FRST scan log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2019 02
Ran by Owner (administrator) on OWNER-PC (Hewlett-Packard HP Compaq dc5700 Small Form Factor) (14-10-2019 16:04:00)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-02] (Adobe Inc. -> Adobe Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0976F330-BF25-4F6F-B0B1-665D9BF7BCC0} - System32\Tasks\{68760510-2907-489D-B7A2-C35A3446BE71} => C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [151552 2005-07-22] () [File not signed]
Task: {0A0C5E8A-2FCE-4C99-B12F-00B4B70AFB83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {41E2110D-1421-413B-8E62-70C64466298F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-10-10] (Adobe Inc. -> Adobe)
Task: {5D084169-00AD-4D36-A448-C9A76FB459A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-10] (Adobe Inc. -> Adobe)
Task: {6B4D3DDA-9B0C-4B4E-A917-B9A141F6ED35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [3129184 2012-09-24] (Piriform Ltd -> Piriform Ltd)
Task: {A149C588-D529-48EB-BAE0-95CA7AC5FE1C} - System32\Tasks\{304152A7-70D0-4E91-9F4E-DBD1652C7AAC} => C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe [151552 2005-07-22] () [File not signed]
Task: {DDB1A270-9C47-4E77-9F28-24AAF8986644} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{E05E619F-5932-445D-9D21-1FC2630E6BEE}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Internet Explorer:
==================
HKU\S-1-5-21-3384263181-369055421-3260215636-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF DefaultProfile: 8wi3sbs5.default-1412761564967
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\8wi3sbs5.default-1412761564967 [2019-10-14]
FF Homepage: Mozilla\Firefox\Profiles\8wi3sbs5.default-1412761564967 -> hxxps://www.google.com/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-03-06] (Apple Inc. -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 16:04 - 2019-10-14 16:05 - 000008503 _____ C:\Users\Owner\Desktop\FRST.txt
2019-10-14 15:50 - 2019-10-14 15:52 - 000002620 _____ C:\Users\Owner\Desktop\Fixlog.txt
2019-10-14 14:00 - 2019-10-14 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2019-10-14 14:00 - 2019-10-14 14:00 - 000000000 ____D C:\Program Files\LatencyMon
2019-10-14 14:00 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspLLL64.sys
2019-10-13 15:25 - 2019-10-13 15:25 - 001616384 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2019-10-10 16:17 - 2019-10-10 16:17 - 000023698 _____ C:\Users\Owner\Documents\events.txt
2019-10-09 09:52 - 2019-10-09 09:52 - 000022517 _____ C:\Users\Owner\Documents\computer check items.odt
2019-10-05 11:25 - 2019-10-05 11:25 - 000010066 _____ C:\Users\Owner\Documents\Weight 2020.ods
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-14 16:05 - 2015-05-23 12:52 - 000000000 ____D C:\FRST
2019-10-14 16:02 - 2016-11-16 13:13 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
2019-10-14 16:02 - 2009-07-14 00:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-14 16:02 - 2009-07-14 00:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-14 15:58 - 2009-07-14 01:13 - 000782510 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-14 15:58 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-10-14 15:54 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-13 14:46 - 2019-01-01 12:13 - 000018965 _____ C:\Users\Owner\Documents\Celebrity Deaths 2019.odt
2019-10-13 12:30 - 2017-06-29 11:22 - 000017486 _____ C:\Users\Owner\Documents\riddles.odt
2019-10-11 15:32 - 2014-01-13 19:27 - 000018574 _____ C:\Users\Owner\Documents\Home Delivered Meals.ods
2019-10-11 15:03 - 2014-11-07 08:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-10-10 15:41 - 2017-09-11 15:35 - 000001564 _____ C:\VEW.txt
2019-10-10 09:58 - 2018-03-13 14:58 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-10-10 09:58 - 2013-02-09 11:03 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-10 09:58 - 2012-03-31 07:33 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-10-10 09:58 - 2011-12-17 16:43 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-10-10 09:58 - 2011-12-17 16:43 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-10-10 09:58 - 2011-12-17 16:43 - 000000000 ____D C:\Windows\system32\Macromed
2019-10-07 15:39 - 2018-12-17 16:23 - 000025322 _____ C:\Users\Owner\Documents\data.odt
2019-10-06 15:09 - 2012-01-12 12:24 - 000000000 ___RD C:\Users\Owner\Desktop\misc house contents
2019-10-05 11:22 - 2018-12-01 12:07 - 000010874 _____ C:\Users\Owner\Documents\Weight 2019.ods
2019-10-04 12:07 - 2016-09-28 10:41 - 000012607 _____ C:\Users\Owner\Documents\Christmas sale.odt
2019-09-30 17:20 - 2012-07-22 09:28 - 000000000 ____D C:\ProgramData\TEMP
2019-09-30 17:20 - 2012-07-22 09:28 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2019-09-30 16:53 - 2018-12-03 13:37 - 000017659 _____ C:\Users\Owner\Documents\Net Worth 2019.ods
2019-09-30 14:17 - 2012-01-12 12:21 - 000000000 ____D C:\Users\Owner\Desktop\silver, jewelry, coins
2019-09-24 15:54 - 2012-01-12 12:23 - 000000000 ____D C:\Users\Owner\Desktop\Things For Sale
2019-09-21 14:25 - 2012-01-12 12:21 - 000000000 ____D C:\Users\Owner\Desktop\House Pics
2019-09-14 16:12 - 2017-06-15 16:21 - 004337906 _____ C:\Users\Owner\Documents\Other things for sale (all).odt
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-08-24 13:23
==================== End of FRST.txt ============================
Edited by debodun, 14 October 2019 - 02:16 PM.