Solved Speed up old pc

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.
just me, but I wouldn't be touching the CPU.
if the current one is serving your needs, why touch it?
honestly, on that old rig, a fresh install of Windows on to a SSD will give you amazing results.

also, with all your data being moved to an external drive - be sure you are also backing that external drive up, onto another drive. all depends on how important the data is!
 
  • Like
Reactions: PeterOz
Bruce said:
just me, but I wouldn't be touching the CPU.
if the current one is serving your needs, why touch it?
honestly, on that old rig, a fresh install of Windows on to a SSD will give you amazing results.

also, with all your data being moved to an external drive - be sure you are also backing that external drive up, onto another drive. all depends on how important the data is!
Click to expand...
ok, thanks, good idea to back up to another external drive.
 
Malnutrition said:
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
start::
CreateRestorePoint:
CloseProcesses:
Task: {2FFCF2C5-1FEC-4C37-ADFC-938B3242A182} - \PCHB_John_PCHealthBoost_RN -> No File <==== ATTENTION
Task: {588893AD-66DD-4673-A642-F08A43D094C6} - \PCHB_John_PCHealthBoost_LG -> No File <==== ATTENTION
Task: {78461287-A5EF-478C-B608-627AFA9A9876} - \PCHB_John_PCHealthBoost_UP -> No File <==== ATTENTION
Task: {9012B72D-8571-49EB-832E-52DA39D4FFD7} - \PCHB_John_PCHealthBoost_RM -> No File <==== ATTENTION
Task: {EAC8C383-C310-4ACD-8A70-9B00C1927FDB} - \PCHB_John_PCHealthBoost_RS -> No File <==== ATTENTION
Task: {F82E755A-AABD-4F65-953D-4741AFC396E8} - System32\Tasks\{CD4EDE84-46EF-4B55-B5EA-E8A2C6CD3C56} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe  (No File)
Task: {2B46EB3A-7B56-43AF-80B5-2EDDEC116D15} - System32\Tasks\{D193397B-1768-4140-B054-0D29B09C34A1} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe  (No File)
Task: {7992BFCB-F24E-4C0C-A92E-BC65D9F0D308} - System32\Tasks\{F2446629-CA02-46C8-80DE-962C19ED921E} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe  (No File)
Task: {91EBBAAE-3B34-4F46-9B9B-4C25344BB712} - System32\Tasks\Driver Robot => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk  --scan --stack=from-scheduler (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Program Files (x86)\Driver Robot
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {52FB0572-82B3-4894-898E-502A5E44B2F1} - System32\Tasks\{1AF468C2-19D6-44EE-88F4-724F8619FFB4} => C:\Users\John\AppData\Local\Temp\is-HDDQS.tmp\XRD Manager.exe  -> /exenoupdates /exelang 0 /noprereqs /qr  AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="F:\" AI_PREREQFILES="C:\Users\John\AppData\Local\Temp\{1AF468C2-19D6-44EE-88F4-724F8619FFB4}\drivers64.msi" AI_PREREQDIRS="C:\Users\John\AppData\Local\Temp" A (the data entry has 203 more characters). <==== ATTENTION
Task: {5912FD71-4BC8-4BBD-85C2-AB039BF77214} - System32\Tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA} => C:\Users\John\AppData\Local\Temp\is-GOGJ5.tmp\XRD Manager.exe  -> /exenoupdates /noprereqs /qr  AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION="INSTALL" EXECUTEACTION="INSTALL" ROOTDRIVE="F:\" AI_PREREQFILES="C:\Users\John\AppData\Local\Temp\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}\drivers64.msi" AI_PREREQDIRS="C:\Users\John\AppData\Local\Temp" OLDPRODUCTS= (the data entry has 245 more characters). <==== ATTENTION
Task: C:\Windows\Tasks\{1AF468C2-19D6-44EE-88F4-724F8619FFB4}.job => C:\Users\John\AppData\Local\Temp\is-HDDQS.tmp\XRD Manager.exeǸ/exenoupdates  /exelang 0 /noprereqs  /qr   AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE F:\ AI_PREREQFILES=C:\Users\John\AppData\Local\Temp\{1AF468C2-19D6-44EE-88F4-724F8619FFB4}\drivers64.msi AI_PREREQDIRS=C:\Users\John\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\John\AppData\Local\Temp\is-HDDQS.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\John\AppData\Local\Temp\is-HDDQS.tmp <==== ATTENTION
