Fixlist for Farbar System Recovery Tool

ArchNemesis · Jun 26, 2017

Below is my FRST.txt file, any help is extremely appreciated.

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2017 01
Ran by SYSTEM on MININT-HGJL3KS (23-06-2017 23:12:46)
Running from E:\
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
[B]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/B]

Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL]

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-04-05] (Raptr, Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-06-18] (Razer Inc.)
HKLM-x32\...\Run: [jswtrayutil] => "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-05-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TRENDnet TEW-726EC] => C:\Program Files (x86)\TRENDnet\TEW-726EC\WlanMon.exe [1187840 2014-03-25] ()
Startup: C:\Users\Vincent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-08-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-21] (Autodesk Inc.)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-09-07] (Perfect World Entertainment Inc)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1517576 2017-06-16] ()
S2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-05-26] (Apple Inc.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-18] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-07-14] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [387128 2017-05-23] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [369720 2017-05-23] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [406584 2017-05-23] (BlueStack Systems, Inc.)
S2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\59.0.3071.47\remoting_host.exe [71512 2017-05-08] (Google Inc.)
S2 Dhcp; C:\Windows\system32\dhcpcore.dll [355840 2015-10-29] ()
S2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Scarlet.Crush Productions)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-05-22] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Hi-Rez Studios\HiPatchService.exe [9728 2017-03-28] (Hi-Rez Studios)
S2 jswpbapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpbapi.exe [241664 2012-03-25] (Atheros Communications, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-06-06] (Overwolf LTD)
S2 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-05-09] (Plays.tv, LLC)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2016-06-12] ()
S2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-04] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S2 TRENDnet_Wireless; C:\Program Files (x86)\TRENDnet\TEW-726EC\ANIWZCSdS.exe [126976 2010-07-12] (Wireless Service)
S2 TRENDnet_Wireless_WPS; C:\Program Files (x86)\TRENDnet\TEW-726EC\ANIWConnService.exe [49152 2012-12-24] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2970424 2015-06-29] (AVG Technologies)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-12-26] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-29] (Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\Kingsoft Office\wpscloudsvr.exe [174696 2017-06-14] (Zhuhai Kingsoft Office Software Co.,Ltd)
S2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [307928 2013-11-11] ()
S2 GlassWire; "F:\GlassWire\GWCtlSrv.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
S1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2010-06-08] ()
S3 athr; C:\Windows\System32\drivers\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-12-07] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
S1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
S3 BlueletAudio; C:\Windows\system32\DRIVERS\blueletaudio.sys [41208 2012-12-24] (IVT Corporation)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [38160 2007-05-11] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37648 2007-03-05] (IVT Corporation.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-07-14] (BitRaider)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-01-13] (BitRaider)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2017-05-23] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2017-05-21] (Bluestack System Inc. )
S3 BT; C:\Windows\System32\drivers\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
S3 BT; C:\Windows\SysWOW64\drivers\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.)
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-01] (Disc Soft Ltd)
S1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-28] (SecureMix LLC)
