Slow user switching

Hi tims31 and Welcome to PCHF

Let’s get some more information about your machine shall we?

Please download MiniToolBox and save it to your desktop. Run the program by right clicking on it and selecting Run as administrator. When the program opens select the following boxes:


List last 10 Event Viewer Errors
List Installed Programs
List Devices (Only Problems)
List Users, Partitions and Memory size

Please post the log in your next reply

Ok, Will do but will have to wait until later when I get home…sorry.

No worries We’re always available so post whenever you are able to

OK,

Here is the log requested - I’ve only just switched on so was the only user logged in but hopefully it has the data you need from previous sessions

MiniToolBox by Farbar Version: 17-06-2016
Ran by marti (administrator) on 21-02-2017 at 19:38:49
Running from “C:\Users\marti\Downloads”
Microsoft Windows 10 Home (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal

---

========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (02/17/2017 08:52:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for “assemblyIdentity1”.Error in manifest or policy file “assemblyIdentity2” on line assemblyIdentity3.
The value “MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BU ILD_NUMBER_MINOR” of attribute “version” in element “assemblyIdentity” is invalid.

Error: (02/17/2017 08:51:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“15.0.0.0"1”.Error in manifest or policy file "UccApi,processorArchitecture=“AMD64”,type=“win32” ,version=“15.0.0.0"2” on line UccApi,processorArchitecture=“AMD64”,type=“win32”, version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture=“AMD64”,type=“win32”, version=“15.0.0.0”.
Definition is UccApi,processorArchitecture=“x86”,type=“win32”,ve rsion=“15.0.0.0”.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/16/2017 11:15:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-CHILLBL)
Description: Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2tx yewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/16/2017 12:53:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/15/2017 10:21:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: DESKTOP-CHILLBL)
Description: Activation of application Microsoft.Windows.ContentDeliveryManager_cw5n1h2tx yewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/12/2017 09:38:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 51.0.1.6234, time stamp: 0x5888f707
Faulting module name: mozglue.dll, version: 51.0.1.6234, time stamp: 0x5888f27e
Exception code: 0x80000003
Fault offset: 0x0000ec83
Faulting process ID: 0x13e8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (02/12/2017 05:16:38 PM) (Source: Application Hang) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.14393.82 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2280

Start Time: 01d285535a6fe756

Termination Time: 4

Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\MicrosoftEdgeCP.exe

Report Id: 01129952-f147-11e6-8c58-e8de2701f459

Faulting package full name: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wek yb3d8bbwe

Faulting package-relative application ID: MicrosoftEdge

Error: (02/10/2017 09:47:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: WpcMon.exe, version: 10.0.14393.0, time stamp: 0x578998a9
Faulting module name: ucrtbase.dll, version: 10.0.14393.0, time stamp: 0x578997b5
Exception code: 0xc0000409
Fault offset: 0x000000000006ea1e
Faulting process ID: 0x34d4
Faulting application start time: 0xWpcMon.exe0
Faulting application path: WpcMon.exe1
Faulting module path: WpcMon.exe2
Report ID: WpcMon.exe3
Faulting package full name: WpcMon.exe4
Faulting package-relative application ID: WpcMon.exe5

Error: (02/10/2017 09:34:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x1df0
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report ID: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (02/10/2017 09:34:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.14393.82, time stamp: 0x57a55786
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process ID: 0x1df0
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report ID: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5
[HEADING=1]System errors:[/HEADING]
Error: (02/21/2017 07:34:35 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/20/2017 06:05:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/20/2017 05:48:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 09:06:12 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 09:05:49 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 09:05:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 08:01:26 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 07:45:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 05:30:27 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/19/2017 03:31:38 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
[HEADING=1]Microsoft Office Sessions:[/HEADING]
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2017-01-23 12:38:07.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-12 12:52:54.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-03 12:02:26.117
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