Task: C:\Windows\Tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}.job => C:\Users\John\AppData\Local\Temp\is-GOGJ5.tmp\XRD Manager.exeȢ/exenoupdates  /noprereqs  /qr   AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE F:\ AI_PREREQFILES=C:\Users\John\AppData\Local\Temp\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}\drivers64.msi AI_PREREQDIRS=C:\Users\John\AppData\Local\Temp OLDPRODUCTS={1AF468C2-19D6-44EE-88F4-724F8619FFB4} AI_SETUPEXEPATH=C:\Users\John\AppData\Local\Temp\is-GOGJ5.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\John\AppData\Local\Temp\is-GOGJ5.tmp <==== ATTENTION
HKU\S-1-5-21-1848767872-404475603-2672715458-1000\...\MountPoints2: {5e52aa42-e5be-11e4-b8fe-20cf30562aac} - H:\iStudio.exe
HKU\S-1-5-21-1848767872-404475603-2672715458-1000\...\MountPoints2: {9e0dc95b-3994-11e4-8559-20cf30562aac} - I:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1848767872-404475603-2672715458-1000\...\MountPoints2: {cce84df6-c218-11e5-bf24-20cf30562aac} - E:\VerizonSWUpgradeAssistantLauncher.exe
Task: {8AC2B642-0D7F-4269-93F9-887370296D57} - System32\Tasks\{B9D88805-415E-4A2C-91F4-2C15175EFF8D} => C:\Users\John\AppData\Roaming\UserBenchmark\UserBenchmark.exe [9202176 2023-10-13] (UserBenchmark) [File not signed]
Task: {55D58830-5079-4331-8EA4-276B1B75DDF9} - System32\Tasks\{F7F05A62-48A4-4EC8-A2DD-EA44E32D8DCC} => C:\Windows\system32\pcalua.exe [9728 2019-02-10] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\John\Downloads\vcredist_ia64.exe -d C:\Users\John\Downloads
Task: {C87555F6-434C-457F-A895-5D65A7DFA31D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {A874C8B4-AFA8-4079-A263-3D8515965F07} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {977E3A4E-0271-4719-8569-E0ABB5755E43} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2023-08-01] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E83BFA05-60D4-4A9A-8C53-32FDBFA4DFF9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DFEA0776-86A1-4611-A95A-B2184B51ED3E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c86fe6bb-6a69-4ed8-8ec2-6531b12a0d56" --version "6.17.10746" --silent
Task: {020EE998-A277-4BCA-9870-FB5291B98B7A} - System32\Tasks\CCleanerSkipUAC - John => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
C:\Program Files\Common Files\AVG
C:\Program Files\Common Files\AVAST Software
Task: {3036DC30-8AA5-4FBE-BC8F-3B997F17C31D} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [145304 2023-08-25] (Glarysoft Ltd -> Glarysoft Ltd)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Robot.job => C:\Program Files (x86)\Driver Robot\Driver Robot.lnk
S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X]
S3 vzandnetbus; system32\DRIVERS\lgvzandnetbus64.sys [X]
S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag64.sys [X]
S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm64.sys [X]
S3 vzandnetndis; system32\DRIVERS\lgvzandnetndis64.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
2023-10-23 10:14 - 2023-10-23 10:14 - 000002984 _____ C:\Windows\system32\Tasks\{B9D88805-415E-4A2C-91F4-2C15175EFF8D}
2023-10-23 10:14 - 2023-10-23 10:14 - 000002984 _____ C:\Windows\system32\Tasks\{9042C9F1-3A71-4E0F-8523-DE08A0144745}
2023-10-23 17:59 - 2018-02-28 14:39 - 000001368 ____H C:\Windows\Tasks\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}.job
2023-10-23 17:59 - 2018-02-28 14:03 - 000001284 ____H C:\Windows\Tasks\{1AF468C2-19D6-44EE-88F4-724F8619FFB4}.job
C:\Windows\system32\Drivers\etc\hosts.ics
C:\Users\John\AppData\Local\{0032BB24-FEA2-43CE-9DE8-C114F96CDAC7}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} =>  -> No File
FirewallRules: [{8A85E933-E9CC-4A96-8161-583E2AB3F2E7}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{401758DF-390D-4094-BBA5-37B44FA1153E}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
C:\Windows\system32\drivers\etc\hosts
AlternateDataStreams: C:\Windows:nlsPreferences [0]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [238]
Hosts:
FirewallRules: [{9D2C06E8-AB9C-4AE1-825C-1BAE3051B43D}] => (Allow) LPort=5353
FirewallRules: [{CD416B9C-D1A3-4BCF-9658-9358968E2F38}] => (Allow) LPort=5454
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state On
emptytemp:
Reboot:
End::


Download ZHP Suite to your desktop.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.
Click to expand...
Not quite sure where I paste the code I am copying.
 
