1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Resolved Win10 slow boot up

Discussion in 'Windows 10' started by mindplay45, 2016/01/14.

  1. 2016/01/14
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Can anybody help with this - it takes something like 1.5 to 2 minutes for my Win10 machine to boot up or on a restart.:confused:
     
  2. 2016/01/14
    MrBill

    MrBill SuperGeek WindowsBBS Team Member

    Joined:
    2006/01/14
    Messages:
    3,794
    Likes Received:
    218
    Trophy Points:
    843
    Location:
    Baker, Florida (Panhandle)
    Computer Experience:
    Inter and still lear
    Well how many programs do you have starting up on startup? The more the longer it takes. Could also be some type of Virus or Spyware/Malware.
     

  3. to hide this advert.

  4. 2016/01/14
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Hi mindplay45, Welcome to Windowsbbs! :)

    Please follow the instructions in my guide for optimizing Windows 10 and post the requested logs here in your next reply.
     
  5. 2016/01/14
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Yep just starting a MalawareBytes session, then I will have a look at the startup programs
    But I don't these are the issues. When my laptop is booting during the process I get 2 black screens for about 10 - 15 sec each - then the 2 obligatory Welcome screens and then the screen with the window and a picture I put in there. So there appears to be a not lot happening but much activity.
     
  6. 2016/01/14
    retiredlearner

    retiredlearner SuperGeek WindowsBBS Team Member

    Joined:
    2004/06/25
    Messages:
    5,462
    Likes Received:
    295
    Trophy Points:
    1,093
    Location:
    New Zealand
    Computer Experience:
    intermediate
    Hi mindplay45, Welcome to WindowsBBS. :) Please take the time fill in your System Details. Under UserCP and follow the instructions. Please remember to scroll to the bottom of the page to enable and SAVE before closing out.
    It helps us to help you if we know your laptop make and model etc.
    If you don't know whats in your comp-download Speccy which will show all. http://filehippo.com/download_speccy/ Neil.
     
  7. 2016/01/16
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Ok no Malaware or virus. Did some tweaking but still taking 1.5mins to load to desktop. I will try and complete the rest of the tweaking over Sunday.
     
  8. 2016/01/16
    MrBill

    MrBill SuperGeek WindowsBBS Team Member

    Joined:
    2006/01/14
    Messages:
    3,794
    Likes Received:
    218
    Trophy Points:
    843
    Location:
    Baker, Florida (Panhandle)
    Computer Experience:
    Inter and still lear
    Still need to fill in your system details. What you have showing tells us nothing at all.
     
  9. 2016/01/16
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Hi Mr Bill Sys req all up to date now.
     
  10. 2016/01/16
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    I have 9 programs on start up and no virus or malaware.
     
  11. 2016/01/16
    retiredlearner

    retiredlearner SuperGeek WindowsBBS Team Member

    Joined:
    2004/06/25
    Messages:
    5,462
    Likes Received:
    295
    Trophy Points:
    1,093
    Location:
    New Zealand
    Computer Experience:
    intermediate
    What is showing under Performance in Task Manager?
    I only have 4 in Startup. Neil.
     
  12. 2016/01/16
    MrBill

    MrBill SuperGeek WindowsBBS Team Member

    Joined:
    2006/01/14
    Messages:
    3,794
    Likes Received:
    218
    Trophy Points:
    843
    Location:
    Baker, Florida (Panhandle)
    Computer Experience:
    Inter and still lear
    What are the programs on startup? What did you use to find them?
     
  13. 2016/01/16
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    If you would like me to help you further then please post the logs and information that I asked for otherwise my assistance will be very limited in scope.
     
