Constantly going into 'overdrive'

Also, when you have completed the scan with Zemana, please uninstall it.

Here’s the Adware Removal tool report

[/quote]

Sorry I did the Adware Removal thing a good while ago. Forgot to click Post Reply!!

Just a thought, but since I’m installing all this lovely stuff, does that mean I can ditch Avira and MalwareBytes?

No, we will get to that at the end of this. I have an antivirus in mind for you that works mostly in the cloud. Which means less ram consumption, which allows you to free up resources to do other things with your machine.

Once we complete everything, then I will make a few suggestion with respect to your question.

Here’s the Zemana Report:

[/quote]

Sorry, I did it again!

I’ve completed the HijackThisFix thing, but some of the files you listed weren’t there.

Once you have completed the Hijack this fix and the TFC.exe instructions, then please run Zoek.


Zoek Scan

Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (Xp Users double click)
Copy the items in red below, and paste them into Zoek.

createsrpoint;
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
ResetHosts;
autoclean;


Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.

Here’s the report from Temp File Cleaner
Getting user folders.

Stopping running processes.

Emptying Temp folders.

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 114822 bytes

User: NetworkService
->Temp folder emptied: 421499622 bytes
->Temporary Internet Files folder emptied: 12429113 bytes
->Flash cache emptied: 581 bytes

User: User
->Temp folder emptied: 13817409204 bytes
->Temporary Internet Files folder emptied: 55325937 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 231731825 bytes
->Flash cache emptied: 612 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2421613 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 78611670 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 541869104 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 32902 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 2665069222 bytes
Process complete!

Total Files Cleaned = 17,001.00 mb

Startup was a LOT faster! Yippeee!!

Sweet, just continue on with the instructions and things can only get better!!

Once you have completed the Zoek scan, then please do the following…

Mandatory first step!!
First Create a restore point.

Open your device manager.
Locate the primary IDE channel.
Right click then un install the primary IDE channel driver(s)
If there is more than one of the Primary IDE channel drivers then uninstall ALL of them.
Make certain that you only uninstall the Primary IDE Channel Drivers.
Once you have uninstalled the Primary IDE Channel Drivers.
Reboot your machine!!
You will be notified that the driver has been installed.
Reboot your machine again.

[MEDIA=imgur]3LiFA04[/MEDIA]

Then go ahead and run a quick Defrag on your machine with this software below.

Toolwiz Smart Defrag 1.3.0.0

Here’s the Zoek report:
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by User on 16/02/2017 at 1:34:09.35.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Documents and Settings\User\My Documents\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16/02/2017 01:34:38 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================
[HEADING=1]Copyright (c) 1993-2006 Microsoft Corp.[/HEADING]
[HEADING=1]This is a sample HOSTS file used by Microsoft TCP/IP for Windows.[/HEADING]
[HEADING=1]This file contains the mappings of IP addresses to host names. Each[/HEADING]
[HEADING=1]entry should be kept on an individual line. The IP address should[/HEADING]
[HEADING=1]be placed in the first column followed by the corresponding host name.[/HEADING]
[HEADING=1]The IP address and the host name should be separated by at least one[/HEADING]
[HEADING=1]space.[/HEADING]
[HEADING=1]Additionally, comments (such as these) may be inserted on individual[/HEADING]
[HEADING=1]lines or following the machine name denoted by a ‘#’ symbol.[/HEADING]
[HEADING=1]For example:[/HEADING]
[HEADING=1]102.54.94.97 rhino.acme.com # source server[/HEADING]
[HEADING=1]38.25.63.10 x.acme.com # x client host[/HEADING]
127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\GRETECH deleted successfully
C:\Program Files\MediaViewV1 deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\TeamViewer deleted successfully
C:\Program Files\VS Revo Group deleted successfully
C:\Program Files\Zemana AntiMalware deleted successfully
C:\Program Files\Common Files\Apple deleted successfully
C:\Program Files\Common Files\Wondershare deleted successfully
C:\Documents and Settings\User\Start Menu\Programs\Iplay Games deleted successfully
C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully
C:\Documents and Settings\NetworkService\Application Data\Apple Computer deleted successfully
C:\Documents and Settings\User\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes{A124161E-878F-427F-815E-2075E72F3986} deleted successfully
HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Stats{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Ext \Settings{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Internet Explorer\Approved Extensions{21EAF666-26B3-4a3c-ABD0-CA2F5A326744} deleted successfully
HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Internet Explorer\Approved Extensions{5A60B6BB-FA81-4EFA-AB9C-A820E2143736} deleted successfully
HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Internet Explorer\Approved Extensions{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully
HKEY_USERS\S-1-5-21-329068152-606747145-1417001333-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\ZAMSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Z AMSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\gusvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\g usvc deleted successfully

