View Single Post
  #37  
Old March 2nd, 2019, 03:19 PM
evanandrew3333 evanandrew3333 is offline
Banned
 
Join Date: Feb 2019
Posts: 79
Some files in TEMP:
====================
2019-03-01 11:04 - 2019-03-01 11:04 - 001240456 _____ (BlueStack Systems Inc.) C:\Users\beatcat\AppData\Local\Temp\BlueStacksExec utable.exe
2019-03-01 11:05 - 2019-02-12 02:21 - 001160712 _____ (BlueStack Systems, Inc.) C:\Users\beatcat\AppData\Local\Temp\BlueStacksUnin staller.exe
2019-03-01 11:05 - 2019-02-12 02:22 - 001042952 _____ (BlueStack Systems, Inc.) C:\Users\beatcat\AppData\Local\Temp\HD-Common.dll
2019-03-01 11:05 - 2019-01-29 06:48 - 000421344 _____ (CodeTitans) C:\Users\beatcat\AppData\Local\Temp\JSon.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale en-US
inherit {globalsettings}
extendedinput Yes
default {current}
resumeobject {5312aa06-7887-11de-b1db-001321be213f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
customactions 0x1000085000001
0x5400000f
custom:5400000f {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5312aa06-7887-11de-b1db-001321be213f}
nx OptIn

Windows Boot Loader
-------------------
identifier {9a56d4f0-5d3d-11e0-9091-78acc0ab88c9}
device ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {5312aa06-7887-11de-b1db-001321be213f}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {9a56d4f1-5d3d-11e0-9091-78acc0ab88c9}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\WindowsRE\boot.sdi


LastRegBack: 2019-02-22 17:45

==================== End of FRST.txt ============================