E:\wvh\Downloads\DTLite4491-0356.exe E:\wvh\Downloads\DTLite4491-0356 (1).exe C:\Users\Gebruiker\AppData\Roaming\Elex-tech FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) C:\Program Files\Foxit Software CHR HKU\S-1-5-21-235396244-3051213757-2033591465-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path S3 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242912 2014-09-11] (Foxit Software Inc.) S1 iSafeKrnlMon; No ImagePath File: C:\WINDOWS\system32\msimtf.dll Folder: C:\Users\Gebruiker\AppData\Roaming\Saladin Folder: C:\Program Files\Saladin Task: {284D1F2E-FAFB-48E7-837D-21AE88B63FA3} - \Driver Booster SkipUAC (Gebruiker) No Task File <==== ATTENTION Task: {513D58B7-38CD-4E8B-AA96-593AC5AC6936} - \Driver Booster Startup No Task File <==== ATTENTION Task: {9D86CDD8-B59E-4862-AA09-E251BC56FD2F} - System32\Tasks\{9525A1E1-3B21-459E-9A38-7D6110BC21E9} => pcalua.exe -a C:\Users\Gebruiker\Downloads\RapportSetup.exe -d C:\Users\Gebruiker\Downloads C:\Users\Gebruiker\Downloads\RapportSetup.exe Task: {D420A2C0-5F43-4CAE-BFAD-3B3C2BC49801} - System32\Tasks\{FE803910-E5B6-4697-AF53-DCC5BAE4215F} => pcalua.exe -a C:\Users\Gebruiker\Downloads\RpprtSetup.exe -d C:\Users\Gebruiker\Downloads Task: {DC46A9F9-D619-4F8F-A60C-870A9220A2BD} - System32\Tasks\{F96B317C-865D-4F21-86E8-0CC63FAB6E37} => pcalua.exe -a M:\WinZip\WINZIP32.EXE -d M:\WinZip AlternateDataStreams: C:\Users\Gebruiker\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Gebruiker\SkyDrive (2):ms-properties ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49967;https=127.0.0.1:49967 EmptyTemp: ***************** "E:\wvh\Downloads\DTLite4491-0356.exe" => File/Directory not found. "E:\wvh\Downloads\DTLite4491-0356 (1).exe" => File/Directory not found. "C:\Users\Gebruiker\AppData\Roaming\Elex-tech" => File/Directory not found. "HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf" => Key deleted successfully. C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll => Moved successfully. "HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf" => Key deleted successfully. C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll not found. "HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp" => Key deleted successfully. C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll not found. "HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf" => Key deleted successfully. C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll not found. C:\Program Files\Foxit Software => Moved successfully. "HKU\S-1-5-21-235396244-3051213757-2033591465-1000\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => Key deleted successfully. FoxitCloudUpdateService => Service deleted successfully. iSafeKrnlMon => Service deleted successfully. ========================= File: C:\WINDOWS\system32\msimtf.dll ======================== MD5: 513D77A8EE3FF8067CC3A65DAE1A3F5A Creation and modification date: 2013-08-22 03:43 - 2013-08-22 03:43 Size: 0033280 Attributes: ----A Company Name: Microsoft Corporation Internal Name: MSIMTF.DLL Original Name: MSIMTF.DLL.MUI Product Name: Besturingssysteem Microsoft® Windows® Description: DLL voor actieve IMM-server File Version: 6.3.9600.16384 (winblue_rtm.130821-1623) Product Version: 6.3.9600.16384 Copyright: © Microsoft Corporation. Alle rechten voorbehouden. ====== End Of File: ====== ========================= Folder: C:\Users\Gebruiker\AppData\Roaming\Saladin ======================== 2015-01-03 16:54 - 2015-01-08 18:17 - 0001327 _____ () C:\Users\Gebruiker\AppData\Roaming\Saladin\settings.dat ====== End of Folder: ====== ========================= Folder: C:\Program Files\Saladin ======================== 2014-11-25 17:05 - 2014-11-25 17:05 - 0001262 _____ () C:\Program Files\Saladin\ChangeLog 2010-10-12 20:52 - 2010-10-12 20:52 - 0035147 _____ () C:\Program Files\Saladin\COPYING 2014-11-25 17:05 - 2014-11-25 17:05 - 0001628 _____ () C:\Program Files\Saladin\README 2014-11-25 17:31 - 2014-11-25 17:31 - 0390208 _____ (Michał Męciński) C:\Program Files\Saladin\uninstall.exe 2015-01-03 16:50 - 2015-01-03 16:50 - 0000000 ____D () C:\Program Files\Saladin\bin 2014-11-25 17:31 - 2014-11-25 17:31 - 9826504 _____ (Michał Męciński) C:\Program Files\Saladin\bin\saladin.exe 2015-01-03 16:50 - 2015-01-03 16:50 - 0000000 ____D () C:\Program Files\Saladin\translations 2014-08-18 17:27 - 2014-08-18 17:27 - 0000138 _____ () C:\Program Files\Saladin\translations\locale.ini 2013-07-04 15:32 - 2013-07-04 15:32 - 0082411 _____ () C:\Program Files\Saladin\translations\qt_es.qm 2013-07-04 15:32 - 2013-07-04 15:32 - 0316133 _____ () C:\Program Files\Saladin\translations\qt_pl.qm 2013-07-04 15:32 - 2013-07-04 15:32 - 0070321 _____ () C:\Program Files\Saladin\translations\qt_pt.qm 2014-11-23 15:17 - 2014-11-23 15:17 - 0032148 _____ () C:\Program Files\Saladin\translations\saladin_es.qm 2014-08-18 17:27 - 2014-08-18 17:27 - 0031194 _____ () C:\Program Files\Saladin\translations\saladin_pl.qm 2014-11-25 17:03 - 2014-11-25 17:03 - 0031278 _____ () C:\Program Files\Saladin\translations\saladin_pt_BR.qm ====== End of Folder: ====== "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{284D1F2E-FAFB-48E7-837D-21AE88B63FA3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{284D1F2E-FAFB-48E7-837D-21AE88B63FA3}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Gebruiker)" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{513D58B7-38CD-4E8B-AA96-593AC5AC6936}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{513D58B7-38CD-4E8B-AA96-593AC5AC6936}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Startup" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D86CDD8-B59E-4862-AA09-E251BC56FD2F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D86CDD8-B59E-4862-AA09-E251BC56FD2F}" => Key deleted successfully. C:\Windows\System32\Tasks\{9525A1E1-3B21-459E-9A38-7D6110BC21E9} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9525A1E1-3B21-459E-9A38-7D6110BC21E9}" => Key deleted successfully. "C:\Users\Gebruiker\Downloads\RapportSetup.exe" => File/Directory not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D420A2C0-5F43-4CAE-BFAD-3B3C2BC49801}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D420A2C0-5F43-4CAE-BFAD-3B3C2BC49801}" => Key deleted successfully. C:\Windows\System32\Tasks\{FE803910-E5B6-4697-AF53-DCC5BAE4215F} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE803910-E5B6-4697-AF53-DCC5BAE4215F}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC46A9F9-D619-4F8F-A60C-870A9220A2BD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC46A9F9-D619-4F8F-A60C-870A9220A2BD}" => Key deleted successfully. C:\Windows\System32\Tasks\{F96B317C-865D-4F21-86E8-0CC63FAB6E37} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F96B317C-865D-4F21-86E8-0CC63FAB6E37}" => Key deleted successfully. "C:\Users\Gebruiker\SkyDrive" => ":ms-properties" ADS not found. C:\Users\Gebruiker\SkyDrive (2) => ":ms-properties" ADS removed successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. EmptyTemp: => Removed 96.7 MB temporary data. The system needed a reboot. ==== End of Fixlog 14:09:11 ====