Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Have a 1 second PAUSE that recently appeared

Pause

  • Please log in to reply

#1
Izzy1665

Izzy1665

    Member

  • Member
  • PipPipPip
  • 121 posts

I recently noticed a "pause" in my mouse movement that lasts about 1-2 seconds. I've changed out the mouse and it is still there so I assume it is software related. I have updated and run a Deep Clean in AVG Antivirus as well as my CCleaner but the pause is still there.

I'm not sure what else to do at this point.

 

Thanks in advance,

Bob

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by izzy1 (administrator) on BOBSPC (Gigabyte Technology Co., Ltd. Z270P-D3) (04-03-2021 17:24:27)
Running from C:\Users\izzy1\Downloads
Loaded Profiles: izzy1
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <3>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_653f80c82b05c61e\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_653f80c82b05c61e\IntelCpHeciSvc.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\izzy1\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\izzy1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [164608 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKU\S-1-5-21-2794832609-2082243482-722704294-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-24] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15B25DF3-2358-4AEF-84F3-62D0205A1C11} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {3A2FCA31-7968-400E-B232-0B56CAA960DF} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {705C9AD2-EBF1-49BF-9DFD-8F1939392993} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {7DFBB5F7-933C-4CB1-8F52-0F0F55D26355} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {830E3F68-9D18-413B-BEF9-02413663F7E4} - System32\Tasks\update-S-1-5-21-2794832609-2082243482-722704294-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {863FF74F-DA0E-4A91-A6C5-F93734033AE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {C3200A7B-D377-4B5A-9914-D5AF70FAAF3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-23] (Google LLC -> Google LLC)
Task: {CD083489-101A-44A8-9276-765F2F778FA5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EC99AD7B-A435-47D7-8E96-DFA134313836} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2794832609-2082243482-722704294-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9c1443d7-6d6e-4865-adee-c2553600f8c9}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Profile: C:\Users\izzy1\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-03]

FireFox:
========
FF DefaultProfile: f7qmccnk.default
FF ProfilePath: C:\Users\izzy1\AppData\Roaming\Mozilla\Firefox\Profiles\f7qmccnk.default [2021-01-28]
FF ProfilePath: C:\Users\izzy1\AppData\Roaming\Mozilla\Firefox\Profiles\rexu22i6.default-release-1614824475367 [2021-03-04]