=========================== Installed Programs ============================

µTorrent (HKCU...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
123D Design R2.2 (HKLM...\123D Design) (Version: 2.2.14 - Autodesk, Inc.)
Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (HKLM...{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM...{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM...{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (HKLM...{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 24 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM...{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM...{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B 320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM...{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM...{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (HKLM...{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM...{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM-x32...\Avast) (Version: 12.3.2280 - AVAST Software)
Bulk Rename Utility 3.0.0.1 (64-bit) (HKLM...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Canon Easy-PhotoPrint EX (HKLM-x32...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon iP4900 series Printer Driver (HKLM...{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - Canon Inc.)
CanoScan Toolbox Ver4.9 (HKLM-x32...{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM...\CCleaner) (Version: 5.26 - Piriform)
Connect (HKLM-x32...{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Dropbox (HKLM-x32...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
FastStone Image Viewer 6.1 (HKLM-x32...\FastStone Image Viewer) (Version: 6.1 - FastStone Soft)
FreeFileSync 8.7 (HKLM-x32...\FreeFileSync_is1) (Version: 8.7 - www.FreeFileSync.org)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
kuler (HKLM-x32...{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Logitech Media Server 7.7.5 (HKLM-x32...\Logitech Media Server_is1) (Version: 7.7.5 - Logitech)
MediaMonkey 4.1 (HKLM-x32...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Money (HKLM-x32...{E7298FD5-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.50 - Microsoft)
Microsoft Money System Pack (HKLM-x32...{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
Microsoft Office Professional Plus 2013 - en-us (HKLM...\ProPlusRetail - en-us) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32...{91120000-0051-0000-0000-0000000FF1CE}VISPROR{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32...{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32...{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-GB) (HKLM-x32...\Mozilla Firefox 51.0.1 (x86 en-GB)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Music Manager (HKCU...\MusicManager) (Version: - Google, Inc.)
Notepad++ (32-bit x86) (HKLM-x32...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA 3D Vision Driver 376.53 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32...{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM...{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32...{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
PDF Settings CS4 (HKLM-x32...{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PeaZip 5.7.0 (HKLM-x32...{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Photoshop Camera Raw (HKLM-x32...{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM...{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Plex Media Server (HKLM-x32...{4A10DB6A-8093-40A8-BF1C-C3587B0A901D}) (Version: 1.3.3148 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32...{d685b3b4-91da-4364-9e7d-f365a614d42b}) (Version: 1.3.3.3148 - Plex, Inc.)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32...\RocketDock_is1) (Version: - Punk Software)
SketchUp 2017 (HKLM...{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
Speccy (HKLM...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKCU...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Stickies 8.0c (HKLM-x32...\ZhornStickies) (Version: - Zhorn Software)
Stopping Plex (HKLM-x32...{0F4F2C9B-2C85-4DBF-B385-3D6D44446C16}) (Version: 1.3.3148 - Plex, Inc.) Hidden
Suite Shared Configuration CS4 (HKLM-x32...{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
UninstallTabletDeviceDriver (HKLM...{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 12.2.17 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32...{91120000-0051-0000-0000-0000000FF1CE}VISPROR{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice (04/10/2014 8.33.30.0) (HKLM...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)

========================= Devices: ================================

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_00131737&REV_03\5&39F 964C9&0&0800E5
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Device ID: USB\VID_058F&PID_6366\058F0O1111B1
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.

========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8141.59 MB
Available physical RAM: 5427.72 MB
Total Virtual: 10032.92 MB
Available Virtual: 6939.96 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:690.23 GB) NTFS
7 Drive j: (BackupDrive) (Fixed) (Total:931.51 GB) (Free:687.88 GB) NTFS

========================= Users: ========================================

User accounts for \DESKTOP-CHILLBL

Administrator Chris DefaultAccount
defaultuser0 Guest Jackie
Kieran marti

**** End of log ****

Does anyone have any ideas on this please, I posted my logs but have heard nothing more?

Sorry for the huge delay, lets get some more info on your machine… It is a little work on your part, but with all of this info I will provide you with some steps to tune up your machine a bit…

Step 1: Reset Host File

[ul]
[li]Click here to download RstHosts v2.0[/li][li]Save the file to your desktop.[/li][li]Right Click and Run as Administrator.[/li][li]Click on Restaurer, then click OK at the prompt.[/li][li]This will restore the default host file.[/li][li]Next Click on Creer Un Rapport.[/li][li]This will open a logfile, post that in your next reply.[/li][/ul]

Step 2: Autologger Scan.



[ul]
[li]Disable your Antivirus & Anti spyware applications!![/li][li]Download Autologger to your desktop.[/li][li]Unzip it there. – If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----[/li][li]Right click Autologger and run as admin. (Xp user double click)[/li][li]AVZ4 will open and scan your machine, allow this to complete.[/li][li]Upload Collectionlog.zip to your next reply.[/li][li]https://i.imgur.com/KA81Q57.png[/li][/ul]

Step 3: Autoruns Scan.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option.
in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

Step 4: HijackThis.

1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.