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1089880 2016-01-15] ()
S3 intelppm; C:\Windows\System32\drivers\intelppm.sys [133632 2015-10-29] ()
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-06-17] (Malwarebytes)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2015-10-29] ()
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2015-12-26] (Realtek                                            )
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2014-12-31] (Realtek Semiconductor Corporation)
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3764736 2015-10-29] (Realtek Semiconductor Corporation                           )
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
S2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-04] (Razer, Inc.)
S2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
S3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [42856 2016-03-27] (Nefarius Software Solutions)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11973 2017-05-15] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [41824 2016-11-03] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 tapoas; C:\Windows\System32\drivers\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-08-16] (Oracle Corporation)
S1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-08-16] (Oracle Corporation)
S3 VComm; C:\Windows\system32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
S3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-29] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-09-28] (Wellbia.com Co., Ltd.)
S3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-23 23:05 - 2017-06-23 23:07 - 00000000 ____D C:\FRST
2017-06-22 14:13 - 2017-06-22 14:13 - 00000000 ___HD C:\$Windows.~BT
2017-06-22 14:13 - 2017-06-22 14:13 - 00000000 _____ C:\Recovery.txt
2017-06-22 14:12 - 2017-06-22 14:13 - 00000000 ___HD C:\$SysReset
2017-06-20 21:05 - 2017-06-20 21:05 - 00000000 ____D C:\Users\Vincent\Documents\EVE
2017-06-20 20:52 - 2017-06-20 20:52 - 00000000 ____D C:\Users\Vincent\.QtWebEngineProcess
2017-06-20 20:52 - 2017-06-20 20:52 - 00000000 ____D C:\Users\Vincent\.EVE
2017-06-20 20:51 - 2017-06-20 20:51 - 00000000 ____D C:\Users\Vincent\AppData\Local\CCP
2017-06-20 14:30 - 2017-06-20 14:30 - 00000222 _____ C:\Users\Vincent\Desktop\Serious Sam Classics Revolution.url
2017-06-19 19:54 - 2017-06-19 19:54 - 00000222 _____ C:\Users\Vincent\Desktop\Lambda Wars Beta.url
2017-06-19 18:05 - 2017-06-19 18:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2017-06-19 16:53 - 2017-06-19 16:53 - 00000137 _____ C:\Users\Vincent\Desktop\Age of Conan Unchained.url
2017-06-19 11:13 - 2017-06-19 11:13 - 00000000 ____D C:\Users\Vincent\AppData\LocalLow\Dire Wolf Digital
2017-06-18 16:54 - 2017-06-18 16:54 - 00000000 ____D C:\Users\Vincent\AppData\Local\Saber
2017-06-18 10:28 - 2017-06-18 10:28 - 00000000 ____D C:\Users\Vincent\AppData\Local\id Software
2017-06-16 11:54 - 2017-06-16 11:54 - 00000222 _____ C:\Users\Vincent\Desktop\Tom Clancy's Rainbow Six Siege.url
2017-06-14 13:28 - 2017-06-21 15:54 - 00000000 ____D C:\Program Files\Nightly
2017-06-14 04:52 - 2017-06-14 05:11 - 00003756 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Vincent
2017-06-14 04:52 - 2017-06-14 04:52 - 00004030 _____ C:\Windows\System32\Tasks\WpsExternal_Vincent_20170614085234
2017-06-08 18:42 - 2017-06-08 18:42 - 00000020 _____ C:\Windows\SysWOW64\pub_store.dat
2017-06-08 18:41 - 2017-06-08 18:41 - 00000000 ____D C:\Users\Public\Thunder Network
2017-06-08 18:23 - 2017-06-08 18:23 - 00000000 ____D C:\迅雷游戏
2017-06-08 18:22 - 2017-06-08 18:22 - 00000000 ____D C:\Final Combat
2017-06-08 18:14 - 2017-06-08 18:14 - 00000000 ____D C:\ProgramData\Thunder Network
2017-06-08 11:34 - 2017-06-08 11:44 - 00000000 ____D C:\Program Files\supdt
2017-06-06 11:53 - 2017-06-06 11:53 - 00000000 ____D C:\Users\Vincent\AppData\Local\UNP
2017-06-04 12:28 - 2017-06-04 12:50 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2017-06-04 12:27 - 2017-06-04 12:28 - 339047640 _____ (BlueStack Systems Inc.) C:\Users\Vincent\Downloads\BlueStacks2_native_4bc221f78bf878d65b4904ab64d78bb9.exe
2017-06-01 11:39 - 2017-06-01 11:41 - 00000000 ____D C:\Program Files\UNP
2017-06-01 11:39 - 2017-06-01 11:39 - 00000000 ____D C:\Windows\System32\UNP
2017-05-27 09:45 - 2017-05-30 07:20 - 00000000 ____D C:\Windows\Panther
2017-05-26 14:07 - 2017-05-26 14:07 - 00000000 ____D C:\Program Files (x86)\Blizzard
