[SOLVED] Windows 10 Update Failure: "We can't tell if your PC is ready to...'

[bruce1270]

Please do the following

SFCFix Script

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

Download SFCFix.exe (by niemiro) and save this to your Desktop.

1. Please download the file SFCFix.zip to your desktop. Ensure that this file is named SFCFix.zip - do not rename it.
2. Save any open documents and close all open windows.
3. On your Desktop, you should see two files: SFCFix.exe and SFCFix.zip.
4. Drag the file SFCFix.zip onto the file SFCFix.exe and release it.
5. SFCFix will now process the script.
6. Upon completion, a file should be created on your Desktop: SFCFix.txt.
7. The Scan will show the locations of the two files.
8. Please navigate to this location and copy the files setupact.log and setuperr.log to a zipped file and attach in your next post.

 

[swim4life107]

SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-12-22 20:39:35.233
Microsoft Windows 10 Build 10240 - amd64
Using .txt script file at C:\Users\jsusz\Desktop\FSCFix.txt [1]




FileScan::
WARNING: There may be further unlisted copies of some of these files on the system.

[0: 1] C:\Windows\Panther\NewOs\Panther\setupact.log
File is untraceable.
Found: zC4P4levrxvFSsr9+w9dJ/JuaZy6q3X4f2xocMYPMfU=
Version number not available.
Trace not available.



[1: 1] C:\Windows\Panther\NewOs\Panther\setuperr.log
File is untraceable.
Found: WkVjUYq0SMu3+5ORr8ZccOO8cZO1QthNTOKv0HQ1QUM=
Version number not available.
Trace not available.



[2: 1] C:\Windows\Logs\PBR\$Windows.~BT\setupact.log
File is untraceable.
Found: MdTuBCx566uSs3tTL+TYQKug1V58oJ7xwc86lDKCMz8=
Version number not available.
Trace not available.



[3: 1] C:\Windows\Logs\PBR\$Windows.~BT\setuperr.log
File is untraceable.
Found: mm5VCOtT6ht1meFG/i3+ya52164JeQF5oGSJq/sZ3O8=
Version number not available.
Trace not available.
FileScan:: directive completed successfully.




Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 12 datablocks.
Finish time: 2018-12-22 20:39:38.168
Script hash: dGVyH1knFwCO/A9Xqhjqle2YgKUshOPnySE9GOhfapE=
----------------------EOF-----------------------

View attachment Panther setupact.zipView attachment setuperr.zip

I ended up attaching all 3!

 

[bruce1270]

Hi

Please check to see if your system has Secure Boot enabled.

To do this right click on start > Settings > Update & Security > Windows Security > Open Windows Defender Security Center > Device Security.

If you see Secure Boot mentioned then your system has it and it will say if it is turned on or not.

If it is turned on please disable this. To do this follow this guide

Please confirm if you do not have Secure Boot or confirm it is now disabled.

 

[swim4life107]

It was enabled. I disabled it

 

[bruce1270]

Hi

Please disconnect from your wi-fi and pull out any ethernet cables so you are not connected to your network and try the upgrade direct from the iso file.

Let me know how it goes.

Thanks

 

[swim4life107]

I got the same message of old. Sigh.

 

[bruce1270]

Ok. Please attach the latest setuperr.log in a zipped file.

Thanks

 

[swim4life107]

attached both logs

View attachment setuperr 12 27.zip

 

[bruce1270]

Ok, lets see if anything else is going on.

Please do the following

Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
1. Right click on the file and select run as administrator (if you don't have this option just double click the file to run it). When the tool opens click Yes to disclaimer.
2. Press Scan button.
3. It will produce a log called FRST.txt in the same directory the tool is run from (this should be your desktop).
4. Please copy (CTRL + C) and paste (CTRL + V) the FRST.txt log back here.
5. The first time the tool is run it generates another log Addition.txt - also located in the same directory as FRST.exe.
6. Please also paste that along with the FRST.txt into your reply.
Note: Please do not attach any logs unless specifically requested. It's easier if you simply copy and paste them into your reply. It's OK if you have to use more than one post to do so.

