KB890830 - readvertises itself on Vista - annoying - help

WUPDATEPAINS · Jun 3, 2016

Hi Update Gurus,

I have fixed some Windows Update issues which were unable to be installed on Windows Vista 32bit, but one annoying issue remains.
The re advertisement of KB890830 - Windows Malicious Software Removal Tool - May 2016.

In the last week it has reprompted and installed successfully 3 times. I can't spot any errors so need someone to point me in the right direction here.

Any thought:banghead:s greatly appreciated.

I have uploaded the last CBS folder

Things done in the recent times (last 2 weeks), with issues being fixed.

- SURT
- sfc /scannow
- SFCfix
- Windows FixIT
- CheckSur.log

+++
SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-06-01 16:29:07.694
Microsoft Windows Vista Service Pack 2 - x86
Not using a script file.

AutoAnalysis::
SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2016-06-01 16:30:39.896
----------------------EOF-----------------------
+++++++++

=================================
Checking System Update Readiness.
Binary Version 6.0.6002.23186
Package Version 25.0
2016-05-20 16:06

Checking Windows Servicing Packages

Checking Package Manifests and Catalogs

Checking Package Watchlist

Checking Component Watchlist

Checking Packages

Checking Component Store

Summary:
Seconds executed: 3844
No errors detected

Checking CoreOS key for repairing corruptions.
Winner version: 6.0.6002.18971.
Processor architecture: x86.
Check key to be repaired: wcm://Microsoft-Windows-CoreOS?version=6.0.6002.18971&language=neutral&processorArchitecture=x86&publicKeyToken=31bf3856ad364e35&versionScope=nonSxS&scope=allUsers\metadata\elements\ComputerName
Recreated value: @_type.
Recreated value: @dataOnly.
Recreated value: @default.
Recreated value: @description.
Recreated value: @displayName.
Recreated value: @handler.
Recreated value: @legacyName.
Recreated value: @legacyType.
Recreated value: @migrate.
Recreated value: @scope.
Recreated value: @xsd:type.

BrianDrab · Jun 6, 2016

Hi and welcome back to Sysnative. Let's try the following.

1. Please perform a Clean Boot of your machine following the instructions in the link below.
https://www.sysnative.com/forums/wi...-readvertises-itself-vista-annoying-help.html

2. After in a Clean Boot state, please download the newest version of this update and install.
Download Malicious Software Removal Tool from Official Microsoft Download Center?

After this is complete, please let me know. Also, can you tell me what Antivirus you are using on this machine?

Thanks.

WUPDATEPAINS · Jun 7, 2016

BrianDrab said:
Hi and welcome back to Sysnative. Let's try the following.

1. Please perform a Clean Boot of your machine following the instructions in the link below.
https://www.sysnative.com/forums/wi...-readvertises-itself-vista-annoying-help.html

2. After in a Clean Boot state, please download the newest version of this update and install.
Download Malicious Software Removal Tool from Official Microsoft Download Center?

After this is complete, please let me know. Also, can you tell me what Antivirus you are using on this machine?

Thanks.

Hi BrianDrab,

Unusual one, the Malicious tool installed itself again yesterday. I can't reproduce the problem though it just returns.

1. Clean boot has been tried but I can't leave the Trend antivirus disabled. I have clean booted via MSConfig (disabled the majority of startup items and services, except for VAIO laptop and Trend)
2. The newwest update is installed, when downloading and running it just ran a scan - which came back clean, nothing found.
3. Trend Micro Maximum Security v10.0.0.1265

I have attached some screenshots if they would be helpful of startup items and services.

Thanks

WUPDATEPAINS · Jun 7, 2016

please find attached some additional screenshots of trend, no malware found, the update again installed successfully again from yesterday.

BrianDrab · Jun 7, 2016

Since this update comes out with new definitions every month, let's wait until the June one comes out. Should be in a few days. I have some ideas but I'd like to see if the issue continues with the June update first.

WUPDATEPAINS · Jun 9, 2016

BrianDrab said:
Since this update comes out with new definitions every month, let's wait until the June one comes out. Should be in a few days. I have some ideas but I'd like to see if the issue continues with the June update first.

Thanks BrianDrab. I strongly suspect the issue will remain, as I confirmed with the person that it was happening in April and now in May.
If you have some ideas or further logs that aren't intrusive or likely to break something let me know. Otherwise lets wait till June updates.

BrianDrab · Jun 9, 2016

If you are certain it will happen again with the June updates then what I highly recommend is that you completely uninstall your Trend Micro antivirus and see if the issue persists.

WUPDATEPAINS · Jun 16, 2016

I am back :banghead: BrianDrab.

As suspected Windows updates are not working for June. They just sit there searching for hours. I have run a SFCfix and also uploaded the latest CBS logs along with a Farbar scan . Please see attached. Where to next?