2017-05-26 14:04 - 2017-05-26 14:04 - 00000000 ____D C:\Users\Vincent\Documents\Starcraft
2017-05-26 13:55 - 2017-05-26 13:58 - 03205616 _____ (Blizzard Entertainment) C:\Users\Vincent\Downloads\StarCraft-Setup (1).exe
2017-05-26 13:55 - 2017-05-26 13:55 - 03205616 _____ (Blizzard Entertainment) C:\Users\Vincent\Downloads\StarCraft-Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-22 07:37 - 2014-11-15 16:47 - 00000000 ____D C:\Users\Vincent\AppData\Local\TSVNCache
2017-06-22 07:35 - 2014-07-12 17:21 - 00000000 ____D C:\Users\Vincent\AppData\Local\Battle.net
2017-06-22 07:31 - 2015-06-08 13:21 - 00000000 ____D C:\Users\Vincent\AppData\LocalLow\Mozilla
2017-06-22 07:06 - 2015-10-29 23:11 - 00000000 ____D C:\Windows\CbsTemp
2017-06-22 07:00 - 2017-05-18 17:14 - 00000458 _____ C:\Windows\Tasks\ScpUpdater.job
2017-06-22 05:05 - 2015-11-04 23:54 - 00004162 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4C48722C-AF17-4020-9752-12717297017A}
2017-06-21 22:00 - 2014-07-11 22:00 - 00000000 ____D C:\Users\Vincent\AppData\Local\Adobe
2017-06-21 21:33 - 2014-06-27 21:05 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-21 17:47 - 2015-10-29 23:24 - 00000000 ____D C:\Windows\AppReadiness
2017-06-21 15:54 - 2015-09-26 17:10 - 00000000 ____D C:\Users\Vincent\AppData\Local\Ubisoft Game Launcher
2017-06-21 10:53 - 2014-07-12 17:21 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-06-20 21:31 - 2016-09-07 22:06 - 00000000 ____D C:\Users\Vincent\AppData\Local\CrashDumps
2017-06-20 20:52 - 2016-04-01 00:34 - 00000000 ____D C:\users\Vincent
2017-06-20 18:46 - 2016-04-28 17:54 - 00000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2017-06-20 11:59 - 2016-04-01 01:03 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-19 18:06 - 2014-06-28 04:45 - 00000000 ____D C:\Users\Vincent\AppData\Local\Funcom
2017-06-19 15:23 - 2015-05-14 05:57 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\DMCache
2017-06-18 13:49 - 2015-01-29 02:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-18 11:57 - 2015-10-29 23:21 - 00000000 ____D C:\Windows\INF
2017-06-18 09:14 - 2016-07-19 08:05 - 00000000 ____D C:\Users\Vincent\AppData\Local\Bethesda.net Launcher
2017-06-18 09:13 - 2016-04-28 17:54 - 00001225 _____ C:\Users\Public\Desktop\Bethesda.net Launcher.lnk
2017-06-17 17:34 - 2017-04-26 14:27 - 00003136 _____ C:\Windows\System32\Tasks\MSIAfterburner
2017-06-17 17:29 - 2017-04-22 13:14 - 00251832 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2017-06-17 17:27 - 2016-09-18 12:55 - 00000007 _____ C:\Windows\SysWOW64\ANIWZCSUSERNAME{3E5678D7-0AC4-4FD1-9F41-E15D5ADF98C2}
2017-06-17 17:26 - 2015-08-16 07:37 - 00000083 _____ C:\HaxLogs.txt
2017-06-16 11:55 - 2014-07-18 04:55 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-06-16 08:39 - 2015-09-18 16:33 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-16 08:39 - 2015-09-18 16:33 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-10 21:45 - 2017-05-22 21:11 - 00000000 ____D C:\Users\Vincent\Documents\The Witcher 3
2017-06-09 16:02 - 2015-08-30 12:00 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\Audacity
2017-06-08 18:40 - 2014-07-09 03:49 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\vlc
2017-06-08 11:10 - 2014-07-02 11:10 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-06-06 01:09 - 2014-06-27 20:57 - 00000000 ____D C:\Program Files (x86)\Google
2017-06-04 12:54 - 2014-08-30 11:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2017-06-04 12:50 - 2016-07-25 20:49 - 00001648 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-06-04 12:50 - 2015-10-29 23:24 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-04 12:47 - 2015-09-18 13:51 - 00000000 ____D C:\Users\Vincent\AppData\Local\Bluestacks
2017-06-02 19:07 - 2015-10-29 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-02 19:07 - 2015-10-29 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 13:05 - 2016-04-01 00:34 - 01009736 _____ C:\Windows\System32\PerfStringBackup.INI
2017-05-27 16:51 - 2015-07-31 17:44 - 00000000 ____D C:\Users\Vincent\AppData\Local\Packages
2017-05-27 16:50 - 2015-10-29 23:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-25 19:31 - 2017-05-18 16:32 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\DarkSoulsIII
2017-05-25 19:25 - 2015-05-14 05:57 - 00000000 ____D C:\Users\Vincent\Downloads\Compressed
2017-05-24 14:54 - 2015-01-27 21:03 - 00000000 ____D C:\Users\Vincent\AppData\Roaming\Kodi