 

[swim4life107]

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.12.2018 01
Ran by jsusz (administrator) on LAPTOP-JO12DV8F (28-12-2018 19:51:25)
Running from C:\Users\jsusz\Desktop
Loaded Profiles: jsusz (Available Profiles: jsusz)
Platform: Windows 10 Home 10240.17443 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(SweetLabs, Inc) C:\Users\jsusz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

"Path" (C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\Windows Live\Shared -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\Windows Live\Shared) <==== Repaired successfully
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] ()
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-10-25] (Microsoft Corporation)
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [54788456 2018-12-11] (Skype Technologies S.A.)
HKLM\Software\...\AppCompatFlags\Custom\setuphost.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> 443203f0f95fd401
HKLM\Software\...\AppCompatFlags\Custom\setupprep.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> 443203f0f95fd401
HKLM\Software\...\AppCompatFlags\InstalledSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}: [DatabasePath] -> C:\Windows\AppPatch\Custom\Custom64\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb [2018-06-27]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 99.196.99.99 99.197.99.99
Tcpip\..\Interfaces\{e1d02c22-e0a5-4f9e-827b-9b2166b32d8b}: [DhcpNameServer] 99.196.99.99 99.197.99.99
Tcpip\..\Interfaces\{e471af35-449b-474c-b1a4-19eb05e48b7a}: [DhcpNameServer] 99.196.99.99 99.197.99.99

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.aol.com/?mtmhp=hyplogusaolp00000013&tb_uuid=AD6699D6F4F84E5DB6995A3BCA017BA8
hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1280739251-4201457606-2006058511-1001 -> DefaultScope {228C8BF1-2968-4159-BDAE-4800588000B3} URL =
SearchScopes: HKU\S-1-5-21-1280739251-4201457606-2006058511-1001 -> {228C8BF1-2968-4159-BDAE-4800588000B3} URL =
SearchScopes: HKU\S-1-5-21-1280739251-4201457606-2006058511-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-14] (Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-03] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-04-23] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-04-23] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: pegmqfg4.default
FF ProfilePath: C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default [2018-12-28]
FF Homepage: Mozilla\Firefox\Profiles\pegmqfg4.default -> hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
FF NewTab: Mozilla\Firefox\Profiles\pegmqfg4.default -> about:newtab
FF Extension: (Hoxx VPN Proxy) - C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\Extensions\@hoxx-vpn.xpi [2018-12-26]
FF Extension: (Adaware Ad Block) - C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\Extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi [2018-05-23]
FF Extension: (English (US) Language Pack) - C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2018-12-14]
FF Extension: (Avast Online Security) - C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\Extensions\wrc@avast.com.xpi [2018-10-22]
FF Extension: (Zoom Page) - C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\Extensions\zoompage@DW-dev.xpi [2017-08-16] [Legacy]
FF SearchPlugin: C:\Users\jsusz\AppData\Roaming\Mozilla\Firefox\Profiles\pegmqfg4.default\searchplugins\yahoo-avast.xml [2016-11-18]
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2016-11-17] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-en-US@firefox.mozilla.org [2016-11-17] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll [2018-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.172.2 -> C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll [2018-04-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default [2018-04-23]
CHR Extension: (Slides) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-20]
CHR Extension: (Docs) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-20]
CHR Extension: (Google Drive) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-22]
CHR Extension: (YouTube) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-22]
CHR Extension: (Adblock Plus) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-03-20]
CHR Extension: (Avast SafePrice) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-03-20]
CHR Extension: (Sheets) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-20]
CHR Extension: (Google Docs Offline) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-20]
CHR Extension: (Avast Online Security) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-20]
CHR Extension: (Zoom for Google Chrome) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2018-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-22]
CHR Extension: (Gmail) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\jsusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-25] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373704 2018-07-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
S3 RasAuto; C:\Windows\System32\rasauto.dll [0 2015-07-10] () <==== ATTENTION (zero byte File/Folder)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-26] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-06-03] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare)
S3 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-18] (Qualcomm Atheros Communications, Inc.)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-02] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [89592 2015-06-02] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7408584 2018-07-21] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-18] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-28 19:51 - 2018-12-28 19:53 - 000024164 _____ C:\Users\jsusz\Desktop\FRST.txt
2018-12-28 19:50 - 2018-12-28 19:51 - 000000000 ____D C:\FRST
2018-12-28 19:49 - 2018-12-28 19:50 - 002423296 _____ (Farbar) C:\Users\jsusz\Desktop\FRST64.exe
2018-12-28 19:10 - 2018-12-28 19:10 - 000000000 ____D C:\ProgramData\SearchRestore
2018-12-28 19:05 - 2018-12-28 19:05 - 000016148 _____ C:\Windows\system32\LAPTOP-JO12DV8F_jsusz_HistoryPrediction.bin
2018-12-28 10:07 - 2018-12-28 10:08 - 000000000 ____D C:\Users\jsusz\Downloads\Bird.Box.2018.WEBRip.XviD.MP3-FGT
2018-12-26 18:49 - 2018-12-26 20:09 - 000000000 ___HD C:\$WINDOWS.~BT
2018-12-25 15:01 - 2018-12-25 21:45 - 000000000 ____D C:\Users\jsusz\Downloads\Homecoming.S01.720p.AMZN.WEBRip.DDP5.1.x264-NTb[rartv]
2018-12-25 14:46 - 2018-12-28 09:51 - 000000000 ____D C:\Users\jsusz\AppData\LocalLow\uTorrent
2018-12-09 01:14 - 2018-12-22 20:39 - 000000000 ____D C:\SFCFix
2018-12-09 00:10 - 2018-12-22 20:39 - 000000000 ____D C:\Users\jsusz\AppData\Local\niemiro
2018-12-09 00:09 - 2018-12-09 00:10 - 002884096 _____ (niemiro) C:\Users\jsusz\Desktop\SFCFix.exe
2018-12-08 16:19 - 2018-12-08 16:19 - 000000000 ____D C:\Windows\UpdateAssistant
2018-12-07 18:40 - 2018-12-07 18:40 - 000000000 ___HD C:\$Windows.~WS