Step 5: JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]
Step 6: Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

Ok, here are the reports

-|x| RstHosts v2.0 - Rapport créé le 01/03/2017 à 22:16:07
-|x| Système d’exploitation : Windows 10 Home (64 bits)
-|x| Nom d’utilisateur : marti - DESKTOP-CHILLBL (Administrateur)

-|x|- Informations -|x|-

Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 16/07/2016 - 11:47:54
Date de modification : 01/03/2017 - 22:15:57
Date de dernier accès : 01/03/2017 - 22:15:57

-|x|- Contenu du fichier -|x|-
[HEADING=1]Fichier Hosts créé par RstHosts[/HEADING]
127.0.0.1 localhost
::1 localhost

-|x|- E.O.F - C:\RstHosts.txt - 610 bytes -|x|-

HIJACK This

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:43:34, on 01/03/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\marti\AppData\Local\Microsoft\OneDrive\On eDrive.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\marti\AppData\Local\Programs\Google\Music Manager\MusicManager.exe
C:\Users\marti\AppData\Roaming\Spotify\SpotifyWebH elper.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Stickies\stickies.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\marti\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search - Microsoft Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll
O4 - HKLM..\Run: [AdobeCS4ServiceManager] “C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e” -launchedbylogin
O4 - HKLM..\Run: [MoneyStartUp10.0] “C:\Program Files (x86)\Microsoft Money\System\Activation.exe”
O4 - HKLM..\Run: [Dropbox] “C:\Program Files (x86)\Dropbox\Client\Dropbox.exe” /systemstartup
O4 - HKLM..\Run: [AvastUI.exe] “C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui
O4 - HKCU..\Run: [OneDrive] “C:\Users\marti\AppData\Local\Microsoft\OneDrive\O neDrive.exe” /background
O4 - HKCU..\Run: [RocketDock] “C:\Program Files (x86)\RocketDock\RocketDock.exe”
O4 - HKCU..\Run: [Google Update] C:\Users\marti\AppData\Local\Google\Update\1.3.32. 7\GoogleUpdateCore.exe
O4 - HKCU..\Run: [MusicManager] “C:\Users\marti\AppData\Local\Programs\Google\Musi cManager\MusicManager.exe”
O4 - HKCU..\Run: [CCleaner Monitoring] “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
O4 - HKCU..\Run: [Spotify Web Helper] “C:\Users\marti\AppData\Roaming\Spotify\SpotifyWeb Helper.exe”
O4 - Startup: Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: Logitech Media Server Tray Tool.lnk = C:\Program Files (x86)\Squeezebox\SqueezeTray.exe
O4 - Global Startup: Stickies.lnk = C:\Program Files (x86)\Stickies\stickies.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra ‘Tools’ menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
O23 - Service: Plex Update Service (PlexUpdateService) - Plex, Inc. - C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

–
End of file - 10530 bytes

JRT Log
File System: 0

Registry: 0
[HEADING=1]AdwCleaner v6.044 - Logfile created 01/03/2017 at 22:51:01[/HEADING]
[HEADING=1]Updated on 28/02/2017 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-03-01.1 [Server][/HEADING]
[HEADING=1]Operating System : Windows 10 Home (X64)[/HEADING]
[HEADING=1]Username : marti - DESKTOP-CHILLBL[/HEADING]
[HEADING=1]Running from : C:\Users\marti\Downloads\adwcleaner_6.044.exe[/HEADING]
[HEADING=1]Mode: Scan[/HEADING]
[HEADING=1]Support : Malwarebytes Help Center[/HEADING]
***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Folder Found: C:\Users\Kieran\Documents\Mobogenie
Folder Found: C:\Users\Kieran\Documents\PC Cleaner

***** [ Files ] *****

File Found: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.trovit.co.uk_0.localstorage
File Found: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_jobs.trovit.co.uk_0.localstorage-journal

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - conduit.search_
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - conduit.search
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.conduit.com
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - rocketdock.en.softonic.com
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - picasa.en.softonic.com
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Web data] - search.yahoo.com
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - amfclgbdpgndipgoegfpkkgobahigbcl
Chrome pref Found: [C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Chrome pref Found: [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com

---

C:\AdwCleaner\AdwCleaner[S0].txt - [2437 Bytes] - [01/03/2017 22:51:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2510 Bytes] ##########

Hop ethat makes sense to someone

Re-run adware cleaner and hit clean this time.

Clean up temp files and reduce startup load with CCleaner.


Note: This tool will clean your browsing history as well.
[ul]
[li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]
Run a deep clean up with Privazer, then defrag your machine with this tool.

Run Check Disk

Run chkdsk /f /r from elevated command prompt.

[MEDIA=youtube]4feZG3LebOg[/MEDIA]

Ok,

I did all of the above, re-ran adware and did a clean even though it found no issues, also ran a deep clean and defrag and also the checkdisk. All worked well until I started to re enable some of my startup items but think I have found the item causing an issue.

I have a Huion graphics tablet which runs at start up and as soon as that is re-selected to run at start the issue returns and stops when I disable it. I have contacted Huion to see if they have seen the issue before.

Thanks for all your help