You copy it and then right click FRST run as administrator, then click fix; no need to paste it. FRST program will do the work for you.
 
I will check over the ZHP log now, this log takes a while to go over, I may not have a reply tonight. You can usually free up several gigs of space with Privazer.




Security Check Scan.



  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please Copy and paste that log here in your next post
 
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.


Code: 
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
DeleteKey: HKLM\SOFTWARE\AVAST Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVAST Software
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKCU\SOFTWARE\Browser Cleanup
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Browser Cleanup
DeleteKey: HKLM\SOFTWARE\AVG
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVG
DeleteKey: HKCU\SOFTWARE\Avg
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Avg
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Bitdefender Agent
DeleteKey: HKLM\SOFTWARE\Malwarebytes
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes Anti-Rootkit
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware
DeleteKey: HKCU\SOFTWARE\Malwarebytes
DeleteKey: HKCU\SOFTWARE\Malwarebytes Anti-Rootkit
DeleteKey: HKCU\SOFTWARE\Malwarebytes' Anti-Malware
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes Anti-Rootkit
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes' Anti-Malware
DeleteKey: HKU\.DEFAULT\SOFTWARE\Auslogics
C:\ProgramData\MFAData
C:\Users\John\AppData\Roaming\AVG2012
C:\Users\John\AppData\Local\Avg
C:\Windows\System32\Config\systemprofile\AppData\Local\Avg
C:\Program Files\Bitdefender Antivirus Free
C:\ProgramData\Bitdefender Agent
C:\Windows\System32\Config\systemprofile\AppData\Roaming\McAfee
C:\Program Files\Malwarebytes
C:\Users\John\AppData\Roaming\Malwarebytes
C:\Users\John\AppData\Local\mbam
C:\Users\John\AppData\Roaming\DiskDefrag
C:\Program Files (x86)\GUM2BE1.tmp
C:\Program Files (x86)\GUMBCF8.tmp
C:\Program Files (x86)\GUMD7DD.tmp
C:\Program Files (x86)\GUME5F1.tmp
C:\Program Files (x86)\RegCleaner  
C:\Users\John\AppData\Roaming\com.hughesnet.HughesNetStatusMeter
C:\Users\John\AppData\Roaming\com.hughesnet.HughesNetStatusMeter.92D257A0BA68956E9AA1D50589E83FF4134CD6A8.1
C:\Users\John\AppData\Roaming\HpUpdate  
C:\Users\John\AppData\Roaming\TuneUp Software  
C:\Users\John\AppData\Local\EmieSiteList  
C:\Users\John\AppData\Local\EmieUserList  
C:\Users\John\AppData\Local\IIIQF  
C:\Users\John\AppData\LocalLow\EmieSiteList  
C:\Users\John\AppData\LocalLow\EmieUserList 
C:\Users\John\AppData\Roaming\NJFKrvSGxBAr
C:\Program Files (x86)\Google\Update
C:\Windows\System32\DRIVERS\tap0901.sys
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: net stop bits
Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old
cmd: net start bits
cmd:  bitsadmin /list /allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder
Folder: C:\Windows\System32\Tasks
Reboot:
End::
Download Autologger to your desktop.
Disable your Anitivirus/Defender prior to running.



  • Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
  • Right click Autologger and run as admin. (Xp user double click)
  • AVZ4 will open and scan your machine, allow this to complete.
  • Upload Collectionlog.zip to your next reply.
 
Last edited:
Malnutrition said:
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.


