Hacked – Help Please? – Virus, Trojan, Spyware, and Malware Removal Help

Hello,

There appears to be a hack which is working on my laptop computer and worming itself on my cell – I’ve wiped the home windows os file and used a restoration usb – nonetheless the problem arises. I’ve modified my cell from XS max and quantity on EE to iPhone 12 working 14.4 with out connecting to the wifi and the problem nonetheless exists.

Please see my FRST log beneath:

Scan results of Farbar Restoration Scan Device (FRST) (x64) Model: 14-02-2021
Ran by PC12 (administrator) on DESKTOP-11Q7D6S (Dell Inc. XPS 13 9350) (17-02-2021 04:04:19)
Operating from C:UsersPC12Desktop
Loaded Profiles: PC12
Platform: Home windows 10 Professional Model 2004 19041.610 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Regular

==================== Processes (Whitelisted) =================

(If an entry is included within the fixlist, the method shall be closed. The file won’t be moved.)

(ALPS ELECTRIC CO., LTD. -> Alps Electrical Co., Ltd.) C:WindowsSystem32DellTPadHidMonitorSvc.exe
(Intel Company -> Intel Company) C:WindowsSystem32IntelDPTFesif_uf.exe
(Intel Company -> Intel Company) C:WindowsTempDPTFesif_assist_64.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:WindowsIntelIntel® Administration Engine ComponentsLMSLMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_3f902faa7a5da85djhi_service.exe
(Intel® pGFX 2020 -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_cb777423701ee84cigfxCUIService.exe
(Intel® pGFX 2020 -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_cb777423701ee84cigfxEM.exe
(Intel® pGFX 2020 -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_cb777423701ee84cIntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryigdlh64.inf_amd64_cb777423701ee84cIntelCpHeciSvc.exe
(Intel® Fast Storage Expertise -> Intel Company) C:WindowsSystem32DriverStoreFileRepositoryiastorac.inf_amd64_ecb9604542bb4ba6RstMwService.exe
(Intel® Software program Improvement Merchandise -> Intel Company) C:WindowsSystem32DriverStoreFileRepositorysgx_psw.inf_amd64_fafb1d329fdfe2c6aesm_service.exe
(Microsoft Company -> Microsoft Company) C:UsersPC12AppDataLocalMicrosoftOneDriveOneDrive.exe
(Microsoft Company -> Microsoft Company) C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweMicrosoftEdge.exe
(Microsoft Company) C:Program FilesWindowsAppsmicrosoft.windowsstore_11910.1002.5.0_x64__8wekyb3d8bbweWinStore.App.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32browser_broker.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32dllhost.exe <2>
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32MicrosoftEdgeCP.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32MicrosoftEdgeSH.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32oobeUserOOBEBroker.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32smartscreen.exe
(Microsoft Home windows -> Microsoft Company) C:WindowsSystem32wlanext.exe
(Microsoft Home windows {Hardware} Compatibility Writer -> Pixart Imaging Inc) C:WindowsSystem32TiltWheelMouse.exe
(Microsoft Home windows Writer -> Microsoft Company) C:Program FilesWindows DefenderMsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(Skype) C:Program FilesWindowsAppsmicrosoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5cSkypeApp.exe
(Skype) C:Program FilesWindowsAppsmicrosoft.skypeapp_14.53.77.0_x64__kzf8qxf38zg5cSkypeBackgroundHost.exe
(Synaptics Integrated -> Synaptics Integrated) C:WindowsSystem32SynTPEnh.exe
(Synaptics Integrated -> Synaptics Integrated) C:WindowsSystem32SynTPEnhService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included within the fixlist, the registry merchandise shall be restored to default or eliminated. The file won’t be moved.)