  14. 2016/01/18
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Ok here are the logs, after all this I timed boot up from on button 2 minutes exactly. I still have some more of Evan's Tweaks to go yet. But I suspect the start ups may need culling.
    Adware Removal Tool v3.9
    Time: 2016_01_17_16_13_52
    OS: Windows 8 - 64 Bit
    Account Name: Jolly
    U0L0S23

    \\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

    Deleted - File - C:\program files (x86)\AVG\AVG PC TuneUp\data\Ico_alpha_OperaSpeedDialSearch_32x32.png
    Deleted - File - C:\program files (x86)\AVG\AVG PC TuneUp\data\Ico_alpha_OperaSpeedDial_32x32.png
    Deleted - File - C:\program files (x86)\EA SPORTS\Tiger Woods PGA TOUR 07\Players\PGA Tour\Tim Petrovic.plr
    Deleted - File - C:\program files (x86)\EA SPORTS\Tiger Woods PGA TOUR 07\Players\PGASmall\Tim Petrovic.plr
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SearchProtectionService:imagepath
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
    Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
    Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ce9d4d2a_0:
    Deleted - RegistryValue - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION:snapdo.exe
    Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Ad-Aware Search Protection
    Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:iLivid
    Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Smartbar
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application:WebCakeUpdaterService
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services:SearchProtectionService
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

    \\ Finished

    MiniTool Box
    MiniToolBox by Farbar Version: 02-11-2015
    Ran by Jolly (administrator) on 17-01-2016 at 14:49:12
    Running from "C:\Users\Jolly\Downloads "
    Microsoft Windows 10 Pro (X64)
    Model: Satellite Pro C850 Manufacturer: TOSHIBA
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings ": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings ": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 www.10sek.com
    127.0.0.1 10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 www.123fporn.info
    127.0.0.1 123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 15271 entries.

    ========================= IP Configuration: ================================

    Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
    Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global
    set interface interface= "ethernet_32769" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    add address name= "ethernet_32769" address=169.254.123.254 mask=255.255.0.0


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : Jolly-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : gateway

    Ethernet adapter Local Area Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : gateway
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 4C-72-B9-B5-3D-01
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Local Area Connection* 2:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
    Physical Address. . . . . . . . . : 00-FF-40-CA-74-E3
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Local Area Connection* 4:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
    Physical Address. . . . . . . . . : 24-EC-99-7C-7A-CA
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wireless Network Connection:

    Connection-specific DNS Suffix . : gateway
    Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
    Physical Address. . . . . . . . . : 24-EC-99-7C-7A-CA
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IPv4 Address. . . . . . . . . . . : 10.0.0.1(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Sunday, January 17, 2016 10:49:57 AM
    Lease Expires . . . . . . . . . . : Sunday, January 17, 2016 3:23:29 PM
    Default Gateway . . . . . . . . . : 10.0.0.138
    DHCP Server . . . . . . . . . . . : 10.0.0.138
    DNS Servers . . . . . . . . . . . : 10.0.0.138
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.gateway:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : gateway
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    Server: dsldevice.gateway
    Address: 10.0.0.138

    Name: google.com
    Addresses: 2404:6800:4006:800::200e
    216.58.220.142


    Pinging google.com [216.58.220.142] with 32 bytes of data:
    Reply from 216.58.220.142: bytes=32 time=18ms TTL=54
    Reply from 216.58.220.142: bytes=32 time=21ms TTL=54

    Ping statistics for 216.58.220.142:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 18ms, Maximum = 21ms, Average = 19ms
    Server: dsldevice.gateway
    Address: 10.0.0.138

    Name: yahoo.com
    Addresses: 2001:4998:44:204::a7
    2001:4998:58:c02::a9
    2001:4998:c:a06::2:4008
    98.139.183.24
    206.190.36.45
    98.138.253.109


    Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
    Reply from 98.138.253.109: bytes=32 time=195ms TTL=46
    Reply from 98.138.253.109: bytes=32 time=197ms TTL=46

    Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 195ms, Maximum = 197ms, Average = 196ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    13...4c 72 b9 b5 3d 01 ......Realtek PCIe GBE Family Controller
    20...00 ff 40 ca 74 e3 ......Juniper Network Connect Virtual Adapter
    2...24 ec 99 7c 7a ca ......Microsoft Hosted Network Virtual Adapter
    12...24 ec 99 7c 7a ca ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
    1...........................Software Loopback Interface 1
    10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.1 25
    10.0.0.0 255.255.255.0 On-link 10.0.0.1 281
    10.0.0.1 255.255.255.255 On-link 10.0.0.1 281
    10.0.0.255 255.255.255.255 On-link 10.0.0.1 281
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 10.0.0.1 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 10.0.0.1 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    1 306 ::1/128 On-link
    1 306 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog9 01 C:\WINDOWS\system32\LavasoftTcpService.dll [345360] (Lavasoft Limited)
    Catalog9 02 C:\WINDOWS\system32\LavasoftTcpService.dll [345360] (Lavasoft Limited)
    Catalog9 03 C:\WINDOWS\system32\LavasoftTcpService.dll [345360] (Lavasoft Limited)
    Catalog9 04 C:\WINDOWS\system32\LavasoftTcpService.dll [345360] (Lavasoft Limited)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 15 C:\WINDOWS\SysWOW64\mswsock.dll [306528] (Microsoft Corporation)
    Catalog9 16 C:\WINDOWS\system32\LavasoftTcpService.dll [345360] (Lavasoft Limited)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog9 01 C:\WINDOWS\System32\LavasoftTcpService64.dll [425744] (Lavasoft Limited)
    x64-Catalog9 02 C:\WINDOWS\System32\LavasoftTcpService64.dll [425744] (Lavasoft Limited)
    x64-Catalog9 03 C:\WINDOWS\System32\LavasoftTcpService64.dll [425744] (Lavasoft Limited)
    x64-Catalog9 04 C:\WINDOWS\System32\LavasoftTcpService64.dll [425744] (Lavasoft Limited)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 12 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 13 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 14 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 15 C:\Windows\System32\mswsock.dll [364384] (Microsoft Corporation)
    x64-Catalog9 16 C:\WINDOWS\System32\LavasoftTcpService64.dll [425744] (Lavasoft Limited)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (01/15/2016 10:02:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/15/2016 07:58:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

    System Error:
    Access is denied.
    .

    Error: (01/15/2016 05:07:45 PM) (Source: Application Hang) (User: )
    Description: The program SearchUI.exe version 10.0.10240.16603 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 11c0

    Start Time: 01d14f5aa611441f

    Termination Time: 4294967295

    Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

    Report Id: 4943fd06-bb4e-11e5-9c4d-4c72b9b53d01

    Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

    Faulting package-relative application ID: CortanaUI

    Error: (01/15/2016 05:07:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

    Error: (01/14/2016 09:35:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/14/2016 07:48:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/14/2016 07:45:17 PM) (Source: Application Hang) (User: )
    Description: The program SearchUI.exe version 10.0.10240.16603 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 38c

    Start Time: 01d14ea75b1020c8

    Termination Time: 4294967295

    Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

    Report Id: 1cbbc21e-ba9b-11e5-9c49-4c72b9b53d01

    Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

    Faulting package-relative application ID: CortanaUI

    Error: (01/14/2016 07:45:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.

    Error: (01/14/2016 07:15:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/14/2016 07:15:20 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: Jolly-PC)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


    System errors:
    =============
    Error: (01/17/2016 11:05:48 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (01/16/2016 11:07:05 PM) (Source: Service Control Manager) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (01/16/2016 09:03:49 AM) (Source: Service Control Manager) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (01/16/2016 08:53:41 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (01/15/2016 10:02:26 PM) (Source: DCOM) (User: Jolly-PC)
    Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

    Error: (01/15/2016 10:02:24 PM) (Source: Service Control Manager) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (01/15/2016 08:01:21 PM) (Source: APPHOSTSVC) (User: )
    Description:

    Error: (01/15/2016 08:01:21 PM) (Source: APPHOSTSVC) (User: )
    Description:

    Error: (01/15/2016 08:01:03 PM) (Source: Service Control Manager) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (01/15/2016 05:04:37 PM) (Source: Service Control Manager) (User: )
    Description: The Net.Pipe Listener Adapter service failed to start due to the following error:
    %%1053


    Microsoft Office Sessions:
    =========================
    Error: (01/15/2016 08:01:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6741.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 530 seconds with 0 seconds of active time. This session ended with a crash.

