Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

virus disables/corrupts any virus programs and keeps coming back

Started by mis_allen , Mar 06 2021 06:29 PM

Please log in to reply

#1
mis_allen

Posted 06 March 2021 - 06:29 PM

New Member

Member
3 posts

hi, about 2 weeks ago my computer became infected with virus/malware ..(I was downloading a crack or keygen to system mechanic) stupidly .. I have looked for the site but do not remember where.. anyway i had mcafee running at the time .. it detected a problem which it fixed supposedly and i deleted that download/program and moved on with no further attempts .. the next day i noticed a few things were different .. small things .. start menu right click had different files .. couldn't right click for "properties" .. got progressively worse .all network settings and connections disappeared and i was unable to connect . text reader would start in every file i would open .. i chased it around in task mgr. for a bit just watching .. folders and files were renamed and no longer accessible,..(i should say i am the only user of this laptop and unfortunately always use admin account for everything) anyway it seemed like the system was slowly being shut down and would soon be unusable... i didn't have boot/rescue discs..i first tried "fixmestick" it worked like magic first round.. i thought i was good but after about an hour of looking for damaged files .. the same things began happening .. i followed same process as i had before, however fixmestick no longer worked. the next morning i was receiving calendar ,messages on my iPhone that in 30 minutes i would be able to free myself with payment .. i deleted all the iPhone stuff .. and began restoring to previous month restore on laptop .. again was good for about 2 hours and it began again .. this time i performed a factory image restore from partition with the same results .. i then became serious about destroying this .. lol .I ran farbar .. followed by Microsoft malicious tool removal, then installed Malwarebytes professional and webroots secure anywhere ...spent most of yesterday checking pc .running web checks .. reconfigured router changed passwords ...and about 2 hours later the start menu would not pop up ...

i removed MBAMChameleon and mbamswissarmy something whether they were legit or not.. i did remove a bit from registry but didn't want to go crazy ... anyway right now everything looks suspicious to me and I would greatly appreciate any help you could offer . i am pasting the 2 Farbar files below .. Thanks, Michael

FRST- notepad

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021

Ran by S A (administrator) on DESKTOP-HR06UJB (Dell Inc. Inspiron 3558) (06-03-2021 18:27:24)

Running from C:\Users\S A\OneDrive\Desktop

Loaded Profiles: S A

Platform: Windows 10 Home Version 1511 10586.420 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe

(Dell Inc -> ) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe

(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe

(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe

(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe

(Dell Inc -> Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe

(Dell Inc -> Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe

(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe

(Dell Inc. -> Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe

(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel® Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe

(Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe

(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

(Webroot Inc. -> Webroot) C:\Program Files\Webroot\WRSA.exe <2>

(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRCoreService.x64.exe

(Webroot Inc. -> Webroot, Inc.) C:\Program Files\Webroot\Core\WRSkyClient.x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235440 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946600 2015-10-15] (Synaptics Incorporated -> Synaptics Incorporated)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [DpmLiteEvent] => C:\Program Files\Dell\DpmLite\DpmLiteEvent.exe [2537776 2014-11-19] (Wistron Corporation -> Wistron Corporation)

HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)

HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [4917608 2021-03-06] (Webroot Inc. -> Webroot)

HKLM\...\Policies\Explorer: [NoViewOnDrive] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKLM\...\Policies\Explorer: [NoViewContextMenu] 0

HKLM\...\Policies\Explorer: [NoShellSearchButton] 0

HKLM\...\Policies\Explorer: [NoFind] 0

HKLM\...\Policies\Explorer: [NoFile] 0

HKLM\...\Policies\Explorer: [HideClock] 0

HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0

HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKLM\...\Policies\Explorer: [NoSetFolders] 0

HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKLM\...\Policies\Explorer: [NoSetTaskbar] 0

HKLM\...\Policies\Explorer: [NoDeletePrinter] 0

HKLM\...\Policies\Explorer: [NoDFSTab] 0

HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0

HKLM\...\Policies\Explorer: [NoLogoff] 0

HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0

HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0

HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 0

HKLM\...\Policies\Explorer: [NoSaveSettings] 0

HKLM\...\Policies\Explorer: [NoHardwareTab] 0

HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM\...\Policies\Explorer: [NoDesktop] 0

HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\RunOnce: [RemovalTool] => C:\Users\S A\AppData\Local\FSDART\a9fac8d3-71d3-495f-af60-e5fc78f5a5de\fssos.exe [1607040 2021-03-05] (F-Secure Corporation -> )