HKLM…Run: [MouseDriver] => C:Windowssystem32TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Home windows {Hardware} Compatibility Writer -> Pixart Imaging Inc)
HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9235944 2017-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [RtHDVBg_MAXX6] => C:Program FilesRealtekAudioHDARAVBg64.exe [1493992 2017-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [RtHDVBg_PushButton] => C:Program FilesRealtekAudioHDARAVBg64.exe [1493992 2017-08-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

==================== Scheduled Duties (Whitelisted) ============

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved until listed individually.)

(If an entry is included within the fixlist, the duty (.job) file shall be moved. The file which is working by the duty won’t be moved.)

==================== Web (Whitelisted) ====================

(If an merchandise is included within the fixlist, if it’s a registry merchandise it is going to be eliminated or restored to default.)

TcpipParameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip..Interfaces{2a5124c6-d39d-43f2-9476-4b13d0df6255}: [DhcpNameServer] 194.168.4.100 194.168.8.100

==================== Providers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved until listed individually.)

U2 ApHidMonitorService; C:Windowssystem32DellTPadHidMonitorSvc.exe [878632 2018-02-05] (ALPS ELECTRIC CO., LTD. -> Alps Electrical Co., Ltd.)
S3 Sense; C:Program FilesWindows Defender Superior Risk ProtectionMsSense.exe [5101992 2020-11-06] (Microsoft Home windows Writer -> Microsoft Company)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Home windows Writer -> Microsoft Company)
R2 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Home windows Writer -> Microsoft Company)

===================== Drivers (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved until listed individually.)

S3 ApHidfiltrService; C:WindowsSystem32driversApHidfiltrSW.sys [373032 2018-02-05] (ALPS ELECTRIC CO., LTD. -> Alps Electrical Co., Ltd.)
R3 BCMPCIEDHD63; C:Windowssystem32DRIVERSbcmpciedhd63.sys [1063712 2017-10-18] (Broadcom Company -> Broadcom Corp)
S3 DDDriver; C:WindowsSystem32driversdddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Home windows {Hardware} Compatibility Writer -> Dell Inc.)
S3 imausbhpal; C:WindowsSystem32driversimausbhpal.sys [671224 2017-05-19] (Intel® Wi-fi Connectivity Options -> )
S3 imausbhub; C:WindowsSystem32driversimausbhub.sys [479736 2017-05-19] (Intel® Wi-fi Connectivity Options -> Intel Company)
S0 megasas35; C:WindowsSystem32driversmegasas35.sys [87576 2018-02-16] (Avago Applied sciences U.S. Inc. -> Avago Applied sciences)
S0 percsas3; C:WindowsSystem32driverspercsas3.sys [75792 2016-09-20] (AVAGO TECHNOLOGIES U.S. INC. -> Avago Applied sciences)
S3 SynPTPHID; C:WindowsSystem32driversSynPTPHID.sys [64040 2018-04-02] (Synaptics Integrated -> Synaptics Integrated)
S3 t_mouse.sys; C:WindowsSystem32driverst_mouse.sys [6144 2012-12-19] (Microsoft Home windows {Hardware} Compatibility Writer -> )
S0 WdBoot; C:WindowsSystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Home windows Early Launch Anti-malware Writer -> Microsoft Company)
R0 WdFilter; C:WindowsSystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Home windows -> Microsoft Company)
S3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Home windows -> Microsoft Company)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved until listed individually.)

==================== Three months (created) (Whitelisted) =========

(If an entry is included within the fixlist, the file/folder shall be moved.)