Chrome:
=======
CHR Profile: C:\Users\izzy1\AppData\Local\Google\Chrome\User Data\Default [2021-03-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\izzy1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR Extension: (Chrome Media Router) - C:\Users\izzy1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622184 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [353024 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8091704 2021-03-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109464 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208176 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [357400 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [249368 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [98840 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2021-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175368 2021-02-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [521472 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [465800 2021-02-24] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\WINDOWS\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhidmini; C:\WINDOWS\System32\drivers\csrhidmini.sys [29896 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\System32\drivers\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 17:24 - 2021-03-04 17:26 - 000013484 _____ C:\Users\izzy1\Downloads\FRST.txt
2021-03-04 17:23 - 2021-03-04 17:25 - 000000000 ____D C:\FRST
2021-03-04 17:23 - 2021-03-04 17:23 - 002301440 _____ (Farbar) C:\Users\izzy1\Downloads\FRST64.exe
2021-02-28 12:22 - 2021-02-28 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 20:08 - 2021-02-26 20:13 - 663780512 _____ (NVIDIA Corporation) C:\Users\izzy1\Downloads\461.40-desktop-win10-64bit-international-dch-whql.exe
2021-02-25 18:07 - 2021-02-25 18:07 - 000000000 __SHD C:\found.001
2021-02-25 14:49 - 2021-03-03 20:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-22 14:27 - 2021-02-23 15:23 - 000000000 ____D C:\found.000
2021-02-22 14:27 - 2021-02-22 14:27 - 000000000 ____D C:\found.003
2021-02-22 14:27 - 2021-02-22 14:27 - 000000000 ____D C:\found.002
2021-02-22 14:15 - 2021-02-22 14:15 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-16 21:00 - 2021-02-16 21:00 - 000000000 ____D C:\Users\izzy1\AppData\Roaming\CrystalIdea Software
2021-02-16 13:48 - 2021-03-03 21:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-16 12:09 - 2021-02-16 12:09 - 000000000 ____D C:\Users\izzy1\AppData\Roaming\AVG
2021-02-16 12:09 - 2021-02-16 12:09 - 000000000 ____D C:\Users\izzy1\AppData\Local\CEF
2021-02-16 12:08 - 2021-03-03 21:56 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-16 12:08 - 2021-02-16 12:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-02-16 12:07 - 2021-02-24 23:59 - 000465800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-02-16 12:07 - 2021-02-24 23:59 - 000175368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000521472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000357400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-02-16 12:07 - 2021-02-16 12:07 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000249368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000208176 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000098840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-02-16 12:07 - 2021-02-16 12:07 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-02-16 12:06 - 2021-03-04 16:41 - 000000000 ____D C:\Program Files\CCleaner
2021-02-16 12:06 - 2021-03-04 16:37 - 000000000 ____D C:\ProgramData\AVG
2021-02-16 12:06 - 2021-03-03 21:56 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-16 12:06 - 2021-03-03 21:56 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-16 12:06 - 2021-02-16 12:06 - 000000000 ____D C:\Program Files\AVG
2021-02-09 17:51 - 2021-02-09 17:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-09 17:50 - 2021-02-09 17:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-09 17:50 - 2021-02-09 17:50 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-09 17:50 - 2021-02-09 17:50 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-09 17:49 - 2021-02-09 17:49 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-04 17:22 - 2021-01-28 10:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-04 17:21 - 2019-01-13 20:29 - 000000000 ____D C:\Users\izzy1\AppData\LocalLow\Mozilla
2021-03-04 17:19 - 2021-01-23 13:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-04 17:15 - 2021-01-23 16:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-04 16:42 - 2021-01-23 16:09 - 000000000 ____D C:\WINDOWS\INF
2021-03-04 16:42 - 2021-01-23 13:56 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-04 16:40 - 2019-01-13 18:45 - 000000000 ___RD C:\Users\izzy1\OneDrive
2021-03-04 16:38 - 2021-01-23 15:55 - 000000402 _____ C:\WINDOWS\Tasks\update-sys.job
2021-03-04 16:38 - 2021-01-23 15:55 - 000000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2794832609-2082243482-722704294-1001.job
2021-03-04 16:38 - 2021-01-23 13:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-04 16:38 - 2020-06-12 10:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-04 16:38 - 2019-01-13 18:44 - 000000000 __SHD C:\Users\izzy1\IntelGraphicsProfiles
2021-03-04 16:38 - 2019-01-13 18:44 - 000000000 ____D C:\Intel
2021-03-04 16:37 - 2021-01-23 15:57 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-03 21:56 - 2021-01-23 15:55 - 000003034 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-2794832609-2082243482-722704294-1001
2021-03-03 21:56 - 2021-01-23 15:55 - 000002782 _____ C:\WINDOWS\system32\Tasks\update-sys
2021-03-03 21:56 - 2021-01-23 15:15 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-03-03 21:56 - 2021-01-23 15:15 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-03-03 21:56 - 2021-01-23 14:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2794832609-2082243482-722704294-1001
2021-03-03 21:56 - 2021-01-23 13:41 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 21:56 - 2021-01-23 13:41 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 20:07 - 2021-01-23 16:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-03 20:07 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-03 20:00 - 2021-01-28 10:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-03 19:18 - 2021-01-23 13:42 - 000000000 ____D C:\Users\izzy1
2021-03-03 18:26 - 2021-01-23 13:42 - 000002363 _____ C:\Users\izzy1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-03 13:25 - 2019-02-15 12:47 - 000000000 ____D C:\Users\izzy1\OneDrive\Documents\Bills
2021-02-28 12:43 - 2020-08-28 15:27 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-28 12:22 - 2019-01-13 20:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-24 21:06 - 2019-01-13 20:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-16 12:09 - 2021-01-23 16:25 - 000000000 ____D C:\WINDOWS\Panther
2021-02-16 12:09 - 2019-01-13 20:24 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2021-02-16 12:07 - 2021-01-23 16:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-16 12:06 - 2019-01-13 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-02-15 17:03 - 2019-01-14 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-12 03:05 - 2021-01-23 13:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-09 20:38 - 2021-01-23 13:27 - 000258688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-09 20:35 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-09 20:35 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-09 20:35 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-09 20:35 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-09 20:35 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-09 20:35 - 2021-01-23 15:57 - 000000000 ____D C:\WINDOWS\servicing
2021-02-09 20:34 - 2021-01-23 16:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-09 20:34 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-09 20:34 - 2021-01-23 16:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-09 20:34 - 2021-01-23 16:10 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-09 17:56 - 2021-01-23 16:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-09 17:23 - 2021-01-25 00:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-09 17:22 - 2021-01-25 00:40 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-01-23 15:55 - 2021-01-23 15:55 - 000000003 _____ () C:\Users\izzy1\AppData\Local\updater.log
2021-01-23 15:55 - 2021-01-23 15:55 - 000000424 _____ () C:\Users\izzy1\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by izzy1 (04-03-2021 17:28:01)
Running from C:\Users\izzy1\Downloads
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-01-23 19:09:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2794832609-2082243482-722704294-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2794832609-2082243482-722704294-503 - Limited - Disabled)
Guest (S-1-5-21-2794832609-2082243482-722704294-501 - Limited - Disabled)
izzy1 (S-1-5-21-2794832609-2082243482-722704294-1001 - Administrator - Enabled) => C:\Users\izzy1
tyley (S-1-5-21-2794832609-2082243482-722704294-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2794832609-2082243482-722704294-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.1.3164 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Coinomi Wallet (HKLM\...\{EE5A628F-810E-44CF-B45E-CA24076FF104}_is1) (Version: 1.3.0 - Coinomi Holdings Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2794832609-2082243482-722704294-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0 - Mozilla)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-03-02] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-23] (INTEL CORP) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2021-01-23] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-02-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-23 16:10 - 2021-01-23 16:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2794832609-2082243482-722704294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\izzy1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{01732B2C-41DF-4EB9-AE55-3EBEB3811B7C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{622ECB4C-0B85-46E2-9CDB-7408DEDA25BB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{07CD61D9-BFAC-4857-9FFE-9E6BECE8537E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72B4303D-D969-455A-988B-4C071E31D4C8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7625A8CC-EAE5-485A-A849-2C6CB3588D40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{66635506-7CA2-4FEB-966A-BBBB72023B45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6055423F-BD8E-48C1-BA8B-61B974C3BCEA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-02-2021 18:20:23 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/28/2021 04:36:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/21/2021 07:01:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/21/2021 06:32:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/16/2021 12:18:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: e68