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0

HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0

HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0

HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0

HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0

HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0

HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0

HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10A9F968-44D4-42CF-A37C-0CAB932DA18E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612256 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {21E940AE-B9A7-4279-A440-AA49B7B57FB4} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel® Software Asset Manager -> Intel Corporation)

Task: {2AA87FE4-E5E6-4C4E-AFBB-C6798BC9D34B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)

Task: {317107BF-13F6-48B4-AA5A-BA0B03A02F4B} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [39936 2015-10-30] (Microsoft Windows -> Microsoft Corporation)

Task: {3829FC8B-3478-4CF6-85BD-6024AD66E102} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)

Task: {3E57B0FB-16AF-4EBD-98B3-FFED1D0DC2C7} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-30] (Dropbox, Inc -> DropboxOEM)

Task: {48B7DB76-6B8E-4F5E-B34C-E3A5B6E16CC9} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494000 2017-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

Task: {6CA0F544-026A-406F-8DA8-CBB2302A96D7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe

Task: {6E4F85E3-31E4-4430-9F55-794257C4C7BC} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [30904 2016-06-28] (Dell Inc. -> Dell Inc.)

Task: {71E53243-3A2D-47EE-9DAB-6D71B2366657} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [39936 2015-10-30] (Microsoft Windows -> Microsoft Corporation)

Task: {91DACA5D-439D-439B-ABE9-655CE40E52AA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.)

Task: {995A6E47-B6E7-435B-9517-861D9C930100} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612256 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {A1492BD3-015A-4C48-9695-E9E9F6DAD4F6} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel® Software Asset Manager -> Intel Corporation)

Task: {A6653201-5FE6-47F8-9571-1AF0B43FD469} - System32\Tasks\DURestartTask => C:\WINDOWS\system32\net.exe [54784 2015-10-30] (Microsoft Windows -> Microsoft Corporation)

Task: {A925573A-9091-436E-98EC-AFE5C90BC10F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436696 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.)

Task: {CD3F9858-6CBE-4399-AF6E-4C1CDE7F3797} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {DC90FD6D-6208-4F56-870A-71243049E8DF} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.)

Task: {DD782644-A907-4459-BAFB-CDEAC6C1F5CD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {E64B5CB9-5771-44B7-8059-031EF0940A16} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.)

Task: {F5133683-5DFE-4485-BFD9-CDA515BC3DE3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{0bb16d6d-15e6-4858-82c7-968f64131615}: [DhcpNameServer] 192.168.1.1

Edge:

=======

Edge Profile: C:\Users\S A\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-06]

Edge Extension: (Web Threat Shield) - C:\Users\S A\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmkaflbamgddpjacdmjlkhbnpnlemaea [2021-03-06]

FireFox:

========

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-03-02] (Dropbox, Inc -> Dropbox, Inc.)

R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [116248 2016-05-25] (Dell Inc -> Dell Inc.)

R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell Inc -> Dell)

R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [87888 2016-05-19] (Dell Inc -> )

R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Techporch Incorporated -> Dell Inc.)

R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Techporch Incorporated -> Dell Inc.)

R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [229376 2016-05-02] (Dell Inc -> Dell Inc.)

R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-07-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)

S2 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]

S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-16] (Intel® Software Asset Manager -> Intel Corporation)

R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-06] (Intel® Wireless Display -> Intel)

R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)

R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-06-28] (Dell Inc. -> Dell Inc.)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation -> Microsoft Corporation)

R2 WRCoreService; C:\Program Files\Webroot\Core\WRCoreService.x64.exe [2037856 2020-08-25] (Webroot Inc. -> Webroot, Inc.)

R3 WRSkyClient; C:\Program Files\Webroot\Core\WRSkyClient.x64.exe [3002624 2020-08-25] (Webroot Inc. -> Webroot, Inc.)

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [4917608 2021-03-06] (Webroot Inc. -> Webroot)

S4 0061311614670992mcinstcleanup; C:\WINDOWS\TEMP\006131~1.EXE -cleanup -nolog [X]

S2 ClickToRunSvc; "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2015-10-30] (Microsoft Windows -> Windows ® Win 7 DDK provider)

R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32464 2016-06-23] (Techporch Incorporated -> Dell Computer Corporation)

R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-06-23] (Techporch Incorporated -> Dell Computer Corporation)

R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)

R2 DpmLiteDrv; C:\Program Files\Dell\DpmLite\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-03-06] (Malwarebytes Corporation -> Malwarebytes)

S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [155400 2015-06-15] (Intel Corporation - Client Components Group -> Intel Corporation)

R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-03-06] (Malwarebytes Inc -> Malwarebytes)

R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)

R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-06] (Intel® Wireless Display -> Windows ® Win 7 DDK provider)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Windows -> Microsoft Corporation)

R1 WRCore; C:\Program Files\Webroot\Core\WRCore.x64.sys [268720 2020-06-15] (Webroot Inc. -> Webroot, Inc.)