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-28 19:10 - 2016-11-13 00:45 - 000000000 ____D C:\Users\jsusz\AppData\Local\CrashDumps
2018-12-28 19:10 - 2016-11-12 15:21 - 000000000 ____D C:\Users\jsusz\AppData\Local\Host App Service
2018-12-28 19:09 - 2016-11-18 19:55 - 000000000 ____D C:\Users\jsusz\AppData\LocalLow\Mozilla
2018-12-28 19:08 - 2018-02-11 14:35 - 000004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DC9CDB6C-C57A-4030-9EE4-6D3583236D73}
2018-12-28 19:05 - 2016-11-12 15:22 - 000000000 __SHD C:\Users\jsusz\IntelGraphicsProfiles
2018-12-28 19:05 - 2016-11-12 15:17 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-28 19:05 - 2015-07-10 06:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-28 10:29 - 2015-07-10 03:05 - 001572864 ___SH C:\Windows\system32\config\BBI
2018-12-28 10:28 - 2016-11-12 16:35 - 000000000 ____D C:\Users\jsusz\AppData\Roaming\uTorrent
2018-12-28 09:50 - 2016-11-12 16:57 - 000000000 ____D C:\Program Files (x86)\Tennis Elbow 2013
2018-12-27 21:15 - 2016-11-12 16:03 - 000000000 ____D C:\Users\jsusz\Downloads\Movies
2018-12-27 17:47 - 2016-11-12 16:54 - 000000000 ____D C:\Users\jsusz\AppData\Roaming\vlc
2018-12-27 17:23 - 2018-04-03 21:07 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-12-27 17:23 - 2018-04-03 21:07 - 000000799 _____ C:\Users\jsusz\Desktop\Windows 10 Update Assistant.lnk
2018-12-27 17:23 - 2018-04-03 21:07 - 000000000 ____D C:\Windows10Upgrade
2018-12-26 20:09 - 2016-02-29 18:07 - 000001908 _____ C:\Windows\diagwrn.xml
2018-12-26 20:09 - 2016-02-29 18:07 - 000001908 _____ C:\Windows\diagerr.xml
2018-12-26 18:49 - 2015-07-15 22:31 - 000000000 ____D C:\Windows\Panther
2018-12-26 18:46 - 2015-07-15 21:43 - 000875126 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-26 18:46 - 2015-07-10 05:02 - 000000000 ____D C:\Windows\INF
2018-12-25 22:59 - 2016-11-12 15:21 - 000000000 ____D C:\Users\jsusz
2018-12-25 21:44 - 2016-11-12 16:11 - 000000000 ____D C:\Users\jsusz\Downloads\TV Shows
2018-12-25 18:17 - 2016-11-12 15:35 - 000000000 ___RD C:\Users\jsusz\OneDrive
2018-12-25 14:45 - 2015-07-10 05:04 - 000000000 ____D C:\Windows\system32\NDF
2018-12-20 21:32 - 2015-07-10 04:55 - 000000000 ____D C:\Windows\CbsTemp
2018-12-19 19:23 - 2017-07-26 21:40 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1280739251-4201457606-2006058511-1001
2018-12-19 19:23 - 2016-12-17 00:06 - 000002371 _____ C:\Users\jsusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-19 18:59 - 2017-04-22 11:46 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 18:59 - 2017-04-22 11:46 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 18:52 - 2015-07-10 04:59 - 000061952 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2018-12-19 18:49 - 2018-04-21 10:05 - 000000000 ____D C:\Users\jsusz\Downloads\Upgrade
2018-12-17 21:16 - 2017-04-22 11:47 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-17 21:16 - 2017-04-22 11:47 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-15 10:37 - 2016-11-17 21:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-12-15 10:37 - 2015-07-15 21:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-14 21:11 - 2016-11-13 16:42 - 000000000 ____D C:\Windows\system32\MRT
2018-12-14 20:50 - 2016-11-13 16:42 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-14 19:20 - 2015-07-15 21:46 - 000001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-13 18:21 - 2018-05-26 20:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-13 18:08 - 2018-07-25 18:48 - 000001387 _____ C:\Users\Public\Desktop\Skype.lnk
2018-12-13 18:08 - 2018-07-25 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-12-10 16:04 - 2016-11-12 20:06 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-12-07 21:03 - 2018-04-27 08:31 - 000000000 ___HD C:\$SysReset
2018-12-07 20:38 - 2018-03-30 20:10 - 000000000 ____D C:\ESD
2018-12-07 18:05 - 2017-07-22 15:32 - 000000000 ____D C:\Program Files\rempl
2018-12-05 18:55 - 2018-03-13 20:30 - 000004588 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-05 18:55 - 2015-07-10 05:04 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-05 18:54 - 2015-07-10 05:04 - 000000000 ____D C:\Windows\SysWOW64\Macromed