    Error: (01/15/2016 10:48:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6741.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2836 seconds with 60 seconds of active time. This session ended with a crash.


    CodeIntegrity Errors:
    ===================================
    Date: 2016-01-17 14:49:16.997
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.964
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.923
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.891
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.858
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.820
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.770
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.730
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.689
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2016-01-17 14:49:16.656
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume2\Windows\SysWOW64\LavasoftTcpService.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    =========================== Installed Programs ============================

    123 Free Solitaire v10.2 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
    Ad-Aware Antivirus (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}_AdAwareUpdater) (Version: 11.7.485.8398 - Lavasoft)
    Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 3.4.0.1 - Lavasoft)
    AdAwareInstaller (HKLM\...\{8C334A6E-504A-4C88-9C53-3AEF9FB5D20A}) (Version: 11.7.485.8398 - Lavasoft) Hidden
    AdAwareUpdater (HKLM\...\{A041066D-37EF-46FC-9DF7-465A07F1C5CF}) (Version: 11.7.485.8398 - Lavasoft) Hidden
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
    AntimalwareEngine (HKLM\...\{6E5FAEC8-C3C1-44E8-B8DE-CE3F9568BF85}) (Version: 3.0.98.0 - Lavasoft) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Auslogics Disk Defrag Packages (HKCU\...\Auslogics Disk Defrag Packages) (Version: - )
    AVG (HKLM\...\{AB11E7BD-211E-4EBD-9EAE-0C11CE7B48AE}) (Version: 16.12.7294 - AVG Technologies) Hidden
    AVG 2016 (HKLM\...\{C3506E0A-35BE-4AAF-BA41-62E9D9FD3B92}) (Version: 16.0.4522 - AVG Technologies) Hidden
    AVG PC TuneUp (HKLM-x32\...\{3F894650-88BC-44AE-8E44-84115B137822}) (Version: 16.13.3 - AVG Technologies) Hidden
    AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.13.1.47453 - AVG Technologies)
    AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
    AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.2.0.5 - AVG Technologies)
    Battle of Empires 1914-1918 Full (HKLM-x32\...\Battle of Empires 1914-1918 Full_is1) (Version: - )
    BigPond Broadband ADSL (HKLM-x32\...\{2A36014E-DF1D-4840-A209-3185B17BFC71}) (Version: 12.0 - Telstra)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
    Convert PDF to EPUB 1.6.8 (HKLM-x32\...\{02934035-291F-47CD-9550-4BB0540FEA92}) (Version: 1.6.8 - AniceSoft)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKCU\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
    EaseUS Todo Backup Free 8.9 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.9 - CHENGDU YIWO Tech Development Co., Ltd)
    FMW 1 (HKLM\...\{1F610B48-81E7-4A33-AFC9-1D7602C80732}) (Version: 1.52.1 - AVG Technologies) Hidden
    Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)
    FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
    Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
    Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
    Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
    iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 8.0.4.31475 - Juniper Networks)
    Juniper Networks Network Connect 7.0.0 (HKLM-x32\...\Juniper Network Connect 7.0.0) (Version: 7.0.0.17289 - Juniper Networks)
    Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.27077 - Juniper Networks)
    Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.4.31475 - Juniper Networks)
    Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 8.0.4.47117 - Juniper Networks)
    Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kobo (HKLM-x32\...\Kobo) (Version: 3.15.0 - Rakuten Kobo Inc.)
    Macrium Reflect Free Edition (HKLM\...\{90DAB387-766E-4815-9E18-5200681CDD22}) (Version: 6.0.753 - Paramount Software (UK) Ltd.) Hidden
    Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.0 - Paramount Software (UK) Ltd.)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft Links 2003 (HKLM-x32\...\Links 2003 1.0) (Version: - )
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
    Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
    Skypeâ„¢ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
    Splashtop Remote Client (HKLM-x32\...\{FF63D930-9D4B-4481-BB90-9F3FC22CD0DB}) (Version: 1.1.5.0 - Splashtop Inc.) Hidden
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
    Telstra Broadband Assistant (HKLM-x32\...\Telstra-Telstra Broadband Assistant) (Version: 1.0.2.45 - Telstra Corporation Ltd.)
    ThePhotobookClub.com.au (HKCU\...\ThePhotobookClub.com.au) (Version: ThePhotobookClub.com.au 3.2.0 - PhotobookClub.com.au)
    Tiger Woods PGA TOUR 07 (HKLM-x32\...\{B6829D65-F5C5-47F0-00BC-F5906EA94F4C}) (Version: - )
    TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
    TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 2.1.17.64 - TOSHIBA Corporation)
    TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
    TOSHIBA eco Utility (HKLM\...\{2C486987-D447-4E36-8D61-86E48E24199C}) (Version: 1.3.10.64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.18.64 - TOSHIBA Corporation)
    TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
    TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
    TOSHIBA Peak Shift Control (HKLM\...\{73F1BDB6-11E1-11D5-9DC6-00C04F2FC33B}) (Version: 3.00.07.64 - TOSHIBA Corporation)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2004 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
    TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
    TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
    TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0009 - TOSHIBA)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
    TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
    TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
    TSX Core(x64) (HKLM\...\{7C4A8744-B821-4DD7-AB58-A662978F6805}) (Version: 2.0.0.197 - SafeCentral, Inc.) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - )
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    Web Companion (HKLM-x32\...\{8783ef1c-710a-49b3-8401-7c398af50d20}) (Version: 2.1.1199.2443 - Lavasoft)
    WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
    Windows Driver Package - Atheros Communications Inc. (arusb_lhx) Net (09/25/2008 3.1.0.101) (HKLM\...\B090418E214D6BD6EE18A512A8EE609225AC9279) (Version: 09/25/2008 3.1.0.101 - Atheros Communications Inc.)
    Windows Driver Package - NETGEAR Inc. (RTL8187) Net (12/01/2006 6.1258.1201.2006) (HKLM\...\5AF8BE22A56B38B1816F36BAC6A71F1277E45440) (Version: 12/01/2006 6.1258.1201.2006 - NETGEAR Inc.)
    Windows Driver Package - Thomson (USB_RNDIS) Net (02/15/2007 2.0.0.0) (HKLM\...\2CA3B8348CD526E9B8928840AC68738C5B5A4F8F) (Version: 02/15/2007 2.0.0.0 - Thomson)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Updates Downloader (HKLM-x32\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinZip Driver Updater (HKLM-x32\...\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1) (Version: 1.0.648.16566 - WinZip Computing, S.L. (WinZip Computing))
    Wireless Wizard ver 6.3 (HKLM-x32\...\Wireless Wizard ver 6.3_is1) (Version: - Neri Networks, LLC.)
    World in Conflict: Soviet Assault (HKLM-x32\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.0 - Ubisoft Entertainment)