SFCFix version 3.0.0.0 by niemiro.
Start time: 2016-06-16 15:47:22.102
Microsoft Windows Vista Service Pack 2 - x86
Not using a script file.

AutoAnalysis::
SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.
SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2016-06-16 15:48:41.341
----------------------EOF-----------------------

++++++++++++++++

Result of Security Analysis by Rocket Grannie (x86) Updated: 8th June 2016
Running from:C:\Users\Geoffrey\Downloads (16:16:54 - 06/16/2016)
***---------------------------------------------------------***
Microsoft® Windows Vista™ Home Premium X86 Service Pack 2
UAC is Enabled!
Internet Explorer 8
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
***-----------------Anti-Virus - Firewall-------------------***
Trend Micro Maximum Security (Disabled - Up to Date)
Windows Firewall is Enabled!
Searching for any other Firewall
*No other Firewall Installed*
***----------------AntiSpyware - Miscellaneous---------------***
Adobe Flash Player Plugin (version 21.0.0.242)
Java (version 8.92.14)
Adobe Flash Player ActiveX (version 21.0.0.242)
Adobe Reader XI (version 11.0.0.16)
CCleaner -- An older version than (5.18) is installed.
Google Chrome -- An older version than (51) is installed.
Malwarebytes Anti-Malware (version 2.2.1.1043)
Microsoft Silverlight (version 5)
Mozilla Firefox -- An older version than (47) is installed.
Safari (version 5.1)
CCleaner (version 5.17) is *out of Date*
Google Chrome (version 49.0.2623.112) is *out of Date*
Mozilla Firefox 46.0.1 (x86 en-US) (version 46.0.1) is *out of Date*