R0 WRkrn; C:\WINDOWS\System32\drivers\WRkrn.sys [145128 2021-03-06] (Webroot Inc. -> Webroot)

R3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [58304 2021-03-06] (Webroot, Inc -> Webroot)

U0 SR; no ImagePath

U2 srservice; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (All) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-06 18:16 - 2021-03-06 18:16 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2021-03-06 18:15 - 2021-03-06 18:15 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2021-03-06 18:15 - 2021-03-06 18:15 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2021-03-06 17:10 - 2021-03-06 17:10 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%

2021-03-06 14:26 - 2021-03-06 16:40 - 000000000 ____D C:\Users\S A\AppData\LocalLow\IGDump

2021-03-06 14:21 - 2021-03-06 18:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2021-03-06 14:21 - 2021-03-06 18:10 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2021-03-06 14:21 - 2021-03-06 14:21 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk

2021-03-06 14:21 - 2021-03-06 14:21 - 000000000 ____D C:\Users\S A\AppData\Local\mbam

2021-03-06 14:21 - 2021-03-06 14:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

2021-03-06 14:21 - 2021-03-06 14:20 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys

2021-03-06 14:20 - 2021-03-06 14:20 - 000000000 ____D C:\ProgramData\Malwarebytes

2021-03-06 14:20 - 2021-03-06 14:20 - 000000000 ____D C:\Program Files\Malwarebytes

2021-03-06 13:32 - 2021-03-06 13:32 - 000283460 _____ C:\WINDOWS\Minidump\030621-15156-01.dmp

2021-03-06 13:32 - 2021-03-06 13:32 - 000000000 ____D C:\WINDOWS\Minidump

2021-03-06 13:31 - 2021-03-06 13:31 - 451484938 _____ C:\WINDOWS\MEMORY.DMP

2021-03-06 12:33 - 2021-03-06 12:39 - 000000000 ____D C:\Program Files\Farbar Scan Tool

2021-03-06 12:27 - 2021-03-06 14:19 - 002084016 _____ (Malwarebytes) C:\Users\S A\Downloads\MBSetup.exe

2021-03-06 11:50 - 2021-03-06 11:50 - 000000000 ____D C:\Users\S A\AppData\Roaming\CDROLLER

2021-03-06 11:50 - 2021-03-06 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDRoller

2021-03-06 11:50 - 2021-03-06 11:50 - 000000000 ____D C:\Program Files (x86)\CDRoller

2021-03-06 11:50 - 2014-04-29 19:37 - 000031040 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rawdsk3.sys

2021-03-06 11:39 - 2021-03-06 11:42 - 019508168 _____ (Digital Atlantic Corp. ) C:\Users\S A\Downloads\CDRoller11_en (2).exe

2021-03-06 10:37 - 2021-03-06 10:37 - 000000000 ____D C:\Users\S A\OneDrive\Documents\New folder

2021-03-06 10:29 - 2021-03-06 10:29 - 000029731 _____ C:\Users\S A\OneDrive\Documents\mbst-clean-results 030621.txt

2021-03-06 10:08 - 2021-03-06 10:39 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Virus Malware Tools

2021-03-06 09:34 - 2021-03-06 10:17 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Farbar Scan Tool

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ___HD C:\OneDriveTemp

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Taxes

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Outlook Files

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\OneNote Notebooks

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\McAfee Vaults

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Lease 2020

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\GomPlayer

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Custom Office Templates

2021-03-06 09:33 - 2021-03-06 09:33 - 000000000 ____D C:\Users\S A\OneDrive\Documents\Credit Reports

2021-03-06 09:33 - 2021-02-18 03:51 - 000000120 ____R C:\Users\S A\OneDrive\Documents\s's Notebook.url

2021-03-06 09:33 - 2021-01-23 19:57 - 000000086 _____ C:\Users\S A\OneDrive\Documents\cdroller.txt

2021-03-06 09:33 - 2021-01-23 13:07 - 000219403 _____ C:\Users\S A\OneDrive\Documents\Details_1.txt

2021-03-06 09:33 - 2021-01-10 23:18 - 000302230 _____ C:\Users\S A\OneDrive\Documents\Shelly Servsafe Cert.pdf