    ========================= Devices: ================================


    ========================= Memory info: ===================================

    Percentage of memory in use: 57%
    Total physical RAM: 3985.8 MB
    Available physical RAM: 1682.55 MB
    Total Virtual: 8081.8 MB
    Available Virtual: 5400.48 MB

    ========================= Partitions: =====================================

    1 Drive c: (S3A9565D003) (Fixed) (Total:443.57 GB) (Free:227.11 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\JOLLY-PC

    Administrator DefaultAccount Guest
    Jolly


    **** End of log ****
    JRT
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.2 (01.06.2016)
    Operating System: Windows 10 Pro x64
    Ran by Jolly (Administrator) on 17-Jan-16 at 15:58:25.12
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 9

    Failed to delete: C:\Program Files (x86)\lavasoft\web companion (Folder)
    Successfully deleted: C:\ProgramData\ad-aware browsing protection (Folder)
    Successfully deleted: C:\ProgramData\lavasoft\web companion (Folder)
    Successfully deleted: C:\ProgramData\mntemp (File)
    Successfully deleted: C:\Users\Jolly\AppData\Local\adawarebp (Folder)
    Successfully deleted: C:\Users\Jolly\AppData\Roaming\0F1L1I1P0H1L1E1E1F (Folder)
    Successfully deleted: C:\Users\Jolly\AppData\Roaming\lavasoft\web companion (Folder)
    Successfully deleted: C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task)
    Successfully deleted: C:\WINDOWS\wininit.ini (File)



    Registry: 4

    Successfully deleted: HKLM\Software\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole (Registry Key)
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
    Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} (Registry Key)
    Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{6c97a91e-4524-4019-86af-2aa2d567bf5c} (Registry Value)




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 17-Jan-16 at 16:04:43.94
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Zoek

    Zoek.exe v5.0.0.1 Updated 31-December-2015
    Tool run by Jolly on 17-Jan-16 at 18:57:28.77.
    Microsoft Windows 10 Pro 10.0.10240 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Jolly\Downloads\zoek.exe [Scan all users] [Script inserted]

    ==== System Restore Info ======================

    ==== Empty Folders Check ======================

    C:\PROGRA~2\Amazon deleted successfully
    C:\PROGRA~2\HDPlayer deleted successfully
    C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
    C:\PROGRA~2\MSXML 4.0 deleted successfully
    C:\Program Files\Google deleted successfully
    C:\Program Files\Common Files\AV deleted successfully
    C:\PROGRA~3\Comms deleted successfully
    C:\PROGRA~3\SoftwareDistribution deleted successfully
    C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
    C:\Users\Jolly\AppData\Local\cache deleted successfully
    C:\Users\Jolly\AppData\Local\CrashDumps deleted successfully
    C:\Users\Jolly\AppData\Local\EmieBrowserModeList deleted successfully
    C:\Users\Jolly\AppData\Local\EmieSiteList deleted successfully
    C:\Users\Jolly\AppData\Local\EmieUserList deleted successfully
    C:\Users\Jolly\AppData\Local\NetworkTiles deleted successfully
    C:\Users\Jolly\AppData\Local\PeerDistRepub deleted successfully
    C:\Users\Jolly\AppData\Local\Samsung deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
    C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
    C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

    I can only find 4 logs - maybe non for ZHP and Hitman.

    9 programs on Start up programs..From Task Manager
    AVG Ui(RE) Starter (2)
    AVG User Interface(2)
    CCleaner
    igfx Tray Module
    Realtek HD Audio Manager
    Synaptic Touchpad 64 bit Enhancements
    Toshiba Peak Shift Control
    TOSWAITSERV.exe
    TRAYTIP AGENT.exe
     
  15. 2016/01/18
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Hi Evan I posted the logs and Startup programs. But nothing has gone through. So I will post the Startup Program here and the logs in another post or 2:
    9 programs on Start up programs..From Task Manager
    AVG Ui(RE) Starter (2)
    AVG User Interface(2)
    CCleaner
    igfx Tray Module
    Realtek HD Audio Manager
    Synaptic Touchpad 64 bit Enhancements
    Toshiba Peak Shift Control
    TOSWAITSERV.exe
    TRAYTIP AGENT.exe
     
  16. 2016/01/18
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,570
    Likes Received:
    82
    Trophy Points:
    743
    Location:
    Birkirkara, Malta
    Computer Experience:
    ***
    You received a notice that they had to be approved by a moderator. I have approved them now.
     
  17. 2016/01/18
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Thank you I may have some more tomorrow.
     
  18. 2016/01/18
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Your Zoek log is incomplete. Please post a fresh Zoek log along with continuing to follow through with the rest of my instructions.

    For the startup programs, run the Autoruns program and take a screenshot of the Logon tab. Then upload that screenshot to http://imgur.com/ and post the link to that screenshot along with posting the last of the logs in your next reply.
     