Start Time: 01d7025ebb54efe8

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: a8cbf10f-d356-4552-b363-fa1d408cccba

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (02/14/2021 03:18:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 03:13:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/14/2021 02:57:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on System Reserved because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/13/2021 12:40:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2020.20110.11001.0, time stamp: 0x5fac1c27
Faulting module name: KERNELBASE.dll, version: 10.0.19041.804, time stamp: 0x0e9c5eae
Exception code: 0xc0000602
Fault offset: 0x000000000010bd5c
Faulting process id: 0x1c28
Faulting application start time: 0x01d6ffb35e4f046c
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5dc43b3c-5f97-47c4-8042-51101e4adc73
Faulting package full name: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App


System errors:
=============
Error: (03/04/2021 05:26:14 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:26:11 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:26:07 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:26:03 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:26:00 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:25:56 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:25:52 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/04/2021 05:25:49 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Windows Defender:
================
Date: 2021-02-15 14:13:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-11 12:54:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 12:04:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-07 12:24:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-06 12:57:47
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 20:36:49
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.545.0;1.331.545.0
Engine version: 1.1.17800.5

Date: 2021-02-09 20:36:46
Description:
Microsoft Defender Antivirus has encountered an error trying to load security intelligence and will attempt reverting back to a known-good version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence version: 1.331.612.0;1.331.612.0
Engine version: 1.1.17800.5