***----------------Analysis Complete-------------------------***

+++++++++++++++++

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-06-2016
Ran by Geoffrey (administrator) on GEOFFREY-PC (16-06-2016 16:12:44)
Running from C:\Users\Geoffrey\Downloads
Loaded Profiles: Geoffrey (Available Profiles: Geoffrey)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_OE\TMAS_OEMon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\chrome_extension2\host\chrome_native_msg_host.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [166448 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [OE] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_OE\TMAS_OEMon.exe [72976 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [WLM] => C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_WLM\TMAS_WLMMon.exe [45672 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2047216 2015-06-29] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1080320 2015-07-17] (Trend Micro Inc.)
HKLM\...\Run: [LauncherP205b] => C:\Program Files\Fuji Xerox\DocuPrint SSW2\Launcher\fxlaunch.exe [1271296 2010-10-20] (Fuji Xerox Co., Ltd. )
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-04] (Sony Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [122880 2008-09-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AML] => C:\Program Files\Sony\VAIO Launcher\AML.exe [1097728 2008-09-10] (Sony)
HKLM\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-25] (Adobe Systems Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-11-06] (Sony Corporation)
HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\...\Run: [FileHippo.com] => C:\Program Files\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] ()
HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\...\Policies\Explorer: [NoInstrumentation] 1
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk [2009-07-05]
ShortcutTarget: Audio Filter.lnk -> C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk [2009-07-05]
ShortcutTarget: Audio Filter.lnk -> C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14C898D1-A2F5-4359-A797-56C45F5820E5}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{66CC605F-724D-44E5-AD56-2B5091285738}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{DF233DFB-8365-4356-ADBC-C6508B921A86}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://media.telstra.com.au/home.html
HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaio-online.sony.com/
URLSearchHook: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
SearchScopes: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=AU&ver=5
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Trend Micro Network Filter Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems Incorporated)
BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems Incorporated)
Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
Toolbar: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://myob.webex.com/client/T25L/support/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-17] (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.8.1222\2.0.1084\TmopIEPlg.dll [2015-07-17] (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2015-12-21] (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2015-07-17] (Trend Micro Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Geoffrey\AppData\Roaming\Mozilla\Firefox\Profiles\6qlvvqsh.default-1463370026713
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-25] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> c:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2162832853-1075085140-1286379974-1003: @citrixonline.com/appdetectorplugin -> C:\Users\Geoffrey\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-09-25] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-05-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-05] [not signed]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn => not found
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-05-27] [not signed]
FF HKLM\...\Firefox\Extensions: [64ffxtbr@TelevisionFanatic.com] - C:\Program Files\TelevisionFanatic\bar\1.bin => not found
FF HKLM\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-08-14] [not signed]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2016-02-17]
FF HKLM\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2016-03-09]
FF HKLM\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-02-17]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-09-09]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2016-02-22]
CHR Extension: (Gmail) - C:\Users\Geoffrey\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-20]
CHR HKLM\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path\update_url>
CHR HKLM\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-02] (ArcSoft Inc.)
S2 AdobeActiveFileMonitor7.0; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [169312 2008-09-17] (Adobe Systems Incorporated)
S4 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-01-07] (Macrovision Europe Ltd.) [File not signed]
S4 FXNADB; C:\Program Files\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmdb.exe [72704 2010-10-20] () [File not signed]
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [303104 2008-12-05] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [837120 2015-07-17] (Trend Micro Inc.)
S2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [273544 2015-06-29] (Trend Micro Inc.)
S2 RtkAudioService; C:\Windows\RtkAudioService.exe [102400 2008-10-17] (Realtek Semiconductor) [File not signed]
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-10-22] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-10-22] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-10-22] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S4 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-19] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-09-09] (Sony Corporation) [File not signed]
S2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [203624 2008-11-06] (Sony Corporation)
S2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [415584 2008-10-18] (Sony Corporation)
S2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [446464 2008-09-12] (Sony Corporation) [File not signed]
S2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [369952 2008-10-02] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-09-09] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-09-09] (Sony Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [X]
S2 Security Activity Dashboard Service; C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-25] (ArcSoft, Inc.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2006-09-05] (Samsung Electronics Co., Ltd.) [File not signed]
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [61728 2015-06-12] (Trend Micro Inc.)
R3 NETw5v32; C:\Windows\System32\DRIVERS\NETw5v32.sys [4233728 2009-05-28] (Intel Corporation) [File not signed]
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [150560 2008-10-24] (Realtek Semiconductor Corp.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2006-11-22] (Samsung Electronics) [File not signed]
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [117560 2015-11-23] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [315184 2015-11-23] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [49472 2015-06-11] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [101216 2015-06-08] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [96056 2015-11-23] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [314976 2015-05-28] (Trend Micro Inc.)
S3 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [84736 2015-06-29] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [96560 2015-06-26] (Trend Micro Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U2 TMAgent; no ImagePath
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-16 16:12 - 2016-06-16 16:14 - 00025117 _____ C:\Users\Geoffrey\Downloads\FRST.txt
2016-06-16 16:12 - 2016-06-16 16:12 - 00000000 ____D C:\FRST
2016-06-16 16:10 - 2016-06-16 16:10 - 00898560 _____ C:\Users\Geoffrey\Downloads\RGSA.exe
2016-06-16 16:09 - 2016-06-16 16:09 - 01736192 _____ (Farbar) C:\Users\Geoffrey\Downloads\FRST.exe
2016-06-16 15:51 - 2016-06-16 15:51 - 02713398 _____ C:\Users\Geoffrey\Downloads\160616CBS.zip
2016-06-16 15:50 - 2016-06-16 15:51 - 00000000 ____D C:\Users\Geoffrey\Downloads\CBS
2016-06-14 16:04 - 2016-06-14 16:04 - 00271050 _____ C:\Users\Geoffrey\Desktop\Artlight company extract page 3.pdf
2016-06-14 16:02 - 2016-06-14 16:02 - 00066368 _____ C:\Users\Geoffrey\Desktop\Artlight company extract page2.pdf
2016-06-14 16:00 - 2016-06-14 16:00 - 00458228 _____ C:\Users\Geoffrey\Desktop\Artlight company extract.pdf
2016-06-10 13:42 - 2016-06-10 13:51 - 00000000 ____D C:\Users\Geoffrey\Downloads\ProcessMonitor
2016-06-10 13:42 - 2016-06-10 13:42 - 00967601 _____ C:\Users\Geoffrey\Downloads\ProcessMonitor.zip
2016-06-09 17:04 - 2016-06-09 17:04 - 00000000 ____D C:\Users\Geoffrey\Downloads\Autoruns
2016-06-09 17:03 - 2016-06-09 17:04 - 00615478 _____ C:\Users\Geoffrey\Downloads\Autoruns.zip
2016-06-07 15:53 - 2016-06-07 15:54 - 48418520 _____ (Microsoft Corporation) C:\Users\Geoffrey\Downloads\Windows-KB890830-V5.36.exe
2016-06-02 16:40 - 2016-06-02 16:40 - 00000328 _____ C:\Users\Geoffrey\Desktop\Web Threats.csv
2016-06-01 16:34 - 2016-06-01 16:34 - 02439201 _____ C:\Users\Geoffrey\Desktop\CBS (2).zip
2016-06-01 14:13 - 2016-06-01 14:13 - 00129909 _____ C:\Users\Geoffrey\Downloads\DL-3986.zip
2016-05-27 14:48 - 2016-05-27 14:48 - 00124095 _____ C:\Users\Geoffrey\Desktop\NEW HALO LED STRIP - 2016 artlight.pdf
2016-05-27 11:18 - 2016-05-27 11:18 - 00132354 _____ C:\Users\Geoffrey\Desktop\ARTLIGHT 2016 LED STRIP - 14.4W.pdf
2016-05-23 15:15 - 2016-05-23 15:15 - 00239222 _____ C:\Users\Geoffrey\Downloads\53_23_accommodation_prices_consolidated.pdf
2016-05-23 14:19 - 2016-05-23 14:19 - 01016880 _____ C:\Users\Geoffrey\Downloads\Artlight Nebula suspensions.pdf
2016-05-23 14:17 - 2016-05-23 14:18 - 01016880 _____ C:\Users\Geoffrey\Downloads\pieghevole_nebula_3new.pdf
2016-05-23 12:25 - 2016-05-23 12:25 - 00673189 _____ C:\Users\Geoffrey\Downloads\Artlight_Catalogue_Outdoor Wall_Vespa.pdf
2016-05-20 16:04 - 2016-05-20 16:04 - 00000000 ____D C:\Windows\CheckSur
2016-05-20 16:01 - 2016-05-20 17:58 - 00000000 ____D C:\Users\Geoffrey\Desktop\ian-windowsupdateisseu
2016-05-20 15:58 - 2016-06-16 15:48 - 00000954 _____ C:\Users\Geoffrey\Desktop\SFCFix.txt
2016-05-20 15:58 - 2016-06-16 15:48 - 00000000 ____D C:\SFCFix
2016-05-20 15:35 - 2016-05-20 15:35 - 08704313 _____ C:\Users\Geoffrey\Downloads\Windows6.0-KB3140410-x86.msu