Code: 
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
DeleteKey: HKLM\SOFTWARE\AVAST Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVAST Software
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKCU\SOFTWARE\Browser Cleanup
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Browser Cleanup
DeleteKey: HKLM\SOFTWARE\AVG
DeleteKey: HKLM\SOFTWARE\WOW6432Node\AVG
DeleteKey: HKCU\SOFTWARE\Avg
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Avg
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Bitdefender Agent
DeleteKey: HKLM\SOFTWARE\Malwarebytes
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes Anti-Rootkit
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes' Anti-Malware
DeleteKey: HKCU\SOFTWARE\Malwarebytes
DeleteKey: HKCU\SOFTWARE\Malwarebytes Anti-Rootkit
DeleteKey: HKCU\SOFTWARE\Malwarebytes' Anti-Malware
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes Anti-Rootkit
DeleteKey: HKU\S-1-5-21-1848767872-404475603-2672715458-1000\SOFTWARE\Malwarebytes' Anti-Malware
DeleteKey: HKU\.DEFAULT\SOFTWARE\Auslogics
C:\ProgramData\MFAData
C:\Users\John\AppData\Roaming\AVG2012
C:\Users\John\AppData\Local\Avg
C:\Windows\System32\Config\systemprofile\AppData\Local\Avg
C:\Program Files\Bitdefender Antivirus Free
C:\ProgramData\Bitdefender Agent
C:\Windows\System32\Config\systemprofile\AppData\Roaming\McAfee
C:\Program Files\Malwarebytes
C:\Users\John\AppData\Roaming\Malwarebytes
C:\Users\John\AppData\Local\mbam
C:\Users\John\AppData\Roaming\DiskDefrag
C:\Program Files (x86)\GUM2BE1.tmp
C:\Program Files (x86)\GUMBCF8.tmp
C:\Program Files (x86)\GUMD7DD.tmp
C:\Program Files (x86)\GUME5F1.tmp
C:\Program Files (x86)\RegCleaner 
C:\Users\John\AppData\Roaming\com.hughesnet.HughesNetStatusMeter
C:\Users\John\AppData\Roaming\com.hughesnet.HughesNetStatusMeter.92D257A0BA68956E9AA1D50589E83FF4134CD6A8.1
C:\Users\John\AppData\Roaming\HpUpdate 
C:\Users\John\AppData\Roaming\TuneUp Software 
C:\Users\John\AppData\Local\EmieSiteList 
C:\Users\John\AppData\Local\EmieUserList 
C:\Users\John\AppData\Local\IIIQF 
C:\Users\John\AppData\LocalLow\EmieSiteList 
C:\Users\John\AppData\LocalLow\EmieUserList
C:\Users\John\AppData\Roaming\NJFKrvSGxBAr
C:\Program Files (x86)\Google\Update
C:\Windows\System32\DRIVERS\tap0901.sys
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: net stop bits
Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old
cmd: net start bits
cmd:  bitsadmin /list /allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32
ExportKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder
Folder: C:\Windows\System32\Tasks
Reboot:
End::
Download Autologger to your desktop.
Disable your Anitivirus/Defender prior to running.



  • Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
  • Right click Autologger and run as admin. (Xp user double click)
  • AVZ4 will open and scan your machine, allow this to complete.
  • Upload Collectionlog.zip to your next reply.
Click to expand...
I ran this as administrator, hit fix once and it ran but did not create a fixlog. Should I run it again?
 
Make sure and copy the code box contents from Start:: to End::

Then right click frst run as admin hit the fox button. You will know it works when the machine reboots after
 
Apparently this fixlog overwrote the one we did yesterday?? I ran it and it rebooted. I did a search on Everything and it only showed this one on the desktop. Hopefully it is the correct one.

Working with the Autologger now but cannot find Windows Defender to open and suspend it. It was on the desktop but not now. Did search on Everything for it but none of the files that came up will open Defender so...
 

Attachments

You can turn off defender with this tool.

www.sordum.org

Defender Control v2.1

In Windows there is no option to completely turn off Microsoft Defender , Defender control is a Portable freeware to disable Ms Defender.
www.sordum.org www.sordum.org

If you are unable to disable then skip it. Defender is useless in windows 7 anyhow
 
Yes go ahead and run the autologger program, and I’ll make a couple suggestions at the end of this.

How is the machine running feeling any snappier?

Did you install google chrome? Also, use geek uninstaller and remove anything you do not use.

Geek Uninstaller - the best FREE uninstaller

Efficient and Fast, Small and Portable. 100% Free
geekuninstaller.com geekuninstaller.com

Then open ccleaner hit tools then startup, then disable anything that you do not use on a daily basis. Then move onto scheduled task, you can disable pretty much everything there as well. Unless it relates to an antivirus or a program you need updated.
Then reboot.
After you post the autologger logs I’ll take a look when I get home.
 
No, there are just a lot of traces, and I’m gonna remove that in the next fix. Post autologger results when ready.
 
Ok I’ll check it when I get home. Have you uninstalled useless to you programs and trimmed up the startup and scheduled task on the machine?
 
Status
Not open for further replies.
Top Bottom