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some files in TEMP:
====================
2016-09-27 20:51 - 2016-09-27 20:51 - 0000512 _____ () C:\Users\Vincent\AppData\Local\Temp\3d51890c7b88e4feeeed777176b46429.dll
2016-05-27 22:15 - 2016-09-17 15:22 - 0073728 _____ () C:\Users\Vincent\AppData\Local\Temp\ANPDApi.dll
2013-01-28 14:20 - 2013-01-28 14:20 - 0248008 _____ (Ask.com) C:\Users\Vincent\AppData\Local\Temp\AskSLib.dll
2016-09-27 20:52 - 2016-09-28 18:24 - 0000041 _____ () C:\Users\Vincent\AppData\Local\Temp\b90d0257ca6ed326fa5bcaf8af38eb0b.dll
2016-09-27 19:34 - 2016-09-15 12:41 - 0037376 _____ (Microsoft) C:\Users\Vincent\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2016-09-27 19:34 - 2016-09-15 12:14 - 0020992 _____ (Microsoft) C:\Users\Vincent\AppData\Local\Temp\HiRezLauncherControls.dll
2016-09-27 11:59 - 2016-09-27 11:59 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1064229083976519961.dll
2016-10-14 12:46 - 2016-10-14 12:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1068368348836445834.dll
2016-09-27 13:15 - 2016-09-27 13:15 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1075089249514255309.dll
2016-09-27 13:27 - 2016-09-27 13:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1079073985803935765.dll
2016-10-08 09:01 - 2016-10-08 09:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1130029248099970744.dll
2016-10-14 12:22 - 2016-10-14 12:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1320845841627357225.dll
2016-10-14 13:40 - 2016-10-14 13:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1351410871522410441.dll
2016-09-30 09:48 - 2016-09-30 09:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1358298621534481981.dll
2016-09-29 13:02 - 2016-09-29 13:02 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1484707040611920541.dll
2016-10-08 09:20 - 2016-10-08 09:20 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1561279653917294529.dll
2016-10-01 13:31 - 2016-10-01 13:31 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1610491105267806938.dll
2016-10-08 08:48 - 2016-10-08 08:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-170862462724460556.dll
2016-10-14 13:47 - 2016-10-14 13:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1944874560720188549.dll
2016-10-01 13:35 - 2016-10-01 13:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-1996833577724300872.dll
2016-09-30 09:26 - 2016-09-30 09:26 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2015173025408541910.dll
2016-09-30 10:00 - 2016-09-30 10:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2058517193213661040.dll
2016-10-01 13:32 - 2016-10-01 13:32 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-206683114235934133.dll
2016-09-27 13:00 - 2016-09-27 13:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2224757837946816034.dll
2016-09-30 10:18 - 2016-09-30 10:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2226430407750277070.dll
2016-09-29 12:53 - 2016-09-29 12:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2256534062838657508.dll
2016-09-27 14:27 - 2016-09-27 14:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2294564127000203353.dll
2016-09-30 10:00 - 2016-09-30 10:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2350375648039123461.dll
2016-10-01 12:21 - 2016-10-01 12:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-237079372545501610.dll
2016-09-29 08:29 - 2016-09-29 08:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2583181340241793559.dll
2016-09-30 10:10 - 2016-09-30 10:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2694352387205406692.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2887084199722828111.dll
2016-10-08 09:30 - 2016-10-08 09:30 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2891036078470678983.dll
2016-09-29 12:57 - 2016-09-29 12:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2898562308377831516.dll
2016-10-17 11:52 - 2016-10-17 11:52 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-2914851954352637284.dll
2016-09-27 12:43 - 2016-09-27 12:43 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3111925324117109122.dll
2016-10-01 11:10 - 2016-10-01 11:10 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3274098651064136353.dll
2016-10-08 10:46 - 2016-10-08 10:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3340481443206148727.dll
2016-09-30 10:22 - 2016-09-30 10:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3381440483608169847.dll
2016-09-30 10:25 - 2016-09-30 10:25 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3431302526257813227.dll
2016-09-30 10:24 - 2016-09-30 10:24 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3439258899286110246.dll
2016-10-14 13:15 - 2016-10-14 13:15 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3450479917505968114.dll
2016-10-08 08:45 - 2016-10-08 08:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-356999309718896722.dll
2016-10-05 11:53 - 2016-10-05 11:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3578740344166053581.dll
2016-10-01 13:35 - 2016-10-01 13:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3579805160716471365.dll
2016-10-14 13:17 - 2016-10-14 13:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3631584222657618262.dll
2016-10-08 09:27 - 2016-10-08 09:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-368541318043460807.dll
2016-09-30 09:44 - 2016-09-30 09:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3714397200545741874.dll
2016-09-27 14:32 - 2016-09-27 14:32 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-3733042072268092687.dll
2016-10-08 09:51 - 2016-10-08 09:51 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-387103995579043641.dll
2016-09-27 13:12 - 2016-09-27 13:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4073766203169528059.dll