2021-02-17 03:57 – 2021-02-17 03:57 – 000013388 _____ C:UsersPC12DesktopFixlog.txt
2021-02-17 03:34 – 2021-02-17 03:42 – 000015822 _____ C:UsersPC12DesktopAddition.txt
2021-02-17 03:33 – 2021-02-17 04:04 – 000008284 _____ C:UsersPC12DesktopFRST.txt
2021-02-17 03:33 – 2021-02-17 04:04 – 000000000 ____D C:FRST
2021-02-17 03:33 – 2021-02-17 03:33 – 002297856 _____ (Farbar) C:UsersPC12DesktopFRST64.exe
2021-02-17 03:26 – 2021-02-17 03:42 – 000000000 ____D C:UsersPC12AppDataLocalPlaceholderTileLogoFolder
2021-02-17 03:26 – 2021-02-17 03:26 – 000000000 ____D C:UsersPC12AppDataRoamingMacromedia
2021-02-17 03:25 – 2021-02-17 03:25 – 000000000 ____D C:UsersPC12AppDataLocalComms
2021-02-17 03:04 – 2021-02-17 04:02 – 000795738 _____ C:Windowssystem32PerfStringBackup.INI
2021-02-17 03:03 – 2021-02-17 03:03 – 000003376 _____ C:Windowssystem32TasksOneDrive Standalone Replace Activity-S-1-5-21-4133049352-682808253-1143380259-1001
2021-02-17 03:03 – 2021-02-17 03:03 – 000000000 ___RD C:UsersPC12OneDrive
2021-02-17 03:00 – 2021-02-17 03:28 – 000000000 ____D C:UsersPC12AppDataLocalMicrosoftEdge
2021-02-17 03:00 – 2021-02-17 03:00 – 000001450 _____ C:UsersPC12DesktopMicrosoft Edge.lnk
2021-02-17 03:00 – 2021-02-17 03:00 – 000000000 ____D C:ProgramDataMicrosoft OneDrive
2021-02-17 02:59 – 2021-02-17 03:57 – 000000000 __SHD C:UsersPC12IntelGraphicsProfiles
2021-02-17 02:59 – 2021-02-17 03:42 – 000000000 ____D C:UsersPC12AppDataLocalPackages
2021-02-17 02:59 – 2021-02-17 03:42 – 000000000 ____D C:ProgramDataPackages
2021-02-17 02:59 – 2021-02-17 03:00 – 000000000 ____D C:UsersPC12AppDataLocalIntel
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ___RD C:UsersPC123D Objects
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ____D C:UsersPC12AppDataRoamingAdobe
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ____D C:UsersPC12AppDataLocalLowIntel
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ____D C:UsersPC12AppDataLocalVirtualStore
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ____D C:UsersPC12AppDataLocalPublishers
2021-02-17 02:59 – 2021-02-17 02:59 – 000000000 ____D C:UsersPC12AppDataLocalConnectedDevicesPlatform
2021-02-17 02:58 – 2021-02-17 03:03 – 000002360 _____ C:UsersPC12AppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-02-17 02:58 – 2021-02-17 03:03 – 000000000 ____D C:UsersPC12
2021-02-17 02:58 – 2021-02-17 02:58 – 000000020 ___SH C:UsersPC12ntuser.ini
2021-02-17 02:57 – 2021-02-17 02:57 – 000000000 _SHDL C:UsersDefault Person
2021-02-17 02:57 – 2021-02-17 02:57 – 000000000 _SHDL C:UsersAll Customers
2021-02-17 02:57 – 2021-02-17 02:57 – 000000000 _SHDL C:Paperwork and Settings
2021-02-17 02:53 – 2021-02-17 03:57 – 000000006 ____H C:WindowsTasksSA.DAT
2021-02-17 02:53 – 2021-02-17 03:26 – 000000000 ____D C:ProgramDataIntel
2021-02-17 02:53 – 2021-02-17 02:53 – 000258048 _____ C:Windowssystem32FNTCACHE.DAT
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____H C:Windowssystem32DriversMsft_User_WpdFs_01_11_00.Wdf
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____H C:ProgramDataDP45977C.lfl
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:WindowsSysWOW64sda
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:WindowsSysWOW64RTCOM
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Windowssystem32TasksIntel
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Windowssystem32SRSLabs
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Windowssystem32SleepStudy
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Windowssystem32Intel
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Windowssystem32Driverswd
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:WindowsServiceProfiles
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:WindowsIntel
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Program FilesRealtek
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 ____D C:Program FilesIntel
2021-02-17 02:53 – 2021-02-17 02:53 – 000000000 _____ C:Windowssystem32GfxValDisplayLog.bin
2021-02-17 02:52 – 2021-02-17 03:57 – 000008192 ___SH C:DumpStack.log.tmp
2021-02-17 02:48 – 2018-07-21 11:49 – 000000026 _____ C:Windowscsup.txt
2021-02-17 02:47 – 2021-02-17 02:57 – 000000000 ____D C:WindowsPanther
2021-02-17 02:44 – 2021-02-17 02:57 – 000000000 ____D C:Home windows.outdated
2021-02-17 02:43 – 2021-02-17 02:43 – 000000000 ____D C:WindowsIAStorAfsService
2021-02-17 02:42 – 2021-02-17 02:42 – 000000000 ____D C:WindowsAMDTAs
2021-02-17 02:42 – 2021-02-17 02:42 – 000000000 ____D C:ProgramDataLSI
2021-02-17 02:42 – 2021-02-17 02:42 – 000000000 ____D C:Program Information (x86)Razer
2021-02-17 02:41 – 2021-02-17 02:53 – 000000000 ____D C:Intel
2021-02-17 02:41 – 2021-02-17 02:42 – 000000000 ____D C:Windowssystem32DellTPad
2021-02-17 02:39 – 2021-02-17 02:59 – 000000000 ____D C:Windowssystem32FxsTmp
2021-02-17 02:39 – 2021-02-17 02:39 – 000008192 _____ C:Windowssystem32configuserdiff
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:WindowsSysWOW64MailContactsCalendarSync
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:WindowsSysWOW64FxsTmp