  19. 2016/01/18
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Ok will do.
     
  20. 2016/01/19
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    Zoek Results

    Zoek.exe v5.0.0.1 Updated 31-December-2015
    Tool run by Jolly on 19-Jan-16 at 19:29:49.63.
    Microsoft Windows 10 Pro 10.0.10240 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Jolly\Downloads\zoek (3).exe [Scan all users] [Script inserted]

    ===== Runcheck 19:30:38.07 =====

    --- Create Environment Variables 19:30:40.53
    --- Create System Restore Point 19:30:54.08
    --- Checking Input 19:31:44.30
    --- AU AppData Check 20:43:43.06
    --- Remove From Windows Installer 20:43:49.92
    --- Empty Folders Check 20:46:59.32
    --- Registry HKLM Software Check 20:46:59.34
    --- Quick Launch Shortcut Check 20:47:43.89
    --- IE Startpage Check 20:48:01.31
    --- Program Files DB Check 20:48:49.68
    --- C:\Users\Administrator\AppData DB Check 20:50:18.99
    --- C:\Users\Default\AppData DB Check 20:50:18.99
    --- C:\Users\DefaultAppPool\AppData DB Check 20:50:18.99
    --- C:\Users\Jolly\AppData DB Check 20:50:18.99
    --- C:\WINDOWS\SysNative\config\systemprofile\AppData DB Check 20:50:18.99
    --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData DB Check 20:50:18.99
    --- C:\WINDOWS\serviceprofiles\networkservice\AppData DB Check 20:50:18.99
    --- C:\WINDOWS\serviceprofiles\Localservice\AppData DB Check 20:50:18.99
    --- C:\Users\Jolly DB Check 20:55:15.17
    --- C:\PROGRA~3 DB Check 20:55:51.63
    --- C:\Users\Administrator\AppData\Local DB Check 20:56:27.16
    --- C:\Users\Default\AppData\Local DB Check 20:56:27.16
    --- C:\Users\Default User\AppData\Local DB Check 20:56:27.16
    --- C:\Users\DefaultAppPool\AppData\Local DB Check 20:56:27.16
    --- C:\Users\Jolly\AppData\Local DB Check 20:56:27.16
    --- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local DB Check 20:56:27.16
    --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local DB Check 20:56:27.16
    --- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local DB Check 20:56:27.16
    --- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local DB Check 20:56:27.16
    --- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 21:00:18.85
    --- C:\Users\Jolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 21:00:38.46
    --- Tasks DB Check 21:00:50.81
    --- C:\Users\Jolly\AppData\LocalLow DB Check 21:00:59.92
    --- C:\WINDOWS\SysNative\config\systemprofile\AppData\LocalLow DB Check 21:00:59.92
    --- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 21:00:59.92
    --- C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow DB Check 21:00:59.92
    --- C:\WINDOWS\serviceprofiles\Localservice\AppData\LocalLow DB Check 21:00:59.92
    --- Tasks2 DB Check 21:02:27.94
    --- Documents DB Check 21:03:29.77
    --- Documents2 DB Check 21:03:49.56
    --- C:\Users\Jolly\AppData\Roaming\Mozilla\Firefox\Profiles\wmtkn9ue.default DB Check 21:03:54.30
    --- C:\Users\Public\Desktop DB Check 21:03:59.09
    --- C:\Users\Jolly\Desktop DB Check 21:04:10.67
    --- Services DB Check 21:04:30.57
    --- FF prefs.js DB Check 21:05:46.77
    --- Emptyclsid 21:07:01.70
    --- Del by CLSID 21:07:09.48
     
  21. 2016/01/19
    mindplay45

    mindplay45 Well-Known Member Thread Starter

    Joined:
    2013/02/22
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    76
    Location:
    Sydney Australia
    Computer Experience:
    Intermediate
    I can't load Autoruns into imgur and it wont paste here. What should I do.
     

Share This Page