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-16 15:55 - 2012-09-27 14:28 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-16 15:55 - 2006-11-02 23:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-16 15:55 - 2006-11-02 22:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-16 15:55 - 2006-11-02 22:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-16 15:54 - 2012-09-29 11:27 - 00000000 ____D C:\Program Files\TeamViewer
2016-06-16 15:54 - 2008-12-09 06:25 - 00000012 _____ C:\Windows\bthservsdp.dat
2016-06-16 15:54 - 2006-11-02 23:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-16 15:48 - 2016-05-16 15:28 - 00000000 ____D C:\Users\Geoffrey\AppData\Local\niemiro
2016-06-16 15:42 - 2012-09-27 14:28 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-16 15:39 - 2012-04-10 09:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 15:46 - 2006-11-02 20:33 - 00006958 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-14 16:04 - 2009-07-06 12:18 - 00000000 ____D C:\Users\Geoffrey\AppData\Roaming\Canon
2016-06-10 15:05 - 2012-07-11 10:41 - 00000000 ____D C:\Users\Geoffrey\AppData\Local\CrashDumps
2016-06-07 15:55 - 2006-11-02 20:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-06-01 15:36 - 2011-08-23 15:29 - 00000000 ____D C:\Users\Geoffrey\Desktop\PDF'S
2016-05-27 17:03 - 2011-11-30 11:05 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2016-05-27 17:03 - 2011-11-30 11:05 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2016-05-27 17:03 - 2011-11-30 11:05 - 00001899 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2016-05-27 17:03 - 2011-11-30 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2016-05-25 06:59 - 2016-02-17 11:46 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-17 11:01 - 2013-08-06 16:00 - 00000000 ____D C:\Windows\system32\MRT
2016-05-17 10:41 - 2009-07-04 19:08 - 00002032 _____ C:\Users\Geoffrey\AppData\Local\d3d9caps.dat
2016-05-17 03:39 - 2006-11-02 21:18 - 00000000 ____D C:\Windows\rescache
2016-05-17 03:21 - 2016-05-12 16:11 - 00405144 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-17 03:18 - 2006-11-02 22:37 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2009-07-06 12:45 - 2009-07-05 15:59 - 0026763 _____ () C:\Users\Geoffrey\AppData\Roaming\Comma Separated Values (Windows).ADR
2009-07-04 19:08 - 2016-05-17 10:41 - 0002032 _____ () C:\Users\Geoffrey\AppData\Local\d3d9caps.dat
2009-07-09 11:55 - 2014-06-03 10:34 - 0012288 _____ () C:\Users\Geoffrey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-03 10:49 - 2014-11-03 10:49 - 0000036 _____ () C:\Users\Geoffrey\AppData\Local\housecall.guid.cache
2015-06-12 11:57 - 2016-02-17 12:18 - 0000010 _____ () C:\Users\Geoffrey\AppData\Local\sponge.last.runtime.cache
2011-05-19 10:42 - 2011-12-23 14:23 - 0001940 _____ () C:\Users\Geoffrey\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-16 16:01