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:Windowssystem32OpenSSH
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:Windowssystem32MailContactsCalendarSync
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:WindowsSetup
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:WindowsOCR
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:Windowsaddins
2021-02-17 02:39 – 2021-02-17 02:39 – 000000000 ____D C:ProgramDatassh
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64winrm
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64WCN
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64sysprep
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64slmgr
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64Printing_Admin_Scripts
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64409
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32winrm
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32WCN
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32slmgr
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32Printing_Admin_Scripts
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32409
2021-02-17 02:38 – 2021-02-17 02:38 – 000000000 ____D C:WindowsDigitalLocker
2021-02-17 02:37 – 2020-10-03 00:33 – 000835472 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe
2021-02-17 02:37 – 2020-10-03 00:33 – 000179608 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2021-02-17 02:35 – 2021-02-17 03:59 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-02-17 02:35 – 2021-02-17 03:57 – 000000000 ____D C:WindowsServiceState
2021-02-17 02:35 – 2021-02-17 03:53 – 000000000 ____D C:WindowsAppReadiness
2021-02-17 02:35 – 2021-02-17 03:42 – 000000000 ___HD C:Program FilesWindowsApps
2021-02-17 02:35 – 2021-02-17 03:03 – 000000000 ____D C:ProgramDataUSOPrivate
2021-02-17 02:35 – 2021-02-17 02:59 – 000000000 ____D C:Windowssystem32spool
2021-02-17 02:35 – 2021-02-17 02:58 – 000000000 ____D C:Windowssystem32WinBioDatabase
2021-02-17 02:35 – 2021-02-17 02:57 – 000000000 ____D C:WindowsCSC
2021-02-17 02:35 – 2021-02-17 02:54 – 000000000 ___RD C:WindowsPrintDialog
2021-02-17 02:35 – 2021-02-17 02:54 – 000000000 ___RD C:WindowsImmersiveControlPanel
2021-02-17 02:35 – 2021-02-17 02:53 – 000000000 ____D C:Windowsappcompat
2021-02-17 02:35 – 2021-02-17 02:48 – 000028672 _____ C:Windowssystem32configBCD-Template
2021-02-17 02:35 – 2021-02-17 02:47 – 000000000 ____D C:WindowsContainers
2021-02-17 02:35 – 2021-02-17 02:42 – 000000000 ___RD C:Program Information (x86)
2021-02-17 02:35 – 2021-02-17 02:39 – 000000000 ____D C:WindowsSystemResources
2021-02-17 02:35 – 2021-02-17 02:39 – 000000000 ____D C:Windowssystem32WinBioPlugIns
2021-02-17 02:35 – 2021-02-17 02:39 – 000000000 ____D C:Windowssystem32setup
2021-02-17 02:35 – 2021-02-17 02:39 – 000000000 ____D C:WindowsPolicyDefinitions
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ___SD C:WindowsSysWOW64F12
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ___SD C:WindowsSysWOW64DiagSvcs
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ___SD C:Windowssystem32F12
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ___SD C:Windowssystem32dsc
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ___SD C:Windowssystem32DiagSvcs
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64setup
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64oobe
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64MUI
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64Dism
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsSysWOW64Com
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32SystemResetPlatform
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32Sysprep
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32PerceptionSimulation
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32oobe
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32MUI
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32migwiz
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32Dism
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Windowssystem32Com
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsIME
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:WindowsHelp
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesWindows Photograph Viewer
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesWindows NT
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesWindows Defender Superior Risk Safety
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesWindows Defender
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program FilesCommon Filesmicrosoft shared
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program Information (x86)Home windows Photograph Viewer
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program Information (x86)Home windows NT
2021-02-17 02:35 – 2021-02-17 02:38 – 000000000 ____D C:Program Information (x86)Home windows Defender
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 __SHD C:WindowsBitLockerDiscoveryVolumeContents