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

C:\Program Files\GRETECH not found
C:\Program Files\MediaViewV1 not found
C:\Program Files\TeamViewer not found
C:\Program Files\VS Revo Group not found
C:\Program Files\Zemana AntiMalware not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Driver Support deleted
C:\Program Files\SopCast deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\Documents and Settings\NetworkService\Application Data\WB.CFG deleted
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Package Cache deleted
C:\Documents and Settings\User\Local Settings\Application Data\Wondershare deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extens ions]
“{20a82645-c095-46ed-80e3-08825760534b}”=“c:\WINDOWS\Microsoft.NET\Framework \v3.5\Windows Presentation Foundation\DotNetAssistantExtension” [29/11/2013 23:03]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns
feajbcdehmkchlonkhplmkhhhgokakni - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1260\ch\Medi aViewerV1alpha1260.crx
flliilndjeohchalpbbcdekjklbdgfkk - No path found
ifgdafdnkjbdnofenjbplmnkepdipkcm - C:\Program Files\MediaViewV1\MediaViewV1alpha1343\ch\MediaVie wV1alpha1343.crx
mlalfllmboedbjfgnlponjjffoogfcii - C:\Program Files\MediaWatchV1\MediaWatchV1home3740\ch\MediaWa tchV1home3740.crx
njagefbnbldfpnnejeglbbcmimbnnpmk - C:\Program Files\MediaViewV1\MediaViewV1alpha2928\ch\MediaVie wV1alpha2928.crx

==== Chromium Fix ======================

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage deleted successfully
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_static.user-red.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Start Page”=" https://uk.search.yahoo.com/ "
“Search Page”=" http://www.google.com "
“Search Bar”=" http://www.google.com "
“Use Search Asst”=“yes”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Start Page”=" http://www.google.com "
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
“Default”=“www.google.com”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
“Default”=“www.google.com”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
“Tabs”=“res://ieframe.dll/tabswelcome.htm”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
“Default_Search_URL”=" http://www.google.com "
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=“{A124161E-878F-427F-815E-2075E72F3986}”
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{A124161E-878F-427F-815E-2075E72F3986}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Search Page”=" Search - Microsoft Bing "
“Search Bar”=" Search - Microsoft Bing "
“Start Page”=" http://www.google.com "
“Use Search Asst”=“no”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Start Page”=" MSN "
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
“(Default)”=" %s - Search "
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
“(Default)”=" %s - Search "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
“Tabs”=“about:newtab”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
“Default_Search_URL”=" Search - Microsoft Bing "
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=" Google {searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=" Search - Microsoft Bing {searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url=" Google {searchTerms}&sourceid=ie7&rls=com.microsoft:{lang uage}:{referrer:source}&ie={inputEncoding?}&oe={ou tputEncoding?}"
{94D7C464-B759-4591-9F83-837871D3CF50} Google Url=" Google {searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &sourceid=ie7"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns\feajbcdehmkchlonkhplmkhhhgokakni deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns\ifgdafdnkjbdnofenjbplmnkepdipkcm deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns\mlalfllmboedbjfgnlponjjffoogfcii deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensio ns\njagefbnbldfpnnejeglbbcmimbnnpmk deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=134 folders=26 20520027 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\Documents and Settings\User\Local Settings\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\User\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

“C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not found

==== EOF on 16/02/2017 at 1:51:18.53 ======================

Bad news. When I click on ‘System restore’, I get a blank page!!

But in the Zoek report it says it achieved a successful restore point

Skip the uninstall of the primary ide drivers, then move onto the defrag. We will come back to that.

Eliminate Bad Settings with this nice tool.
[ul]
[li]Download SupRestric.exe save to your desktop.[/li][li]Close all running programs.[/li][li]Temporarily disable the antivirus[/li][li]Double click the file to launch it.[/li][li]Windows: 7/8/10 Vista and run as administrator[/li][li]Click Yes at any prompt.[/li]
[li]The analysis takes only a few moments.[/li][li]The report is on the desktop ( CTR.txt )[/li][li]Copy paste report in next reply.[/li][li]A reboot is needed to complete the repairs.[/li][/ul]

Auto logger scan!!

Disable your Antivirus & Anti spyware applications!!
Download Autologger to your desktop.
Unzip it there. – If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
Right click Autologger and run as admin. (Xp user double click)
AVZ4 will open and scan your machine, allow this to complete.
Upload Collectionlog.zip to your next reply.
[MEDIA=imgur]KA81Q57[/MEDIA]

Also, how is your machine running now? Any more ‘Over Drive’…?

I’ve just installed a new Primary IED driver! Seems to be running OK, but of course with all I’m doing I’d expect that ‘busy’ sound!
Does defrag take long? Only it’s moseying on towards 3am here and I’m wilting!