==================== Files in the root of some directories =======

2018-07-02 17:33 - 2018-07-02 17:33 - 000000000 _____ () C:\Users\jsusz\AppData\Local\{4FB5C7C9-908B-4BD1-8832-38DA7F5F5982}

Some files in TEMP:
====================
2017-10-21 14:42 - 2017-10-21 14:42 - 001856576 _____ (Oracle Corporation) C:\Users\jsusz\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-24 21:16 - 2018-01-24 21:16 - 001864256 _____ (Oracle Corporation) C:\Users\jsusz\AppData\Local\Temp\jre-8u161-windows-au.exe
2018-04-23 19:42 - 2018-04-23 19:43 - 001884616 _____ (Oracle Corporation) C:\Users\jsusz\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-12-13 18:12 - 2018-12-13 18:15 - 053894352 _____ (SweetLabs,Inc.) C:\Users\jsusz\AppData\Local\Temp\oct6B5A.tmp.exe
2018-04-10 18:48 - 2018-07-25 18:46 - 057812744 _____ (Skype Technologies S.A.) C:\Users\jsusz\AppData\Local\Temp\SkypeSetup.exe
2017-08-09 18:31 - 2017-08-09 18:32 - 030950664 _____ () C:\Users\jsusz\AppData\Local\Temp\vlc-2.2.6-win32.exe
2017-07-21 17:16 - 2018-03-09 18:33 - 006612768 _____ (Microsoft Corporation) C:\Users\jsusz\AppData\Local\Temp\Windows10Upgrade.exe

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\mfc140u.dll
C:\Windows\System32\MaxxAudioAPO6064.dll
C:\Windows\System32\rasauto.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.

LastRegBack: 2018-12-27 17:54

==================== End of FRST.txt ============================

ADDITION:

dditional scan result of Farbar Recovery Scan Tool (x64) Version: 28.12.2018 01
Ran by jsusz (28-12-2018 19:55:18)
Running from C:\Users\jsusz\Desktop
Windows 10 Home 10240.17443 (X64) (2016-11-12 21:16:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1280739251-4201457606-2006058511-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1280739251-4201457606-2006058511-503 - Limited - Disabled)
Guest (S-1-5-21-1280739251-4201457606-2006058511-501 - Limited - Disabled)
jsusz (S-1-5-21-1280739251-4201457606-2006058511-1001 - Administrator - Enabled) => C:\Users\jsusz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-44b15a0c-012a-42cf-98f1-165fff52d3de) (Version: 3.0.2.118 - WildTangent) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
AIM for Windows (HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\AIM) (Version: - AOL Inc.)
Amazon 1Button App (HKLM-x32\...\{4E501F9C-337A-4BBA-A3CD-624D7ADF05CB}) (Version: 2.3.6 - Amazon) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\Host App Service) (Version: 0.273.2.988 - SweetLabs) <==== ATTENTION
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
BBViewer (HKLM-x32\...\{080CA89B-8896-0801-61F1-6737F4B84A62}) (Version: 5.5 - UNKNOWN) Hidden
BBViewer (HKLM-x32\...\BBViewer) (Version: 5.5 - UNKNOWN)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dino Storm (HKLM-x32\...\WildTangentGDF-acer-dinostorm) (Version: 13.0.0.6 - WildTangent) Hidden
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Home Makeover (HKLM-x32\...\WTA-3cf95c4f-180b-4280-8f16-c53e066361fb) (Version: 3.0.2.59 - WildTangent) Hidden
IDM Crack 6.25 build 25 (HKLM-x32\...\IDM Crack 6.25 build 25) (Version: 5.40 - Crackingpatching.com Team)
Intel(R) Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 172 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180172F0}) (Version: 8.0.1720.11 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-1230f393-e73b-4a65-b2df-1ad3a6b6744f) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-d63130dc-efc8-4c06-a15e-a2edcf5b04f3) (Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-c89a8073-438e-4611-9c1c-a1121411ab40) (Version: 2.2.0.97 - WildTangent) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.7.213 - McAfee, Inc.)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-134665ac-2bca-44cd-a74e-fb5c2e88e579) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-7aae79e6-c8f9-4751-bb78-5f3a73b0dc29) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-8f50145d-d9dd-494c-aee5-8647a1ff13c9) (Version: 3.0.2.126 - WildTangent) Hidden
Skype version 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
Tennis Elbow 2013 1.0j (HKLM-x32\...\Tennis Elbow 2013) (Version: 1.0j - Mana Games)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22617 - Microsoft Corporation)
Windows Driver Package - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
YTD Video Downloader 5.9.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.3 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-27] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-07-21] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AB9470D-D742-45FE-ADD0-43262114EF33} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {0C0E85CF-CD8C-4E90-A6ED-D4BD24954B15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {26DD4D0B-3D27-4FF0-A127-AF1B2CCDF152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-14] (Microsoft Corporation)
Task: {2A670E3D-A150-458C-ABBC-BE7D93CC8728} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {2E8E368C-7557-4DCD-87BE-5B9834F0B79F} - System32\Tasks\App Explorer => C:\Users\jsusz\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2018-12-11] (SweetLabs, Inc) <==== ATTENTION
Task: {30526CEA-64EF-4721-A1EF-739D7021BCF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {431E4A89-2345-43D8-AAA1-E5C872ED620B} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe
Task: {46CF6EA1-4AB8-431D-95B6-39279EDC6A51} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {4A1F41E9-D987-4543-8B29-D8B58D7A4AD4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-14] (Microsoft Corporation)
Task: {61DF64EC-DE00-4F67-9CA3-689AF32D866C} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {6C1C639C-A473-41D6-ADBF-62B4293644D6} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2017-10-02] (Acer)
Task: {74381D8D-F997-4395-8D69-793B6FDF819D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {8831D1F8-E6D0-4D0B-BCDA-19BAF52A02EB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {8CA7B7B3-3F6A-46B2-BD1A-9AFDDF32DD12} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
Task: {97A656C1-43BE-48EE-8AA1-2F56D7FC783A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-22] (Google Inc.)
Task: {9EA5AEDC-99B2-4D3E-A5DE-4CBC840E2C24} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {A2A04E3F-DD2B-4C05-B257-EA113A3E6DE4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {B2A357BD-A644-4387-A473-7B6A2EDB9FA0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {B4436D76-0F78-4E5B-861F-3DBA69D242E6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {B6D4DB0F-B840-4E8D-97F4-6D6F40349C0E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {BD5D0C14-DFE6-40DA-AE95-A43F76E2F510} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2017-09-28] ()
Task: {C2824150-7469-43A9-A0F6-8C8AF48E2A9F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2017-05-24] ()
Task: {CC76CA80-C247-4E20-9181-30CCDBD4DF46} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-14] (Microsoft Corporation)
Task: {D45957F3-28BD-42AA-B0A7-E9905435DFF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-22] (Google Inc.)
Task: {DC9F65A8-F6F1-4B86-B473-CD6B891DB852} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-09-26] (Acer Incorporated)
Task: {ECE86E87-4412-48D7-969B-F8337C176F88} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-29 16:44 - 2016-02-29 16:44 - 000032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-12 19:24 - 2016-10-25 01:15 - 000404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2017-06-15 20:35 - 2017-06-03 07:39 - 002495776 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-12-13 18:51 - 2016-11-19 00:07 - 002028032 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2016-12-13 18:51 - 2016-11-19 00:06 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-13 18:51 - 2016-11-19 00:06 - 000619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2016-12-13 18:51 - 2016-11-19 00:07 - 000928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-07-13 23:36 - 2018-07-21 10:56 - 000401872 _____ () C:\Windows\system32\igfxTray.exe
2016-11-12 19:24 - 2015-09-16 23:48 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 04:59 - 2015-07-10 04:59 - 000143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2017-05-09 17:55 - 2017-04-27 17:44 - 006569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-12-13 18:51 - 2016-11-19 00:13 - 000884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-09 17:56 - 2017-04-27 17:42 - 001808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-12 19:30 - 2015-09-16 23:43 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-02-26 12:12 - 2015-02-26 12:12 - 000330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2016-02-29 18:01 - 2015-05-14 01:10 - 000030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2017-09-28 17:21 - 2017-09-28 17:21 - 001769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2017-05-24 19:11 - 2017-05-24 19:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2018-07-25 18:48 - 2018-12-11 18:46 - 001837672 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-12-13 18:08 - 2018-12-11 18:46 - 002413624 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-12-13 18:08 - 2018-12-11 18:46 - 000097840 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-12-13 18:08 - 2018-12-11 18:46 - 000219696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-12-13 18:08 - 2018-12-11 18:46 - 000081768 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-07-25 18:48 - 2018-12-11 18:46 - 002915328 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-07-25 18:48 - 2018-12-11 18:46 - 000015360 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-12-13 18:08 - 2018-12-11 18:46 - 000405056 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-12-13 18:08 - 2018-12-11 18:46 - 000138816 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-12-13 18:08 - 2018-12-11 18:47 - 003239984 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\Processing.NDI.Lib.x86.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\amazon.com -> amazon.com
IE trusted site: HKU\.DEFAULT\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\hola.org -> hxxp://hola.org