2016-09-29 13:04 - 2016-09-29 13:04 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4078255346165822211.dll
2016-09-29 08:30 - 2016-09-29 08:30 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4120337252019585561.dll
2016-10-01 13:37 - 2016-10-01 13:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4121660765514614753.dll
2016-10-01 12:27 - 2016-10-01 12:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4320075945905365463.dll
2016-10-08 09:40 - 2016-10-08 09:40 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4463684510179721061.dll
2016-09-30 10:26 - 2016-09-30 10:26 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-453732343748753677.dll
2016-09-27 12:44 - 2016-09-27 12:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4559037264225739188.dll
2016-09-30 10:05 - 2016-09-30 10:05 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4578278063743955110.dll
2016-10-19 11:30 - 2016-10-19 11:30 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4703113035407153893.dll
2016-11-02 14:08 - 2016-11-02 14:08 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4723285714585634958.dll
2016-09-29 13:03 - 2016-09-29 13:03 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4727167861543809815.dll
2016-10-08 09:19 - 2016-10-08 09:19 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4751035065726349312.dll
2016-11-02 17:05 - 2016-11-02 17:05 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4759015601338839711.dll
2016-10-01 13:42 - 2016-10-01 13:42 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4782225116554378068.dll
2016-10-14 12:47 - 2016-10-14 12:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4783848487152774673.dll
2016-10-01 13:39 - 2016-10-01 13:39 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-4940587826370582894.dll
2016-10-17 10:33 - 2016-10-17 10:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5128679011191164611.dll
2017-01-20 15:29 - 2017-01-20 15:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5162621595201210014.dll
2016-09-27 13:27 - 2016-09-27 13:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5165691344639968274.dll
2016-09-30 09:53 - 2016-09-30 09:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5184633446500632669.dll
2016-09-30 09:50 - 2016-09-30 09:50 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5187859672279321974.dll
2016-09-30 10:22 - 2016-09-30 10:22 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5213982025169538759.dll
2016-10-19 11:12 - 2016-10-19 11:12 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5224419838415435007.dll
2016-10-01 12:36 - 2016-10-01 12:36 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5233356781302871379.dll
2016-10-01 13:44 - 2016-10-01 13:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5251305913233180598.dll
2016-09-27 14:28 - 2016-09-27 14:28 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5267975546529063108.dll
2016-09-30 09:46 - 2016-09-30 09:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5318165080585127851.dll
2016-09-27 13:29 - 2016-09-27 13:29 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5332132797578177443.dll
2016-09-28 07:57 - 2016-09-28 07:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5343192601953581374.dll
2016-10-08 09:44 - 2016-10-08 09:44 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5491783367049583532.dll
2016-10-08 07:58 - 2016-10-08 07:58 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5526053623482863202.dll
2016-10-08 08:45 - 2016-10-08 08:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5565207774872441004.dll
2016-09-30 14:33 - 2016-09-30 14:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5646326151286637953.dll
2016-10-01 13:49 - 2016-10-01 13:49 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5691735480362638671.dll
2016-09-27 14:34 - 2016-09-27 14:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5697102885026736867.dll
2016-10-17 12:13 - 2016-10-17 12:13 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5725110668516187626.dll
2016-10-18 12:42 - 2016-10-18 12:42 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-579788737727765614.dll
2016-09-29 12:55 - 2016-09-29 12:55 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5799143196443175504.dll
2016-09-29 17:59 - 2016-09-29 17:59 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-5967772731132527446.dll
2016-10-17 10:34 - 2016-10-17 10:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6025587204873724127.dll
2016-10-17 12:35 - 2016-10-17 12:35 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6198093893265202973.dll
2016-10-19 11:14 - 2016-10-19 11:14 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-625905438520057869.dll
2016-10-01 12:16 - 2016-10-01 12:16 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6264683630710640506.dll
2016-09-28 07:58 - 2016-09-28 07:58 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6280084482654759530.dll
2016-10-08 09:37 - 2016-10-08 09:37 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6440509715938233763.dll
2016-11-02 14:02 - 2016-11-02 14:02 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6463574556996046798.dll
2016-09-27 13:33 - 2016-09-27 13:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6497498040604649376.dll
2016-10-14 12:50 - 2016-10-14 12:50 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6659100523322799994.dll
2016-10-05 11:56 - 2016-10-05 11:56 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6707317496599596950.dll
2016-09-27 12:46 - 2016-09-27 12:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6718454746227060176.dll
2016-10-01 13:38 - 2016-10-01 13:38 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6858363535193646617.dll
2016-10-01 12:36 - 2016-10-01 12:36 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-689455234445339321.dll
