While we are in diagnostic mode - can I digress to a different issues but perhaps use the same tools ? For no apparent reason at all this morning, the PC froze. It just needed a reboot to regain normal function. Can I get a clue to the cause of the freeze from Event Viewer or ProcMon ? If so which and how ?
Telegram Desktop converts a paste into an attachment
Posted 07 February 2021 - 10:30 PM
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
4. Under 'Select type to list', select:
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
Posted 07 February 2021 - 10:42 PM
The attachments are in the wrong order because I had omitted 'attach this file' first time round.
No solution yet, but progress in diagnostic ability ....
Posted 08 February 2021 - 05:59 AM
I'm going to have this moved to our Malware forum so I can have you run FRST so I can see what is going on.
- Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Check the Addition.txt box
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Smart Screen, Windows Defender and Avast have all been blocking FRST recently. It's a false positive so pause your antivirus when downloading or running FRST. If you get a message saying Smart Screen has blocked it you can click on More Info and you will see an option to Run Anyway.
Get the free version of Speccy:
(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.
Posted 08 February 2021 - 06:29 AM
I noticed the Farbar default was '1 month' - that would include the time that I was using a clone of this system as system drive, to get away from frequent misbehaviour; but when I looked at the HDSentinal reports of the respective drives, I decided to return to this SSD as it's deemed to be 'perfect' - and the misbehaviour had mysteriously gone away - apart from the freeze I mentioned in a previous post.
I notice that in the Speccy report - Avira is live and well. That was never my intention, I just wanted it installed and ready for action should it ever be needed - but I have failed to render it dormant. I did NOT intend to have two antivirus both working. Same goes for Spybot - I used use it to scan the PC once in four weeks, but I see that it is 'permanently' enabled - against my intention !
Posted 08 February 2021 - 08:59 AM
Error: (02/08/2021 09:32:07 PM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x800 for Disk 4 (PDO name: \Device\00000081) failed due to a hardware error.
Assume Disk 4 is the same disk shown in Disk Management:
Hopefully it's the Flash drive with letter A: Appears to be sick.
You had McAfee at one time.
Their uninstaller really doesn't work well and leaves a lot of services running. Go to:
Download, Save and then right click and Run As Admin. This should remove most of the remnants.
Uninstall the following:
Adobe Flash Player 32 NPAPI - Flash is officially obsolete and the recommendation is to remove the program to prevent malware from using it.
Avira Security - As you can see having two antiviruses is not a good idea.
Spybot - Search & Destroy (32-bit) - Not really recommended for Win 10. Their immunization really slows down your network. Try to remove it when uninstalling.
SUPERAntiSpyware - Worthless cookie finder.
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 23.68KB 22 downloads
Run FRST and press Fix. Fix will remove a lot of dead wood and also check your system files so usually takes 25 minutes to run. Be patient. Will reboot when done.
A fix log will be generated please post that
Run FRST again but this time make sure Addition.txt is checked and hit Scan. Post both logs.
Posted 08 February 2021 - 08:51 PM
The Flash Drive (A:\) shows the least sign of malfunction in practice - performs very reliably. Whereas C:\ often disappears from THIS PC, and sometimes T:\, and even less so X:\ . C:\ being the system drive - it is quite embarrassing and inconvenient when the THIS PC window of Windows Explorer does not dis-play C:\. Will post this now, and report when I have done the suggested uninstalls.
Posted 08 February 2021 - 10:00 PM
I have done the recommended uninstalls, but am stumped at downloading your attached fixlist.txt to include in \FRST\
Posted 08 February 2021 - 10:04 PM
FRST says it is running from:
So click on the fixlist and download it and save it in the folder:
Then pause Avast so it doesn't eat FRST and just right click on FRST64 and Run As Admin. Once FRST is up you just click on the FIX button.
Posted 08 February 2021 - 10:15 PM
'click on the fixlist and download it' is what had me stumped. But when I just clicked it then, it did indeed offer to download something, so progress inches ahead
Posted 08 February 2021 - 10:33 PM
OK. Very few 32 bits these days.
Did you rename FRST.exe to Farbar.exe? That looks like the FRST logo. Try it.
Posted 08 February 2021 - 10:38 PM
I had installed Farbar in January last year - so hard to remember details - but my current version is dated today. I would have had NO reason to change the filename. I'll right-click Farbar.exe to choose 'Run as administrator'.
Posted 08 February 2021 - 10:53 PM
I noticed you wanted FRST run TWICE - once more with Addition.txt ticked - but it was already ticked when I started running it, so I include that log now, before running it a second time.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users