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 __SHD C:Program FilesWindows Sidebar
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 __SHD C:Program Information (x86)Home windows Sidebar
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 __RSD C:WindowsMedia
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:WindowsSysWOW64Nui
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:WindowsSysWOW64Configuration
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:Windowssystem32UNP
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:Windowssystem32Nui
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:Windowssystem32Configuration
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:Windowssystem32AppV
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___SD C:WindowsDownloaded Program Information
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___RD C:WindowsOffline Net Pages
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___HD C:WindowsLanguageOverlayCache
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ___HD C:WindowsELAMBKUP
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsWeb
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsWaaS
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsVss
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowstracing
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsTAPI
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64WinMetadata
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64SMI
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64ras
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64PerceptionSimulation
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64NDF
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64Msdtc
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64migwiz
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64Macromed
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64Keywords
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64Ipmi
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64InputMethod
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64inetsrv
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64IME
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64icsxml
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64GroupPolicyUsers
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64GroupPolicy
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64downlevel
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64Bthprops
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64AppLocker
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSysWOW64AdvancedInstallers
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSystemApps
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32WinMetadata
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32winevt
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ti-et
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ta-lk
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ta-in
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32si-lk
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ShellExperiences
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Sgrm
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32SecureBootUpdates
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ras
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ProximityToast
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32PointOfService
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32osa-Osge-001
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32NDF
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32my-mm
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32MsDtc
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Macromed
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Keywords
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Ipmi
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32InputMethod
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32inetsrv
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32IME
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32icsxml
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ias
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Hydrogen
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32GroupPolicyUsers
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32GroupPolicy
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ff-Adlm-SN
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32DriverState
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32DriversDriverData
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32downlevel
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32DDFs
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32ContainerSettingsProviders
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32configTxR
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32configsystemprofile
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32configRegBack