2021-03-06 09:33 - 2021-01-09 10:35 - 000303202 _____ C:\Users\S A\OneDrive\Documents\Marwan servsafe cert.pdf

2021-03-06 09:33 - 2021-01-09 10:35 - 000302755 _____ C:\Users\S A\OneDrive\Documents\JaviS servsafe cert.pdf

2021-03-06 09:33 - 2020-10-14 23:11 - 000000000 _____ C:\Users\S A\OneDrive\Documents\Default.rdp

2021-03-06 09:33 - 2020-10-04 12:08 - 000000458 _____ C:\Users\S A\OneDrive\Documents\a.txt

2021-03-06 09:33 - 2020-10-04 11:00 - 000000458 _____ C:\Users\S A\OneDrive\Documents\fileviewpro.txt

2021-03-06 09:33 - 2020-09-17 06:24 - 000009875 _____ C:\Users\S A\OneDrive\Documents\EQUIPMENT SERVICE LOG.xlsx

2021-03-06 09:33 - 2020-09-14 17:19 - 000452418 _____ C:\Users\S A\OneDrive\Documents\eStatement_8_24_2020.pdf

2021-03-06 09:33 - 2019-03-30 08:28 - 000046788 _____ C:\Users\S A\OneDrive\Documents\The Filter Store - Confirmation.html

2021-03-06 09:33 - 2018-10-27 08:35 - 000122714 _____ C:\Users\S A\OneDrive\Documents\eFaucets.com Order Confirm.html

2021-03-06 06:19 - 2021-03-06 06:19 - 000000000 ____D C:\Users\S A\AppData\Local\NetworkTiles

2021-03-06 04:19 - 2021-03-06 04:19 - 000000000 ____D C:\Users\S A\AppData\Local\ElevatedDiagnostics

2021-03-06 03:33 - 2021-03-06 03:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2021-03-06 03:02 - 2021-03-06 03:02 - 000000000 ____D C:\ProgramData\WRCore

2021-03-06 03:01 - 2021-03-06 18:15 - 000270680 _____ (Webroot) C:\WINDOWS\SysWOW64\WRusr.dll

2021-03-06 03:01 - 2021-03-06 18:15 - 000225736 _____ (Webroot) C:\WINDOWS\system32\WRusr.dll

2021-03-06 03:01 - 2021-03-06 18:15 - 000000000 ____D C:\ProgramData\WRData

2021-03-06 03:01 - 2021-03-06 03:02 - 000000000 ____D C:\Program Files\Webroot

2021-03-06 03:01 - 2021-03-06 03:01 - 000145128 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys

2021-03-06 03:01 - 2021-03-06 03:01 - 000058304 ____T (Webroot) C:\WINDOWS\system32\Drivers\wrUrlFlt.sys

2021-03-06 03:01 - 2021-03-06 03:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere

2021-03-06 03:01 - 2021-03-06 03:01 - 000000000 ____D C:\Program Files\Common Files\Webroot

2021-03-06 00:04 - 2021-03-06 10:15 - 000000046 _____ C:\Users\S A\OneDrive\Documents\mb-licenseinfo.txt

2021-03-05 04:51 - 2021-03-05 04:51 - 000000000 ____D C:\Users\S A\AppData\Local\F-Secure

2021-03-05 04:35 - 2021-03-06 05:50 - 000000000 ____D C:\ProgramData\F-Secure

2021-03-05 04:35 - 2021-03-05 23:56 - 000000000 ____D C:\Users\S A\AppData\Local\FSDART

2021-03-05 02:51 - 2021-03-06 17:07 - 001532476 _____ C:\WINDOWS\ntbtlog.txt

2021-03-05 02:12 - 2021-03-06 10:26 - 000000000 ____D C:\Users\S A\OneDrive\Documents\FRST64

2021-03-05 01:50 - 2021-03-06 18:27 - 000000000 ____D C:\FRST

2021-03-05 01:46 - 2021-03-05 01:46 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2021-03-05 00:46 - 2021-03-06 18:11 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2021-03-05 00:28 - 2021-03-06 18:14 - 000000000 ____D C:\WINDOWS\pss

2021-03-03 18:54 - 2021-03-06 01:30 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk

2021-03-03 18:48 - 2021-03-03 18:48 - 000000000 ____D C:\Users\S A\AppData\Local\Cyberlink

2021-03-02 04:22 - 2021-03-02 04:22 - 000000000 _SHDL C:\Documents and Settings

2021-03-02 04:18 - 2021-03-02 04:39 - 000000000 ____D C:\tmp

2021-03-02 04:09 - 2021-03-02 04:09 - 000000000 ____D C:\Users\S A\AppData\Local\OneDrive

