Computer running slow, cant download FRST

http://speccy.piriform.com/results/w66ScJKoUS76Fce8B6yFvsV

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Buckner Plumbing (25-03-2024 14:09:22) Run:4
Running from C:\Users\Buckner Plumbing\OneDrive\Desktop
Loaded Profiles: Buckner Plumbing
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
ExportKey: HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore
End::
*****************

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"RPSessionInterval"="0"
"FirstRun"="0"
"LastIndex"="26"
"LastMainenanceTaskRunTimeStamp"="17d2b0c62d7eda01"
"SystemRestorePointCreationFrequency"="0"
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\cfg]
"DiskPercent"="15"
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\Setup]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\Setup\Generalize]
"DisableSR"="0"
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\Setup\PreviousOSUpgrade]
"{09F7EDC5-294E-4180-AF6A-FB0E6A0E9513}"="\\?\Volume{81c702d4-5857-4453-b079-92f7248c66fe}\:Windows (C%3A)"
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore\Setup\Unattend]

=== End of ExportKey ===

==== End of Fixlog 14:09:22 ====

Hi jcol1227

All those scan results look normal. Let's try this:

Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

Start::
cmd: SFC /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::

• Run FRST64
• Click on Fix
• It may take more than a few minutes to run the fix
• When the fix completes, Fixlog.txt will be placed onto your Desktop
• Copy and paste that file into your next reply to me

In summary I will need from you:

• Fixlog.txt

Let me know if you have any questions.

polskamachina

Glad to hear the scan results look normal. Please see below for fixlog info.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Buckner Plumbing (26-03-2024 17:23:14) Run:5
Running from C:\Users\Buckner Plumbing\OneDrive\Desktop
Loaded Profiles: Buckner Plumbing
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
cmd: SFC /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
*****************


========= SFC /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection did not find any integrity violations.



========= End of CMD: =========


========= DISM /Online /Cleanup-Image /CheckHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.3636

Image Version: 10.0.19045.4170

No component store corruption detected.
The operation completed successfully.


========= End of CMD: =========


==== End of Fixlog 17:48:06 ====

So, I ran Speccy again and the machine does seem to be running a little hotter now. Temps as high as 150.

http://speccy.piriform.com/results/RzZOEkOEyoziI1URx4sl5eM

So, I ran Speccy again and the machine does seem to be running a little hotter now. Temps as high as 150.
 
http://speccy.piriform.com/results/RzZOEkOEyoziI1URx4sl5eM

150°F is still in the acceptable range. Your particular CPU, AMD A10-9600P, has a maximum operating temp of 90°C, which is 194°F.
 
Let's try and correct that error you received when running the WBEMTest which prevented you from removing the McAfee entry.

• Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

Start::
cmd: net stop winmgmt /y
cmd: C:\Windows\System32\wbem\Repository* /y
Reboot:
End::

• Run FRST64
• Click on Fix
• When the fix completes, you will be asked to restart you computer
• Please close all of your open windows and allow the restart
• When the computer has booted back to your desktop Fixlog.txt will be placed onto your Desktop
• Now try and run the wbemtest procedure again (instructions are below)
• If successful, you are done and you may jump to my final summary instructions at the bottom of this post

We need to remove the McAfee Antispyware entry from your Security Center with a tool called WBEMTest

• Go to Start -> Run or press Windows key + R.
• Type in wbemtest and press enter.
• Press Connect...
• In Namespace box type in root\SecurityCenter2 and press Connect
• Press Enum Instances...button
• Then copy and paste the following bold text AntiSpywareProduct into the box named Class Info and press OK.
• The next popup box should list the entry, {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
• Click on that entry and press Delete. If that specific entry is not listed, please let me know

 

Next:
 
Perform this fix ONLY if you are still receiving an error when trying to delete the McAfee entry:

• Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

Start::

Startbatch:
@echo on
cd /d c:\temp
if not exist %windir%\system32\wbem goto TryInstall
cd /d %windir%\system32\wbem
net stop winmgmt
winmgmt /kill
if exist Rep_bak rd Rep_bak /s /q
rename Repository Rep_bak
for %%i in (*.dll) do RegSvr32 -s %%i
for %%i in (*.exe) do call :FixSrv %%i
for %%i in (*.mof,*.mfl) do Mofcomp %%i
net start winmgmt
goto End

:FixSrv
if /I (%1) == (wbemcntl.exe) goto SkipSrv
if /I (%1) == (wbemtest.exe) goto SkipSrv
if /I (%1) == (mofcomp.exe) goto SkipSrv
%1 /Regserver
:SkipSrv
goto End
:TryInstall
if not exist wmicore.exe goto End
wmicore /s
net start winmgmt
:End
EndBatch:
End::

• Run FRST64
• Click on Fix
• When the fix completes, the file Fixlog.txt will be placed onto your Desktop
• Copy and paste that file into your next reply to me
• Now try and run the wbemtest procedure again

In summary I will need from you:

• Fixlog.txt
• Were you able to delete the McAfee entry using the wbemtest utility?
  • If you were successful, did it happen after the first or second fix?
• How is your computer performing now?

Let me know if you have any questions.
 
polskamachina

Edited by polskamachina, 27 March 2024 - 01:30 AM.