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32configJournal
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32Bthprops
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32appraiser
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32AppLocker
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32am-et
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32AdvancedInstallers
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSystem
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSKB
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsShellExperiences
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsShellComponents
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowssecurity
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowsschemas
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsSchCache
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsResources
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowsrescache
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsRemotePackages
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsRegistration
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsProvisioning
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsPLA
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsPerformance
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsModemLogs
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsLiveKernelReports
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsL2Schemas
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsInputMethod
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsIdentityCRL
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsGlobalization
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsGameBarPresenceWriter
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsDiagTrack
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsCursors
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:WindowsBranding
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Windowsbcastdvr
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:ProgramDataWindowsHolographicDevices
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:ProgramDataUSOShared
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program FilesWindows Safety
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program FilesWindows Transportable Gadgets
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program FilesWindows Multimedia Platform
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program FilesModifiableWindowsApps
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program FilesCommon FilesServices
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program Information (x86)Home windows Transportable Gadgets
2021-02-17 02:35 – 2021-02-17 02:35 – 000000000 ____D C:Program Information (x86)Home windows Multimedia Platform
2021-02-17 02:35 – 2021-02-17 02:33 – 000215943 _____ C:WindowsSysWOW64dssec.dat
2021-02-17 02:35 – 2021-02-17 02:33 – 000215943 _____ C:Windowssystem32dssec.dat
2021-02-17 02:35 – 2021-02-17 02:33 – 000020908 _____ C:Windowssystem32OEMDefaultAssociations.xml
2021-02-17 02:35 – 2021-02-17 02:33 – 000017635 _____ C:Windowssystem32Driversetcservices
2021-02-17 02:35 – 2021-02-17 02:33 – 000003683 _____ C:Windowssystem32Driversetclmhosts.sam
2021-02-17 02:35 – 2021-02-17 02:33 – 000003103 _____ C:WindowsSysWOW64mmc.exe.config
2021-02-17 02:35 – 2021-02-17 02:33 – 000003103 _____ C:Windowssystem32mmc.exe.config
2021-02-17 02:35 – 2021-02-17 02:33 – 000001358 _____ C:Windowssystem32Driversetcprotocol
2021-02-17 02:35 – 2021-02-17 02:33 – 000000858 _____ C:Windowssystem32DefaultQuestions.json
2021-02-17 02:35 – 2021-02-17 02:33 – 000000741 _____ C:WindowsSysWOW64NOISE.DAT
2021-02-17 02:35 – 2021-02-17 02:33 – 000000741 _____ C:Windowssystem32NOISE.DAT
2021-02-17 02:35 – 2021-02-17 02:33 – 000000407 _____ C:Windowssystem32Driversetcnetworks
2021-02-17 02:35 – 2021-02-17 02:33 – 000000219 _____ C:Windowssystem.ini
2021-02-17 02:35 – 2021-02-17 02:33 – 000000092 _____ C:Windowswin.ini
2021-02-17 02:34 – 2021-02-17 04:02 – 000000000 ____D C:WindowsINF
2021-02-17 02:30 – 2021-02-17 03:57 – 071565312 _____ C:Windowssystem32configSOFTWARE
2021-02-17 02:30 – 2021-02-17 03:57 – 038273024 _____ C:Windowssystem32configSYSTEM
2021-02-17 02:30 – 2021-02-17 03:57 – 000524288 _____ C:Windowssystem32configDEFAULT
2021-02-17 02:30 – 2021-02-17 03:57 – 000524288 _____ C:Windowssystem32configBBI
2021-02-17 02:30 – 2021-02-17 03:57 – 000065536 _____ C:Windowssystem32configSAM
2021-02-17 02:30 – 2021-02-17 03:57 – 000032768 _____ C:Windowssystem32configSECURITY
2021-02-17 02:30 – 2021-02-17 03:12 – 000000000 ____D C:Windowsservicing
2021-02-17 02:30 – 2021-02-17 03:12 – 000000000 ____D C:WindowsCbsTemp
2021-02-17 02:30 – 2021-02-17 02:35 – 000000000 ____D C:Windowssystem32SMI
2021-02-17 02:30 – 2021-02-17 02:30 – 000008192 _____ C:Windowssystem32configELAM
2021-02-17 02:24 – 2021-02-17 02:52 – 000000000 ___HD C:$SysReset