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-06-2016
Ran by Geoffrey (2016-06-16 16:15:25)
Running from C:\Users\Geoffrey\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2009-07-04 01:53:10)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2162832853-1075085140-1286379974-500 - Administrator - Disabled)
Geoffrey (S-1-5-21-2162832853-1075085140-1286379974-1003 - Administrator - Enabled) => C:\Users\Geoffrey
Guest (S-1-5-21-2162832853-1075085140-1286379974-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Maximum Security (Disabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0}
AS: Trend Micro Maximum Security (Disabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat X Pro (HKLM\...\{AC76BA86-1033-0000-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Connect Add-in (HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\...\Adobe Connect Add-in) (Version: - )
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2.0 (HKLM\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 7.0 (HKLM\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 (HKLM\...\PremElem70) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 7.0 Templates (HKLM\...\PremElem70Templates) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.39 - ArcSoft)
ArcSoft PhotoStudio 5 (HKLM\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
Ask Toolbar Updater (HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CanoScan Toolbox Ver4.1 (HKLM\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - )
ccc-core-static (Version: 2008.0717.2343.40629 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Citrix Online Launcher (HKLM\...\{E1B40232-F73B-4BF9-A819-E352CCC1EDEF}) (Version: 1.0.122 - Citrix)
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.52.09250 - Sony Corporation)
Click to Disc (Version: 1.2.52.09250 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.51 - Sony Corporation)
Click to Disc Editor (Version: 1.2.51 - Sony Corporation) Hidden
Corel WinDVD Pro 11 (HKLM\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.7.0.2 - Corel Inc.)
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
DocuPrint P205 b (HKLM\...\InstallShield_{0B8E1340-CEDA-4E5F-B9FA-10471A8556C7}) (Version: 1.002.00 - Fuji Xerox)
DocuPrint P205 b (Version: 1.002.00 - Fuji Xerox) Hidden
Dolby Control Center (HKLM\...\{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}) (Version: 1.2.0702 - Dolby)
Feedback Tool (HKLM\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileHippo App Manager (HKLM\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version: - )
ICA (Version: 11.7.0.2 - Corel Inc.) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{72EEB695-388B-4835-8EA6-0C04545B06B9}) (Version: 12.04.3000 - Intel Corporation)
IPM (Version: 11.5 - Corel Inc.) Hidden
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenMG Secure Module 5.1.00 (HKLM\...\InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation)
OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation) Hidden
Primo (Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.2.0.10150 - Sony Corporation)
Setup (Version: 11.7.0.2 - Corel Inc.) Hidden
Skins (Version: 2008.0717.2343.40629 - ATI) Hidden
SmartSound Quicktracks for Premiere Elements (HKLM\...\InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements (Version: 3.11.3090 - SmartSound Software Inc) Hidden
SonicStage Mastering Studio (HKLM\...\{6332AFF1-9D9A-429C-AA03-F82749FA4F49}) (Version: 2.6 - Sony Corporation)
SonicStage Mastering Studio (Version: 2.6 - Sony Corporation) Hidden
SonicStage Mastering Studio Audio Filter (HKLM\...\{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}) (Version: 2.5 - Sony Corporation)
SonicStage Mastering Studio Audio Filter Custom Preset (HKLM\...\{EC37A846-53AC-4DA7-98FA-76A4E74AA900}) (Version: 2.5 - Sony Corporation)
SonicStage Mastering Studio Plugins (HKLM\...\{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}) (Version: 2.5 - Sony Corporation)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.3.01.09300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.5.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Internet Security Pro (Version: 17.0 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 10.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.)
Trend Micro Titanium (Version: 10.0 - Trend Micro Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.1.0.08260 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{327B75F0-92AF-420A-988F-FA596A218E0B}) (Version: 1.0.01.09030 - Sony Corporation)
VAIO Content Folder Watcher (Version: 1.0.01.09030 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{ECB5774A-A39B-4419-A7D3-92F49C0FCAB3}) (Version: 3.3.0.10012 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.3.0.10012 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{EADE97A7-E7AA-43FD-A042-92A68E0187A6}) (Version: 3.3.0.09300 - Sony Corporation)
VAIO Content Metadata Manager Setting (Version: 3.3.0.09300 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{E3453B1B-C91B-4C48-B046-8DF635DD46F2}) (Version: 3.3.0.09182 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 3.3.0.09182 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.2.0.09120 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Edit Components (Version: 6.5 - Sony Corporation) Hidden
VAIO Edit Components 6.5 (HKLM\...\{B7C03E84-AF46-42F4-809D-D4127D9086D0}) (Version: 6.5 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.3.10070 - Sony Corporation)
VAIO Entertainment Platform (Version: 3.2.3.10070 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.2.0.11060 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.2.0.09090 - Sony Corporation)
VAIO Manual (HKLM\...\{AA171A69-F942-40DA-AE3A-EA91026A1CAE}) (Version: 2.5.0.09040 - Sony Corporation)
VAIO Media plus (HKLM\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 1.2.0.10230 - Sony Corporation)
VAIO Media plus (Version: 1.2.0.10230 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 1.2.0.09050 - Sony Corporation)
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.01.08060 - Sony Corporation)
VAIO Movie Story (Version: 1.3.01.08060 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.1.09160 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.5.00.08150 - Sony Corporation)
VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.2.0.11270 - Sony Corporation)
VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.1.0.08250 - Sony Corporation)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 2.2.0.12040 - Sony Corporation)
VAIO Update 4 (HKLM\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.0.0.08280 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.3.0.10310 - Sony Corporation)
VCRT for DirectPass x86 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - WebEx Communications, Inc)
WIDCOMM Bluetooth Software 6.2.0.5800 (HKLM\...\{E464702F-5433-46EC-8F65-159276C0A54F}) (Version: 6.2.0.5800 - Broadcom Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD (Version: 11.7.0.2 - Corel Inc.) Hidden
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.602 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B9.602 - InterVideo Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-2162832853-1075085140-1286379974-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Geoffrey\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08DEDA56-4DC1-4F3D-806C-B826E688FD96} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-16] (Piriform Ltd)