Hey polskamachina,

Still unable to delete the McAfee entry despite trying both fixes via FRST. Same "Access Denied" error message code. See below for fixlog.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by Buckner Plumbing (27-03-2024 11:59:56) Run:7
Running from C:\Users\Buckner Plumbing\OneDrive\Desktop
Loaded Profiles: Buckner Plumbing
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::

Startbatch:
@echo on
cd /d c:\temp
if not exist %windir%\system32\wbem goto TryInstall
cd /d %windir%\system32\wbem
net stop winmgmt
winmgmt /kill
if exist Rep_bak rd Rep_bak /s /q
rename Repository Rep_bak
for %%i in (*.dll) do RegSvr32 -s %%i
for %%i in (*.exe) do call :FixSrv %%i
for %%i in (*.mof,*.mfl) do Mofcomp %%i
net start winmgmt
goto End

:FixSrv
if /I (%1) == (wbemcntl.exe) goto SkipSrv
if /I (%1) == (wbemtest.exe) goto SkipSrv
if /I (%1) == (mofcomp.exe) goto SkipSrv
%1 /Regserver
:SkipSrv
goto End
:TryInstall
if not exist wmicore.exe goto End
wmicore /s
net start winmgmt
:End
EndBatch:
End::
*****************


========= Batch: =========
0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0


========= End of Batch: =========


==== End of Fixlog 11:59:57 ====

Hi jcol1227

Thanks for the update. I'm going to consult with staff to find the solution.

polskamachina

Hi jcol1227
 
Let's try another method.
 
Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

Start::
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
End::

• Run FRST64
• Click on Fix
• When the fix completes, Fixlog.txt will be placed onto your Desktop
• Please look at the Fixlog.txt and let me know if the operation completed successfully
• Also, copy and paste that file into your next reply to me

If the Fixlog.txt indicates that the fix was unsuccessful, then please reboot your computer into Safe Mode with Networking and try the fix again. To return Windows to normal mode, simply restart your computer.
 
In summary I will need from you:

• Fixlog.txt

Let me know if you have any questions.
 
polskamachina

The fixlist seems to have removed the entry successfully! I went back into wbemtest again to double check and entry {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} is no longer listed. See below for fixlog.

Fix result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by Buckner Plumbing (29-03-2024 14:50:09) Run:8
Running from C:\Users\Buckner Plumbing\OneDrive\Desktop
Loaded Profiles: Buckner Plumbing
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
End::
*****************

"AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}" => removed successfully

==== End of Fixlog 14:50:09 ====

Hi jcol1227
 
Good job putting the finishing touches on the McAfee AntiSpyware leftover.

• How is your system performing now?
• Are you still receiving popup error messages regarding the JumpStart software?
• Regarding the quote below, is it still happening?

Disk usage seems to be low now, but Im still noticing 100% usage after restart for maybe 15-20 minutes. Perhaps this is normal? All other performance parameters seem good.

Let me know if you have any questions.

polskamachina

System seems to be running well, thanks! I haven't noticed any more popup error messages regarding JumpStart. As far as the disk usage, the machine still seems to be running at 100% just after startup, but the length of time it stays high has decreased to only about 10 min now, which seems manageable.

Hi jcol1227

Let's see if we can figure out what's causing the high CPU usage.

Please do the following:

• Open Task Manager
• Click on the top of the CPU column and that will sort the processes from high to low. (If it's sorting low to high, click on it one more time and that will reverse the order.) 
• Let me know which processes are the highest ones
• If possible, post a screen shot while it's in its high usage state

Here is another tip I found that may be helpful:

• Hold down the Windows flag key and tap the letter S
• Type power plan in the search box
• Choose Edit power plan
• Select  Restore default settings for this plan
• If you did this while opening the task manager windows side by side, you should notice that the CPU usage drops suddenly to a normal state.

In summary I will need from you:

• The processes that are consuming the majority of the CPU percentage at startup
• Screen shot of your task manager's details sorted by CPU consumption
• Whether or not resetting your power plan to the default settings made any difference

Let me know if you have any questions.

polskamachina

I took a few screen shots during the high usage. See what you think. Unfortunately, I didnt notice any difference after restoring the power plan to its default.

Hi jcol1227

Well, there's a few directions we could go here. I see the first image you posted has Search at the top of the list. You could disable indexed search and see if that helps.

• Hold down the Windows flag key and tap the letter E
• Right click on the C:\ drive and select Properties
• It will open the properties window and display the General tab
• Uncheck the box near the bottom that says, Allow files on this drive to have contents indexed in addition to file properties
• Click OK
• Every file on your computer will need to be accessed to make this change so it could take a while

One other suggestion. Please check your shutdown menu and see if the hibernate option exists. If it does, that is a very good way to turn off your machine with several advantages:

• It doesn't consume any power when it's off
• When  you restart the machine, your previous session will be resumed exactly where you left it before you hibernated the computer
• Best of all, it doesn't have to load the operating system from scratch when it is powered up again so there's less waiting time.
• If the hibernate option is not displayed as one of your shutdown options, let me know and I'll tell you how to enable it.

In summary, let me know if any of the above suggestions helped lower your disk usage at startup. If not, there is one more method we can try for next time.

polskamachina

Edited by polskamachina, 03 April 2024 - 06:11 PM.

Disabling index search did seem to help! Instead of being at 100% usage for 10-20 min, its now only at 100% for 4-5 min.

I do have the hibernate option. I typically have been putting the machine in standby instead of shutdown when away from the computer but will start utilizing the hibernate option.

One thing i did notice after coming out of hibernation recently was something called Service Host:SysMain causing a lot of disk usage. Not sure what this is or if this could be the culprit. See attachment for screenshot.