==================== Three months (modified) ==================

(If an entry is included within the fixlist, the file/folder shall be moved.)

==================== SigCheckExt =========================

2021-02-17 03:33 – 2021-02-17 03:33 – 002297856 _____ (Farbar) C:UsersPC12DesktopFRST64.exe

==================== SigCheck ============================

(There is no such thing as a automated repair for recordsdata that don’t go verification.)

==================== BCD ================================

Firmware Boot Supervisor
———————
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {06a8a3b9-70ca-11eb-9198-bc90efabd7c6}
timeout                 0

Home windows Boot Supervisor
——————–
identifier              {bootmgr}
system                  partition=DeviceHarddiskVolume1
path                    EFIMicrosoftBootbootmgfw.efi
description             Home windows Boot Supervisor
locale                  en-GB
inherit                 {globalsettings}
default                 {present}
resumeobject            {06a8a3bc-70ca-11eb-9198-bc90efabd7c6}
displayorder            {present}
toolsdisplayorder       {memdiag}
timeout                 0

Firmware Software (101fffff)
——————————-
identifier              {06a8a3b9-70ca-11eb-9198-bc90efabd7c6}
system                  unknown
description             UEFI: SanDisk, Partition 1

Home windows Boot Loader
——————-
identifier              {present}
system                  partition=C:
path                    Windowssystem32winload.efi
description             Home windows 10
locale                  en-GB
inherit                 {bootloadersettings}
recoverysequence        {06a8a3be-70ca-11eb-9198-bc90efabd7c6}
displaymessageoverride  Restoration
recoveryenabled         Sure
isolatedcontext         Sure
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              Home windows
resumeobject            {06a8a3bc-70ca-11eb-9198-bc90efabd7c6}
nx                      OptIn
bootmenupolicy          Customary

Home windows Boot Loader
——————-
identifier              {06a8a3be-70ca-11eb-9198-bc90efabd7c6}
system                  ramdisk=[DeviceHarddiskVolume4]RecoveryWindowsREWinre.wim,{06a8a3bf-70ca-11eb-9198-bc90efabd7c6}
path                    windowssystem32winload.efi
description             Home windows Restoration Setting
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Restoration
osdevice                ramdisk=[DeviceHarddiskVolume4]RecoveryWindowsREWinre.wim,{06a8a3bf-70ca-11eb-9198-bc90efabd7c6}
systemroot              home windows
nx                      OptIn
bootmenupolicy          Customary
winpe                   Sure

Resume from Hibernate
———————
identifier              {06a8a3bc-70ca-11eb-9198-bc90efabd7c6}
system                  partition=C:
path                    Windowssystem32winresume.efi
description             Home windows Resume Software
locale                  en-GB
inherit                 {resumeloadersettings}
recoverysequence        {06a8a3be-70ca-11eb-9198-bc90efabd7c6}
recoveryenabled         Sure
isolatedcontext         Sure
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                hiberfil.sys
bootmenupolicy          Customary
debugoptionenabled      No

Home windows Reminiscence Tester
———————
identifier              {memdiag}
system                  partition=DeviceHarddiskVolume1
path                    EFIMicrosoftBootmemtest.efi
description             Home windows Reminiscence Diagnostic
locale                  en-GB
inherit                 {globalsettings}
badmemoryaccess         Sure

EMS Settings
————
identifier              {emssettings}
bootems                 No

Debugger Settings
—————–
identifier              {dbgsettings}
debugtype               Native

RAM Defects
———–
identifier              {badmemory}

International Settings
—————
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
——————–
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
——————-
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
———————-
identifier              {resumeloadersettings}
inherit                 {globalsettings}

System choices
————–
identifier              {06a8a3bf-70ca-11eb-9198-bc90efabd7c6}
description             Home windows Restoration
ramdisksdidevice        partition=DeviceHarddiskVolume4
ramdisksdipath          RecoveryWindowsREboot.sdi

==================== Finish of FRST.txt ========================