Task: {0F8F3B98-D6F2-4FB7-BC34-963CD05A98C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {4A1A1A31-4D83-46B9-9FFF-D101DACFB4D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5D67A422-75CA-4182-89BB-7151BE3EBB07} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5F797AC3-D4A0-405F-AB12-E4307F5FF385} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-08-29] (Sony Corporation)
Task: {8925BAC8-F2DB-482D-BF9E-D9BEE45020F0} - System32\Tasks\SONY\Prepare your VAIO\Prepare your VAIO => C:\Program Files\Sony\Prepare your VAIO\PYV.exe [2008-09-11] (Sony Corporation)
Task: {9419C18F-D4DD-43E2-BAA1-B85A057354A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {CF595D1D-A4D4-41C4-BA27-8C56DB4C4EC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {ED94A5CC-7CE0-410E-9FBA-6023609770B0} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files\Sony\VAIO Wallpaper Setting Tool\VWSet.exe [2008-06-28] (Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-06-21 14:34 - 2016-01-19 20:27 - 00089016 _____ () C:\Windows\System32\cpwmon2k.dll
2016-02-17 10:34 - 2015-07-17 04:30 - 00021480 _____ () C:\Program Files\Trend Micro\Titanium\Plugin\TMAS\TMAS_OE\TMAS_OEHook.dll
2008-12-09 05:31 - 2008-09-25 10:44 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 00024312 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_57.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 00049544 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_57.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 00552696 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 00092792 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_57.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 00032552 _____ () C:\Program Files\Trend Micro\AMSP\boost_chrono-vc110-mt-1_57.dll
2016-02-17 11:01 - 2015-05-08 00:32 - 01111456 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00181392 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00056256 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00024312 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_system-vc110-mt-1_57.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00049544 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc110-mt-1_57.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00092792 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc110-mt-1_57.dll
2016-02-17 10:33 - 2015-07-17 04:30 - 00032552 _____ () C:\Program Files\Trend Micro\Titanium\UIFramework\boost_chrono-vc110-mt-1_57.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1 [112]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 20:23 - 2006-09-19 07:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2162832853-1075085140-1286379974-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img24.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: Ati External Event Utility => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FXNADB => 2
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: PCToolsSSDMonitorSvc => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: XAudioService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Geoffrey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Audio Filter.lnk => C:\Windows\pss\Audio Filter.lnk.Startup
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DocuPrint P205b RUN => "C:\Program Files\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmRun.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NSUFloatingUI => "C:\Program Files\Sony\Network Utility\LANUtil.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Skytel => Skytel.exe
MSCONFIG\startupreg: SSDMonitor => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: StatusAuto P205b Run => "C:\Program Files\Fuji Xerox\DocuPrint SSW2\SimpleMonitor for AP\fxksmpl.exe" RUNSTART
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TelevisionFanatic Search Scope Monitor => "C:\PROGRA~1\TelevisionFanatic\bar\1.bin\64srchmn.exe" /m=2 /w /h
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{3C0E2948-F35B-41DD-9DEC-F06248B80A61}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{109E0781-30C1-4BE1-9231-00DAD7EA000E}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [TCP Query User{9C88D7A6-EB1E-41D9-94A0-55CD733F6B5F}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8F67D076-6F72-46CD-81E7-214184EFC95E}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{6B58E4C0-6426-4CC2-A484-9B2AF48220D2}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{6FAB46EC-956B-45D3-B80E-0D585CC5A68B}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B6C99491-8485-4900-9EBF-D4AEA58429C9}] => (Allow) LPort=26675
FirewallRules: [{F0ED2B47-1E79-481B-A12A-22C0AFA83700}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{E87F5D5F-FCB8-4664-AC90-D2F699BDA654}] => (Allow) LPort=80
FirewallRules: [{F3FBA0E9-29B6-4FA7-BA5E-93B615208DBD}] => (Allow) LPort=80
FirewallRules: [{E6B842B8-D460-4E19-830C-E6ADEAB4D019}] => (Allow) LPort=80
FirewallRules: [{EDBCAA61-BE84-4FD9-9C36-C76A5A9DC7E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E09739CA-41D4-45B8-A33F-1B099FEDF988}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB1D3295-224A-45B3-B9D6-9CF9469B2653}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{88BE06F1-8263-4B8F-A48E-D8460C500EE5}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{7F04233E-84BE-4F2F-811B-1F9091430E2D}] => (Allow) LPort=26675
FirewallRules: [{E6E5A3F4-E251-4461-B515-39718AA43138}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{532F06B5-16D0-4A13-85F7-5F81FF4CC540}C:\users\geoffrey\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\geoffrey\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{B54273C2-34FD-4318-9A0D-A32421F71F66}C:\users\geoffrey\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\geoffrey\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{B7057747-1615-40C2-BC4D-B9976A5C3233}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{17245F42-86C4-439E-966D-D065588B99B9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D20AAAE5-F473-4491-B22A-241113CC7EC9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{C9107121-DB4E-4E28-9F2D-16B20FD5EF2E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{0390F7C8-CFFD-4DAF-B1D2-D14BA00A29AE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{AF3B151E-F2C5-4105-BB24-5D197CBC4F14}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A0C6338-2B68-4262-B84C-4CBF17C9F9BC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5A550AA8-CF42-4583-BD3D-0F8A74F3C328}] => (Allow) c:\Program Files\sMedio\WinDVD11\\WinDVD.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2016 03:56:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/16/2016 12:10:58 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/16/2016 12:10:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2016 04:24:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/15/2016 04:24:13 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (06/15/2016 04:22:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\GEOFFREY\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\JAA STUDIO SYDNEY ST ARTARMON.XLS.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/15/2016 04:22:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\GEOFFREY\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\JAA STUDIO SYDNEY ST ARTARMON.XLS.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (06/15/2016 04:21:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 12.0.6747.5000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 8b4
Start Time: 01d1c6cdad612e6b
Termination Time: 6106