2016-10-01 13:47 - 2016-10-01 13:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6975880410352912037.dll
2016-09-27 12:45 - 2016-09-27 12:45 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-6979634625322735215.dll
2016-09-30 12:09 - 2016-09-30 12:09 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7107162254852105877.dll
2016-10-19 10:18 - 2016-10-19 10:18 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-722995155292338531.dll
2016-09-27 13:31 - 2016-09-27 13:31 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7233177647055329642.dll
2016-10-01 12:23 - 2016-10-01 12:23 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7254746652879565175.dll
2016-10-14 13:49 - 2016-10-14 13:49 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7304111824152622898.dll
2016-09-27 11:59 - 2016-09-27 11:59 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7338950877168189712.dll
2016-10-08 10:02 - 2016-10-08 10:02 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7378382957297727795.dll
2016-09-30 09:49 - 2016-09-30 09:49 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-750173507473625832.dll
2016-10-14 12:26 - 2016-10-14 12:26 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7652608630152998300.dll
2016-09-30 10:19 - 2016-09-30 10:19 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-768334148611369698.dll
2016-10-17 12:00 - 2016-10-17 12:00 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7699519698356127264.dll
2016-10-08 09:33 - 2016-10-08 09:33 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-7897120358504835159.dll
2016-09-28 08:49 - 2016-09-28 08:49 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8000590334597044444.dll
2016-10-08 09:23 - 2016-10-08 09:23 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8030209373536890460.dll
2016-09-30 10:27 - 2016-09-30 10:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-811296251138975008.dll
2017-01-20 15:27 - 2017-01-20 15:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8209147949218871484.dll
2016-09-30 09:53 - 2016-09-30 09:53 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8234934720427859344.dll
2016-09-30 10:48 - 2016-09-30 10:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8237276792410034756.dll
2016-09-30 09:46 - 2016-09-30 09:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8250581587955581295.dll
2016-10-08 09:17 - 2016-10-08 09:17 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8283166946504399345.dll
2016-09-30 09:58 - 2016-09-30 09:58 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8287908402261749420.dll
2016-09-29 12:57 - 2016-09-29 12:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-840109718742166879.dll
2017-01-20 15:32 - 2017-01-20 15:32 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8458146716088445482.dll
2016-10-14 12:48 - 2016-10-14 12:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8465274793573695774.dll
2016-09-30 10:27 - 2016-09-30 10:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8500447150872350532.dll
2016-10-19 11:06 - 2016-10-19 11:06 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8540594755409068418.dll
2017-01-20 15:34 - 2017-01-20 15:34 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8607620725124311983.dll
2016-10-19 11:19 - 2016-10-19 11:19 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8658569409268098753.dll
2016-10-08 10:47 - 2016-10-08 10:47 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-866780055119001974.dll
2016-10-18 12:27 - 2016-10-18 12:27 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8682760589887099638.dll
2016-09-27 12:42 - 2016-09-27 12:42 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8787409080830929745.dll
2016-10-08 09:20 - 2016-10-08 09:20 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-8972018503889932732.dll
2016-09-30 10:21 - 2016-09-30 10:21 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-9002125756557201295.dll
2016-10-08 09:48 - 2016-10-08 09:48 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-9093570573092426161.dll
2016-10-08 07:57 - 2016-10-08 07:57 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-9153171629384196529.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-9157874679450295242.dll
2016-10-01 13:46 - 2016-10-01 13:46 - 0019968 ____N (Red Hat®, Inc.) C:\Users\Vincent\AppData\Local\Temp\jansi-64-9173118117482508541.dll
2016-09-26 08:18 - 2016-09-26 08:18 - 0017408 _____ () C:\Users\Vincent\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-11-g3fd9db2-b3097jnks.dll
2016-04-19 17:45 - 2016-04-19 17:47 - 6351472 _____ (Black Tree Gaming                                           ) C:\Users\Vincent\AppData\Local\Temp\Nexus Mod Manager-0.61.16.exe
2016-07-19 20:20 - 2016-07-19 20:20 - 6359496 _____ (Black Tree Gaming                                           ) C:\Users\Vincent\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
2017-04-03 10:48 - 2017-04-03 10:48 - 6441176 _____ (Black Tree Gaming                                           ) C:\Users\Vincent\AppData\Local\Temp\Nexus Mod Manager-0.63.13.exe
2017-05-07 10:04 - 2017-05-07 10:04 - 6441096 _____ (Black Tree Gaming                                           ) C:\Users\Vincent\AppData\Local\Temp\Nexus Mod Manager-0.63.14.exe
2016-06-07 16:37 - 2017-03-09 14:05 - 56756184 _____ (Skype Technologies S.A.) C:\Users\Vincent\AppData\Local\Temp\SkypeSetup.exe
2017-06-08 18:09 - 2017-06-08 18:09 - 0430080 _____ (Eclipse Foundation) C:\Users\Vincent\AppData\Local\Temp\swt-win32-3740.dll
2017-03-27 17:39 - 2017-03-27 17:39 - 14456872 _____ (Microsoft Corporation) C:\Users\Vincent\AppData\Local\Temp\vc_redist.x86.exe
2017-04-09 19:44 - 2017-04-09 19:44 - 0040960 _____ () C:\Users\Vincent\AppData\Local\Temp\x2blapi.dll