2021-03-02 03:53 - 2021-03-06 01:30 - 000002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-03-02 03:51 - 2021-03-06 01:21 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2021-03-02 03:51 - 2021-03-06 01:21 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2021-03-02 03:49 - 2021-03-06 04:43 - 000000000 ____D C:\Users\S A\AppData\Local\CrashDumps

2021-03-02 03:16 - 2021-01-21 16:37 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2021-03-02 03:13 - 2021-03-06 03:27 - 000000000 ____D C:\Program Files\CUAssistant

2021-03-02 03:13 - 2021-03-05 02:07 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2021-03-02 03:13 - 2021-03-02 03:32 - 000000000 ____D C:\WINDOWS\UpdateAssistant

2021-03-02 03:13 - 2021-03-02 03:16 - 000000000 ____D C:\WINDOWS\system32\MRT

2021-03-02 03:13 - 2021-03-02 03:13 - 000000000 ____D C:\Program Files\rempl

2021-03-02 03:13 - 2018-01-09 16:44 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll

2021-03-02 03:11 - 2018-06-01 18:31 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe

2021-03-02 03:11 - 2018-03-21 02:15 - 000026400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2021-03-02 03:11 - 2018-03-21 01:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2021-03-02 03:11 - 2018-03-21 00:34 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2021-03-02 03:11 - 2018-03-21 00:10 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2021-03-02 03:11 - 2018-03-20 23:40 - 002279936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2021-03-02 03:11 - 2018-03-01 02:37 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapihost.exe

2021-03-02 03:11 - 2018-03-01 02:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2021-03-02 03:11 - 2018-03-01 01:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2021-03-02 03:11 - 2018-03-01 01:39 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2021-03-02 03:11 - 2018-03-01 01:35 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2021-03-02 03:11 - 2018-03-01 01:01 - 000706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2021-03-02 03:11 - 2018-01-14 17:31 - 001110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll

2021-03-02 03:11 - 2017-10-15 23:48 - 000508760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 002032472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2021-03-02 03:11 - 2017-10-15 22:56 - 001578848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000678752 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000613720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000612192 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000250208 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000190296 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2021-03-02 03:11 - 2017-10-15 22:56 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2021-03-02 03:11 - 2017-10-15 22:36 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2021-03-02 03:11 - 2017-10-15 22:20 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2021-03-02 03:11 - 2017-09-14 02:08 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2021-03-02 03:11 - 2017-09-14 01:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2021-03-02 03:11 - 2017-09-14 01:38 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2021-03-02 03:11 - 2017-09-05 01:06 - 000320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2021-03-02 03:11 - 2017-09-05 00:10 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2021-03-02 03:11 - 2017-04-27 21:06 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2021-03-02 03:11 - 2016-10-25 02:26 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2021-03-02 02:51 - 2021-03-02 02:51 - 000000000 ____D C:\Users\S A\AppData\Local\Comms

2021-03-02 02:44 - 2021-03-02 02:44 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1051767444-124437913-613416110-1001

2021-03-02 02:42 - 2021-03-02 02:42 - 000000000 ____D C:\Users\S A\AppData\Roaming\Intel Corporation

2021-03-02 02:41 - 2021-03-06 12:36 - 000000000 ___RD C:\Users\S A\OneDrive

2021-03-02 02:41 - 2021-03-02 02:44 - 000002359 _____ C:\Users\S A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2021-03-02 02:41 - 2021-03-02 02:41 - 000000000 ____D C:\Users\S A\AppData\Local\MicrosoftEdge

2021-03-02 02:40 - 2021-03-02 02:40 - 000000000 ____D C:\Users\S A\AppData\Local\ActiveSync

2021-03-02 02:39 - 2021-03-02 02:39 - 000000000 ____D C:\Users\S A\AppData\Roaming\DropboxOEM

2021-03-02 02:39 - 2021-03-02 02:39 - 000000000 ____D C:\Users\S A\AppData\Local\Publishers

2021-03-02 02:39 - 2021-03-02 02:39 - 000000000 ____D C:\Users\S A\AppData\Local\Power2Go8

2021-03-02 02:39 - 2021-03-02 02:39 - 000000000 ____D C:\Users\S A\AppData\Local\DropboxOEM

2021-03-02 02:38 - 2021-03-06 18:17 - 000000000 __SHD C:\Users\S A\IntelGraphicsProfiles

2021-03-02 02:38 - 2021-03-06 09:04 - 000000000 ____D C:\Users\S A\AppData\Local\Packages