Error: (06/15/2016 03:46:10 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8

Error: (06/15/2016 03:46:10 PM) (Source: LoadPerf) (EventID: 3012) (User: )
Description: Performance16

System errors:
=============
Error: (06/16/2016 04:00:06 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032

Error: (06/16/2016 03:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Security Activity Dashboard Service%%2 = The system cannot find the file specified.

Error: (06/16/2016 03:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) PROSet/Wireless Registry Service%%2 = The system cannot find the file specified.

Error: (06/16/2016 03:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%20 = The system cannot find the device specified.

Error: (06/16/2016 03:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (06/16/2016 03:53:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5 = Access is denied.

Error: (06/16/2016 12:19:33 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x80070032

Error: (06/16/2016 12:10:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Security Activity Dashboard Service%%2 = The system cannot find the file specified.

Error: (06/16/2016 12:10:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel(R) PROSet/Wireless Registry Service%%2 = The system cannot find the file specified.

Error: (06/16/2016 12:10:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: DgiVecp%%20 = The system cannot find the device specified.

CodeIntegrity:
===================================
Date: 2016-06-16 16:14:48.308
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 16:14:47.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 16:14:47.383
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-16 16:14:46.977
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-14 11:40:36.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-14 11:40:35.648
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-14 11:40:35.258
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-14 11:40:34.775
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-10 13:44:54.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-06-10 13:44:52.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tmevtmgr.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 68%
Total physical RAM: 3038.12 MB
Available physical RAM: 963.7 MB
Total Virtual: 6277.27 MB
Available Virtual: 3952.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:360.27 GB) (Free:75.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 372.6 GB) (Disk ID: 93E1AF32)
Partition 1: (Not Active) - (Size=12.3 GB) - (Type=27)
Partition 2: (Active) - (Size=360.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

BrianDrab · Jun 17, 2016

Thanks for all of the information. The first step would be to completely uninstall Trend Micro and then we can continue to look at. Just make sure you have any license key information so you can re-install when we are done.

WUPDATEPAINS · Jun 17, 2016

Ok I have retried the following things - am well out of ideas. Love some HELP when anyone can get a chance.:banghead:

Interestingly June 2016 updates are not installing and what got downloaded was some old updates (Office 2007 for example Kb2508958 - twice, Office 2007 SP3 KB2596650 - twice) prior to running the following things again.

**After doing the following it has new updates to install***

1. MicrosoftEasyFix50202 - ran aggressive mode as well.
2. Fixit 971058
3. Fixit 956698

4. renamed SoftwareDistribution directory and catroot2
5. sfc /scannow - all clear
6. re-ran SURT -
7. sfc /scannow - clean