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================


==================== Memory info =========================== 

Percentage of memory in use: 10%
Total physical RAM: 8174.11 MB
Available physical RAM: 7293.78 MB
Total Virtual: 8174.11 MB
Available Virtual: 7344.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:589.87 GB) (Free:23.02 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Lexar) (Removable) (Total:7.45 GB) (Free:7.43 GB) FAT32
Drive f: () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
Drive g: (TEW-726EC) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS
Drive y: (New Volume) (Fixed) (Total:931.51 GB) (Free:55.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8732F92F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0002B263)
Partition 1: (Active) - (Size=589.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=5.9 GB) - (Type=05)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

LastRegBack: 2017-06-15 13:12

==================== End of FRST.txt ============================

TwinHeadedEagle · Jun 28, 2017

Hello,

What happens when you try to boot into Normal Mode?

ArchNemesis · Jun 28, 2017

TwinHeadedEagle said:
Hello,

What happens when you try to boot into Normal Mode?

Attempting to boot in normal mode and any kind of safe mode just makes it boot back into RE

TwinHeadedEagle · Jun 29, 2017

Did you change something related to boot settings?

Here you have how to boot to Recovery, but use these settings to force it to boot to Normal mode.

https://www.tenforums.com/tutorials/2294-boot-advanced-startup-options-windows-10-a.html

Search

Fixlist for Farbar System Recovery Tool

ArchNemesis

New Member

TwinHeadedEagle

Level 41

ArchNemesis

New Member

TwinHeadedEagle

Level 41

Similar threads