2021-03-02 02:38 - 2021-03-02 02:38 - 000000000 ____D C:\Users\S A\AppData\Roaming\Intel

2021-03-02 02:38 - 2021-03-02 02:38 - 000000000 ____D C:\Users\S A\AppData\Roaming\Adobe

2021-03-02 02:38 - 2021-03-02 02:38 - 000000000 ____D C:\Users\S A\AppData\Local\VirtualStore

2021-03-02 02:38 - 2021-03-02 02:38 - 000000000 ____D C:\Users\S A\AppData\Local\TileDataLayer

2021-03-02 02:37 - 2021-03-06 16:39 - 000000000 ____D C:\Users\S A

2021-03-02 02:37 - 2021-03-02 02:37 - 000000020 ___SH C:\Users\S A\ntuser.ini

2021-03-02 02:36 - 2021-03-02 02:36 - 000000000 ____D C:\Program Files\Common Files\Intel

2021-03-02 02:36 - 2021-03-02 02:36 - 000000000 ____D C:\Program Files (x86)\Cisco

2021-03-02 02:34 - 2021-03-06 13:38 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473

2021-03-02 02:33 - 2021-03-02 02:33 - 000000000 ____D C:\WINDOWS\system32\RTCOM

2021-03-02 02:33 - 2021-03-02 02:33 - 000000000 ____D C:\Program Files\Waves

2021-03-02 02:31 - 2021-03-02 02:31 - 000004152 _____ C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask

2021-03-02 02:31 - 2021-03-02 02:31 - 000003560 _____ C:\WINDOWS\system32\Tasks\PCDEventLauncherTask

2021-03-02 02:31 - 2021-03-02 02:31 - 000003438 _____ C:\WINDOWS\system32\Tasks\PCDDataUploadTask

2021-03-02 02:31 - 2021-03-02 02:31 - 000003322 _____ C:\WINDOWS\system32\Tasks\SystemToolsDailyTest

2021-03-02 02:29 - 2021-03-06 18:16 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-06 18:21 - 2016-04-25 15:04 - 000881036 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2021-03-06 18:21 - 2015-10-30 02:21 - 000000000 ____D C:\WINDOWS\INF

2021-03-06 18:18 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\AppReadiness

2021-03-06 18:16 - 2016-04-25 15:23 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2021-03-06 18:14 - 2016-04-25 14:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2021-03-06 18:14 - 2015-10-30 01:28 - 000262144 ___SH C:\WINDOWS\system32\config\BBI

2021-03-06 16:32 - 2016-04-25 15:23 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2021-03-06 03:34 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\rescache

2021-03-06 01:51 - 2015-10-30 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-03-06 01:48 - 2016-04-25 15:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

2021-03-06 01:38 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\NDF

2021-03-06 01:22 - 2016-04-25 15:32 - 000000000 ____D C:\Program Files\Common Files\McAfee

2021-03-06 01:21 - 2015-10-30 02:24 - 000000000 ___HD C:\Program Files\WindowsApps

2021-03-06 01:20 - 2016-04-25 15:32 - 000000000 ____D C:\ProgramData\McAfee

2021-03-06 01:20 - 2015-10-30 02:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2021-03-06 01:20 - 2015-10-30 01:28 - 000032768 ___SH C:\WINDOWS\system32\config\ELAM

2021-03-05 00:24 - 2015-10-30 02:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2021-03-03 19:30 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker

2021-03-03 18:53 - 2016-04-25 15:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

2021-03-03 18:53 - 2016-04-25 15:20 - 000000000 ____D C:\Program Files\Dell

2021-03-03 18:49 - 2016-04-25 15:26 - 000000000 ____D C:\ProgramData\SUPPORTDIR

2021-03-03 18:49 - 2016-04-25 15:25 - 000000000 ____D C:\ProgramData\Temp

2021-03-03 18:49 - 2016-04-25 15:25 - 000000000 ____D C:\ProgramData\CyberLink

2021-03-03 18:49 - 2016-04-25 15:25 - 000000000 ____D C:\ProgramData\CLSK

2021-03-03 18:49 - 2016-04-25 15:25 - 000000000 ____D C:\Program Files (x86)\CyberLink

2021-03-03 18:49 - 2016-04-25 15:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2021-03-02 04:24 - 2016-04-25 15:29 - 000003280 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate

2021-03-02 04:23 - 2016-04-25 15:20 - 000003040 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec

2021-03-02 04:23 - 2016-04-25 15:20 - 000002674 _____ C:\WINDOWS\system32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon

2021-03-02 04:23 - 2016-04-25 15:09 - 000002304 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_PushButton

2021-03-02 03:27 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates

2021-03-02 03:27 - 2015-10-30 02:11 - 000000000 ____D C:\WINDOWS\CbsTemp

2021-03-02 03:19 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\appraiser

2021-03-02 02:49 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\DevicesFlow

2021-03-02 02:43 - 2016-04-25 15:32 - 000000000 ____D C:\Program Files (x86)\McAfee

2021-03-02 02:39 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\PurchaseDialog

2021-03-02 02:39 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\PrintDialog

2021-03-02 02:39 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\MiracastView

2021-03-02 02:38 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2021-03-02 02:36 - 2016-04-25 15:11 - 000000000 ____D C:\Intel

2021-03-02 02:36 - 2016-04-25 15:10 - 000000000 ____D C:\ProgramData\Intel

2021-03-02 02:36 - 2016-04-25 15:10 - 000000000 ____D C:\Program Files (x86)\Intel

2021-03-02 02:36 - 2016-04-25 15:07 - 000000000 ____D C:\ProgramData\Package Cache

2021-03-02 02:35 - 2016-04-25 15:07 - 000000000 ____D C:\Program Files\Intel

2021-03-02 02:33 - 2016-04-25 15:23 - 000003186 _____ C:\WINDOWS\system32\Tasks\DropboxOEM

2021-03-02 02:33 - 2016-04-25 15:23 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 20 GB.lnk

2021-03-02 02:33 - 2016-04-25 15:09 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2021-03-02 02:32 - 2016-04-25 15:23 - 000000000 ____D C:\Program Files (x86)\Dropbox

2021-03-02 02:31 - 2016-04-25 15:21 - 000000000 ____D C:\ProgramData\PCDr

2021-03-02 02:30 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2021-03-02 02:29 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\appcompat

2021-03-02 02:27 - 2016-04-25 15:23 - 000003994 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA

2021-03-02 02:27 - 2016-04-25 15:23 - 000003762 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2021-03-03 17:42

==================== End of FRST.txt ========================

Addition - notepad

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021

Ran by S A (06-03-2021 18:28:36)

Running from C:\Users\S A\OneDrive\Desktop

Windows 10 Home Version 1511 10586.420 (X64) (2021-03-02 07:28:36)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1051767444-124437913-613416110-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1051767444-124437913-613416110-503 - Limited - Disabled)

Guest (S-1-5-21-1051767444-124437913-613416110-501 - Limited - Disabled)

S A (S-1-5-21-1051767444-124437913-613416110-1001 - Administrator - Enabled) => C:\Users\S A

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Webroot SecureAnywhere (Enabled - Up to date) {A16A5B28-D1C0-417E-771B-123558EECC69}

AS: Webroot SecureAnywhere (Enabled - Up to date) {1A0BBACC-F7FA-4EF0-4DAB-2947236986D4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CDRoller (HKLM-x32\...\CDRoller_is1) (Version: 11.61 - Digital Atlantic Corp.)

Core (HKLM\...\{48CD9577-944F-496C-B8AE-F6150240C2D1}) (Version: 1.1.227 - Webroot) Hidden

Dell Customer Connect (HKLM-x32\...\{2BFA1207-9A98-4D55-9182-5C433ED6A55A}) (Version: 1.4.3.0 - Dell Inc.)

Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.9.0 - Dell Inc.) Hidden

Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)

Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)

Dell Help & Support (HKLM\...\{2B27A8F6-B7D5-4FAF-9C8A-71E9EECA3E9C}) (Version: 2.2.21.0 - Dell Inc.) Hidden

Dell Help & Support (HKLM-x32\...\InstallShield_{2B27A8F6-B7D5-4FAF-9C8A-71E9EECA3E9C}) (Version: 2.2.21.0 - Dell Inc.)

Dell Power Manager Lite (HKLM-x32\...\DpmLite_Iris_2014_is1) (Version: 1.0.4 - Dell Inc.)

Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)

Dell SupportAssistAgent (HKLM-x32\...\{6992DE3D-E93B-4A24-9FE1-34C841941E11}) (Version: 1.2.4.3 - Dell)

Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.15 - Synaptics Incorporated)

Dell Update (HKLM-x32\...\{FB198E80-F1AB-4A6F-B3E3-F7442FC91FD2}) (Version: 1.9.4.0 - Dell Inc.)

Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.415.1 - Dropbox, Inc.) Hidden

DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.2.6793.01 - PC-Doctor, Inc.) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4274 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)

Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)

Intel® WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden

Intel® Wireless Bluetooth® (HKLM-x32\...\{C345A462-2044-47D6-81F6-A4416453A514}) (Version: 17.1.1529.1613 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{88540041-fd0c-4588-9b2f-251e29f7c5a1}) (Version: 18.40.4 - Intel Corporation)

Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)

Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)

Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.21594 - Microsoft Corporation)

Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21594 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21594 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21594 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.21594 - Microsoft Corporation) Hidden

proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)

Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{6753CC12-A884-47B2-9270-F5CD31B6F256}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden

Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)

UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden

Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.29.62 - Webroot)

Packages:

=========

Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2021-03-03] (Dell Inc)

Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_2.14.22001.0_x64__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation)

Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Corporation)

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2021-03-03] (Microsoft Studios) [MS Ad]

MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.8.268.0_x86__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation) [MS Ad]

MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.8.268.0_x86__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation) [MS Ad]

MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.8.268.0_x86__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation) [MS Ad]

MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.8.277.0_x86__8wekyb3d8bbwe [2016-04-25] (Microsoft Corporation) [MS Ad]

Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-03-03] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

ShellIconOverlayIdentifiers: [ ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

ShellIconOverlayIdentifiers: [ ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

ShellIconOverlayIdentifiers: [ ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

ContextMenuHandlers1: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-06] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-06] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [WRShellExt] -> {69D72956-317C-44bd-B369-8E44D4EF9802} => C:\WINDOWS\system32\WRusr.dll [2021-03-06] (Webroot Inc. -> Webroot)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-06-23 18:00 - 2015-06-23 18:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll

2015-06-23 18:00 - 2015-06-23 18:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll

2016-06-28 19:16 - 2016-06-28 19:16 - 000311296 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <==== ATTENTION

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION

HKU\S-1-5-21-1051767444-124437913-613416110-1001\Software\Classes\exefile: "%1" %* <==== ATTENTION

HKU\S-1-5-21-1051767444-124437913-613416110-1001\Software\Classes\.exe: exefile => "%1" %* <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2021-03-06] (Webroot Inc. -> Webroot)

BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2021-03-06] (Webroot Inc. -> Webroot)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 02:24 - 2015-10-30 02:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\

HKU\S-1-5-21-1051767444-124437913-613416110-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: 0061311614670992mcinstcleanup => 2

MSCONFIG\Services: HomeNetSvc => 2

MSCONFIG\Services: McAWFwk => 3

MSCONFIG\Services: McBootDelayStartSvc => 2

MSCONFIG\Services: mccspsvc => 2

MSCONFIG\Services: McNaiAnn => 2

MSCONFIG\Services: McODS => 3

MSCONFIG\Services: mcpltsvc => 2

MSCONFIG\Services: McProxy => 2

MSCONFIG\Services: ModuleCoreService => 2

MSCONFIG\Services: PEFService => 2

HKLM\...\StartupApproved\Run: => "IAStorIcon"

HKLM\...\StartupApproved\Run: => "DpmLiteEvent"

HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"

HKLM\...\StartupApproved\Run: => "RtHDVBg_MAXX6"

HKLM\...\StartupApproved\Run: => "RTHDVCPL"

HKLM\...\StartupApproved\Run: => "SynTPEnh"

HKLM\...\StartupApproved\Run: => "WavesSvc"

HKU\S-1-5-21-1051767444-124437913-613416110-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_0E7F3F0315BDA15500242827E902D7FC"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C956514E-980E-4C64-830A-06FFD3093728}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel® Wireless Display -> Microsoft)

FirewallRules: [{A09B86BA-E8F8-4058-BBBD-0A84E06D82C3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel® Wireless Display -> Intel Corporation)

FirewallRules: [{B3D10E0A-DAB3-4C5D-949C-D250FD608AEB}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File

FirewallRules: [{7E728B67-74FA-4F7A-A327-BC65DF881F01}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel® Wireless Display -> )

FirewallRules: [{EE624D3E-C3EF-412C-B01D-83B1FC957581}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)

FirewallRules: [{8ED0EFF3-8C1B-4932-BE19-D1AE0EF3696C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )

FirewallRules: [{3F8495FE-206B-45BB-9398-809CCACC1BA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

02-03-2021 02:27:57 Windows Modules Installer

03-03-2021 18:45:47 Installed Suite2

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (03/06/2021 06:28:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:28:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/06/2021 06:16:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-HR06UJB)

Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:

=============

Error: (03/06/2021 06:28:08 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-HR06UJB)

Description: Unable to start a DCOM Server: App as Unavailable/Unavailable. The error:

"2"