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 05:04 - 2018-10-12 17:26 - 000000032 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jsusz\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\sdc13196.jpg
DNS Servers: 99.196.99.99 - 99.197.99.99
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1280739251-4201457606-2006058511-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_1219B3561FE13111A5507F4E46A2D0E9"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F3BB3140-F82D-4A59-B999-C9BB903092F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{022F2404-D815-4F4F-A522-F0772A601AFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{249B7941-DD6B-4802-A656-1C3DDB436ED9}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{C0A52E9B-F9FF-4379-9110-831C67376EB2}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
FirewallRules: [{8422A92D-A3BC-4FCC-917C-7111B3B4421F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{78E0BC95-8376-4CA1-BC3C-EA02052CAE85}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (acer)
FirewallRules: [{17FCFDCD-31F7-4B6C-A4EE-66C2DC308EEE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{0BA0C669-46FB-4B17-9E32-97F780D14178}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (acer)
FirewallRules: [{A4E27349-362D-4130-A417-0AF4A4EA0773}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{8B7D38C3-9E7C-46F0-A8B7-B31AA7F8C0D1}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{44680BFD-6BB6-40D1-BE87-B91F15C97811}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{1393339D-A3E7-4475-A546-731954DB23E4}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{37811069-8615-4C47-8188-33022FF7D8C1}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{ABA47DBF-55B4-4E52-8AAB-2A2607F2A4F4}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{13026119-2075-4036-8256-102C3B89B136}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{5B268398-D562-4D6E-8AF1-EEDB96B25231}] => (Allow) LPort=2869
FirewallRules: [{1C4D443E-6946-47C1-B052-DFDD5EDF8A54}] => (Allow) LPort=1900
FirewallRules: [{F4F11E2C-0536-455B-B45E-D8C00420B631}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{891AB753-B670-457E-A1D2-72B86D5EDFC6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{2907B487-00F0-4B9F-8B89-E2F39A8EFBAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{5D3693E7-BC98-4A39-B0EE-E3FF3E06E184}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{CBBB01CF-B550-4333-A89C-D967962E32A7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{F15E6629-3318-4BB4-AD87-2EAE2488C4ED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FC81BC74-A19B-4D9F-A149-8067B9940C39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{48D42925-D4DF-4B20-94A7-8DD8207E94F5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{96631EDF-4785-4FE1-91C0-4D8F433AADA7}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{5D70066A-ADF3-4A60-B8A3-83970FB2A5B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{3FC57697-B140-4E59-9713-AF4264B636A1}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{F39EC5F4-E8DF-4CFD-8A51-35EFA7265621}] => (Allow) C:\Users\jsusz\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{01636007-2A93-41E1-A8B7-60913057CCEB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{46153211-CC7A-4066-B12D-81E3727FD3BB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{A3A0EA2B-A7A7-4418-8E4B-97403508804A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{5040493A-8A35-4D4B-982C-344FD9F3C3D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{8F125E63-59BB-4578-9A5F-5C3CD2CC7796}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