I noticed the following in the windowsupdate.log

Windows Update Log
=============

2016-06-17 22:01:33:084 1200 15dc Report REPORT EVENT: {61226420-F694-40B9-97C7-1002CB57D354} 2016-06-17 22:01:28:052+1000 1 183 101 {D272D6BB-8B78-466F-9E12-FF7FE946F22C} 501 0 wusa Success Content Install Installation Successful: Windows successfully installed the following update: Hotfix for Windows (KB947821)
2016-06-17 22:01:33:084 1200 15dc Report CWERReporter finishing event handling. (00000000)
2016-06-17 22:03:48:853 5332 414 COMAPI ----------- COMAPI: IUpdateServiceManager::RemoveService -----------
2016-06-17 22:03:48:853 5332 414 COMAPI - ServiceId = {1d19bb43-899a-4353-91d8-9a0058cee229}
2016-06-17 22:03:52:943 5332 414 COMAPI IUpdateService removing volatile scan package service, serviceID = {1D19BB43-899A-4353-91D8-9A0058CEE229}
2016-06-17 22:03:52:946 1200 177c Agent WARNING: WU client fails CClientCallRecorder::RemoveService with error 0x80248014
2016-06-17 22:03:52:947 5332 414 COMAPI WARNING: ISusInternal::RemoveService failed, hr=80248014
2016-06-17 22:22:45:884 1200 1008 AU Triggering AU detection through DetectNow API

=================================
Checking System Update Readiness.
Binary Version 6.0.6002.23186
Package Version 25.0
2016-05-20 16:06

Checking Windows Servicing Packages

Checking Package Manifests and Catalogs

Checking Package Watchlist

Checking Component Watchlist

Checking Packages

Checking Component Store

Summary:
Seconds executed: 3844
No errors detected

Checking CoreOS key for repairing corruptions.
Winner version: 6.0.6002.18971.
Processor architecture: x86.
Check key to be repaired: wcm://Microsoft-Windows-CoreOS?version=6.0.6002.18971&language=neutral&processorArchitecture=x86&publicKeyToken=31bf3856ad364e35&versionScope=nonSxS&scope=allUsers\metadata\elements\ComputerName
Recreated value: @_type.
Recreated value: @dataOnly.
Recreated value: @default.
Recreated value: @description.
Recreated value: @displayName.
Recreated value: @handler.
Recreated value: @legacyName.
Recreated value: @legacyType.
Recreated value: @migrate.
Recreated value: @scope.
Recreated value: @xsd:type.

++++

Attaching screenshots of updates installed for June along with CBS and Windows Update.

WUPDATEPAINS · Jun 17, 2016

BrianDrab said:
Thanks for all of the information. The first step would be to completely uninstall Trend Micro and then we can continue to look at. Just make sure you have any license key information so you can re-install when we are done.

OK Trend uninstalled and Windows restarted.

Ran Windows update it found only 2 updates and installed them successfully.

2016-06-17 23:34:07:395 1072 b84 Agent * Updates to install = 22016-06-17 23:34:07:399 1072 b84 Agent * Title = Definition Update for Windows Defender - KB915597 (Definition 1.223.1800.0)
2016-06-17 23:34:07:400 1072 b84 Agent * Title = Windows Malicious Software Removal Tool - June 2016 (KB890830)

Rebooted Windows again for a second time and ran windows update, checking for updates - nothing further prompted.

what do you need next?

BrianDrab · Jun 17, 2016

I would keep Trend off of your machine while we troubleshoot. AV is a common cause for these types of issues. So you are not unprotected I would suggest that you temporarily download and install Microsoft Security Essentials from the following link.
Download Microsoft Security Essentials from Official Microsoft Download Center

Let me know when this is complete and what issues still remain.

WUPDATEPAINS · Jun 17, 2016

BrianDrab said:
I would keep Trend off of your machine while we troubleshoot. AV is a common cause for these types of issues. So you are not unprotected I would suggest that you temporarily download and install Microsoft Security Essentials from the following link.
Download Microsoft Security Essentials from Official Microsoft Download Center

Let me know when this is complete and what issues still remain.

Completed, defs updated and scan, nothing found. Windows update still the same. :banghead:

BrianDrab · Jun 17, 2016

So the issue is still that KB890830 keeps being offered for you to install?

WUPDATEPAINS · Jun 17, 2016

Thankyou it is not persisting now, even after reboot. However I cannot see June updates for Windows etc? I am running a MBSA scan to check.
Any suggestions

WUPDATEPAINS · Jun 17, 2016

MBSA came back clean. It appears that Trend was causing the issue with re-prompting. I did suspect it but didn't want to uninstall unless absolutely necessary.

BrianDrab · Jun 18, 2016

No problem. Is there anything else I can assist with?

WUPDATEPAINS · Jun 18, 2016

BrianDrab said:
No problem. Is there anything else I can assist with?

One thing I came across was System Restore being disabled and there was no way to re enable it. If you aware of how to resolve that?

Once again thanks for you assistance.

BrianDrab · Jun 19, 2016

Sure thing. When you follow the instructions in the link below please let me know what errors you get.
Turn System Restore on or off - Windows Help

KB890830 - readvertises itself on Vista - annoying - help

Member

Attachments

Emeritus

Member

Attachments

Member

Attachments

Emeritus

Member

Emeritus

Member

Attachments

Emeritus

Member

Attachments

Member

Emeritus

Member

Emeritus

Member

Member

Emeritus

Member

Emeritus