14-12-2018 20:48:21 Windows Update
24-12-2018 06:30:55 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2018 07:49:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/28/2018 07:10:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HostAppServiceUpdateManager.exe, version: 0.273.2.988, time stamp: 0x5c105261
Faulting module name: combase.dll, version: 10.0.10240.17394, time stamp: 0x59029382
Exception code: 0xc0000005
Fault offset: 0x0000000000029cd9
Faulting process id: 0x1ac8
Faulting application start time: 0x01d49f12e3e0f720
Faulting application path: C:\Users\jsusz\AppData\Local\Host App Service\Engine\HostAppServiceUpdateManager.exe
Faulting module path: C:\Windows\system32\combase.dll
Report Id: c761e42f-5ead-4d3c-8d90-37d05c6c8728
Faulting package full name:
Faulting package-relative application ID:

Error: (12/28/2018 07:07:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/28/2018 07:07:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (12/28/2018 10:28:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-JO12DV8F)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/28/2018 10:28:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-JO12DV8F)
Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (12/28/2018 09:46:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007232B
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (12/28/2018 09:46:28 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4996) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.


System errors:
=============
Error: (12/28/2018 07:09:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/28/2018 07:09:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/28/2018 07:09:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/28/2018 07:09:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/28/2018 07:08:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/28/2018 10:28:58 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JO12DV8F)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (12/28/2018 10:28:58 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JO12DV8F)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (12/28/2018 10:28:58 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JO12DV8F)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-12-27 18:00:21.992
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {44AEBDF8-D054-4961-A557-9F7FE1B49154}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-22 01:09:14.774
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {2DE44D88-A769-48C3-A9EE-E20098CE487E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-18 16:09:32.079
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {CF3827C6-E738-44AA-A041-A2C8ADD6ED84}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-18 15:00:16.584
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {278C127B-1A7C-4565-A1CB-31255B216B92}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-17 16:34:23.882
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {9FF2B702-F6CB-4FAF-95B8-5A5C748B9489}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-26 18:51:35.856
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-12-26 18:51:35.846
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.1474.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-12-26 18:51:35.845
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.1474.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-12-26 18:51:35.587
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.283.1474.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-12-25 14:44:02.772
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2018-10-22 13:07:42.026
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-22 12:55:21.338
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-21 22:51:27.235
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-21 22:49:31.730
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-20 11:36:10.966
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-19 19:21:00.189
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-18 19:45:13.994
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-17 19:46:53.979
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 75%
Total physical RAM: 3919.27 MB
Available physical RAM: 968.71 MB
Total Virtual: 7247.27 MB
Available Virtual: 3191.65 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:465.11 GB) (Free:147.05 GB) NTFS

\\?\Volume{e499b3d6-dae5-4f20-862b-8bf273d48d66}\ (Recovery) (Fixed) (Total:0.48 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 94D55CF4)

Partition: GPT.

==================== End of Addition.txt ============================

 

[bruce1270]

Hi

Please do the following

1. In the search field, type cmd.
2. In the list that is displayed right click on Command Prompt and select Run as Administrator. Say Yes to any UAC prompt. This should open a Command Prompt.
3. At the Command Prompt type bcdedit and press return.
4. Please take a screenshot of the information returned and attach to your next post.

 

[swim4life107]

See attached

 

[bruce1270]

Hi

It looks like there is an issue with the BCD (Boot Configuration Data). We will try to rebuild this. Before you attempt this though it is critical that you back up all your data.

Please do the following

Make sure you have a complete backup of anything important on your computer BEFORE attempting any of these steps.

You will need a bootable Windows disc or recovery flash drive to boot from to do this.
How to create a recovery flash drive: https://support.microsoft.com/en-us/...recovery-drive

After you create the recovery drive, boot from it by using the advanced startup options and choosing boot from device (or using the UEFI interface, whichever is simpler.)
Here's the instructions that other users have had success with:

Alright, apparently the issue is with the BCD (Boot Configuration Data). A few users reported that rebuilding it solved that issue.

https://answers.microsoft.com/en-us/...4-9ae12cfd89a2 - "Most Helpful Reply" from Cifad

If you cannot read the commands properly, here goes (to be entered in the command prompt from the Recovery Environment):

diskpart - Opens the Disk Partitioning tool
select disk 0 - Will select your first hard drive (the one with the Windows partition on it)
list volume - Note the number of the partition that has no drive letter assigned to it, is of 260MB of size and have "FAT32" listed under the "FS" column
select volume X - X will be the number of your partition with a size of 260MB, the EFI System Partition one that you identified in the last command
assign letter=Z: - It'll assign the Z: letter to the EFI System Partition
exit - To exit the diskpart utility

Now you'll be back in the command prompt, enter the following commands:

cd /d Z:\EFI\Microsoft\Boot - Goes to the "Boot" directory in the Z: partition
attrib Z:\EFI\Microsoft\Boot\BCD -h -r -s - Removes the hidden, read-only and system attributes from the BCD folder
ren Z:\EFI\Microsoft\Boot\BCD BCD.old - Renames the BCD folder to BCD.old
bootrec /rebuildbcd - This command will rebuild the BCD.

When it asks Add the installation to boot list?, press on y followed by Enter and if it succeeds, you'll have a The operation completed successfully message. Once you're done, close the command prompt, restart your computer and try to upgrade again.

Make sure you have a complete backup of anything important on your computer BEFORE attempting any of these steps.

 

[swim4life107]

See attached. I followed all the steps and got this message on this step:
bootrec /rebuildbcd - This command will rebuild the BCD.

If possible, I need to know what to do ASAP because I am in the middle of rebuilding and don't want to cause anymore issues:

 

[Sysnative Windows Update]

Are you sure you are running from the recovery media and not the OS itself?

 

[swim4life107]

Yea I am running from the OS. I wasn't able to create a recovery drive: again I got this message:

 

[Sysnative Windows Update]

Then we have to resolve this first. The reason the rebuild command is failing is the fact that the command is being run from the OS.

Do this:



1. Open command prompt in elevated mode and type:

reagentc /disable





reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk0\partition1\Recovery\WindowsRE





reagentc /enable

Note:



You may need to change "harddisk0" to "harddiskX" where X is the number of your "C" drive and "partition1" to partitionX where X is the partition number to conform with your system setup. To check go to Disk Management. The disk partitions are numbered from the left of the screen starting with number 1.

Note 2: Press Enter after each of the commands.

 

[swim4life107]

Got this message

C:\Windows\system32>reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk0\partition1\Recovery\WindowsRE
REAGENTC.EXE: The specified path was not found.

Tried to change it as I understood the directions but maybe I'm wrong?

C:\Windows\system32>reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk0\partition2\Recovery\WindowsRE
REAGENTC.EXE: The specified path was not found.

Here is a copy of my disk management:

 

[Sysnative Windows Update]

The command needs to target the USB drive you will be using as the Recovery Drive.

 

[swim4life107]

Tried what I thought I should do and got this again:

C:\Windows\system32>reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk1\partition1\Recovery\WindowsRE
REAGENTC.EXE: The specified path was not found.

Here's my disk management with the USB:



I've seriously never felt this dumb in life. Bless you for being able to keep this all straight.

Tried one last thing and got this:

C:\Windows\system32>reagentc /setreimage /path \\?\GLOBALROOT\device\harddisk1\partition0\Recovery\WindowsRE
REAGENTC.EXE: The Windows RE image cannot be stored in the specified volume. Use the RETAIN command in DISKPART to prepare the volume and try again.

I switched the partition1 to partition0.