CodeIntegrity:
===============
Date: 2021-03-04 16:40:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-03-04 16:40:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F7 11/08/2017
Motherboard: Gigabyte Technology Co., Ltd. Z270P-D3-CF
Processor: Intel® Core™ i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 27%
Total physical RAM: 16271.94 MB
Available physical RAM: 11809.28 MB
Total Virtual: 22159.94 MB
Available Virtual: 17892.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1241.94 GB) (Free:1133.54 GB) NTFS
Drive d: (ISBELL) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

\\?\Volume{fbd70783-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{fbd70783-0000-0000-0000-c09b36010000}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1242.9 GB) (Disk ID: FBD70783)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1241.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 MB) - (Type=27)

==================== End of Addition.txt =======================

 

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Looks like the hard drive may be failing.  Let's see what Speccy says about it:


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


Why do I think the hard drive has problems?

 

Error: (03/04/2021 05:26:14 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

 

This indicates one or more likely several sectors on the hard drive are defective.

 

Also:
 

2021-02-25 18:07 - 2021-02-25 18:07 - 000000000 __SHD C:\found.001

...
2021-02-22 14:27 - 2021-02-23 15:23 - 000000000 ____D C:\found.000
2021-02-22 14:27 - 2021-02-22 14:27 - 000000000 ____D C:\found.003
2021-02-22 14:27 - 2021-02-22 14:27 - 000000000 ____D C:\found.002

 

Found folders contain files recovered from bad sectors on the hard drive. Since you have 4 within 3 days that means at least 4 sectors have failed in that short period of time.  I would backup any files you can't afford to lose (photos, videos and documents) before the drive fails completely. 

 

Why Speccy?  Speccy's log will contain a section on the SMART info from the hard drive.  This will tell us how many sectors have been replaced with spares and how many have been marked bad but not yet replaced.  Will also show the temperature of the drive which is important because drives may not work reliably over 50 C. 


  • 0

#3
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

SPECCY file attached.

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Your hard drive isn't as bad as I thought but it is getting weak:

 

BB
                                            Attribute name    Reported Uncorrectable Errors
                                            Real value    61,155
                                            Current    73
                                            Worst    1
                                            Threshold    0
                                            Raw Value    000000EEE3
                                            Status    Good
                                        BC
                                            Attribute name    Command Timeout
                                            Real value    28
                                            Current    100
                                            Worst    94
                                            Threshold    0
                                            Raw Value    000000001C
                                            Status    Good
                                       ...
                                        C5
                                            Attribute name    Current Pending Sector Count
                                            Real value    12
                                            Current    200
                                            Worst    200
                                            Threshold    0
                                            Raw Value    000000000C
                                            Status    Good

 

The bolded values would all be 0 on a good drive.  Also the drive is only running at SATA-II speed.  Judging by your Motherboard and by the drive specs it should be running SATA-III which is twice SATA-II.  The drive is a WL1000GSA6454 which Amazon sells for $28 and says is a White Label (generic)  1TB SATA-III with 5400RPM and a 64 cache so I think you got cheated and they gave you an older SATA II model.    A Western Digital Blue is only $11 more and runs at 7200 RPM.  Personally I only buy Western Digital Black drives which last a lot longer but which run about $70.  I've just replaced mine with a Samsung EVO 1 TB SSD.  Made a tremendous difference in speed but cost a bit over $100. 

 

Anyway it would be wise to get a new replacement drive and clone the old one before it fails altogether.

 

If you want to try to keep it running a bit longer you can have Windows do a chkdsk on the drive.  Will take several hours.:

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

Type:

chkdsk  /r  c:

Hit Enter. (I use two spaces so you can see where one space goes)

 

It will say it can't do it right now and ask if you want to schedule it for the next reboot.  Tell it

y

Enter

 

Reboot and the disk check will start.  Once it finishes we want to run DISM & SFC to make sure we haven't lost any critical System files.  To Save a lot of typing you can download the attached Fixlist

Attached File  fixlist.txt   414bytes   22 downloads

(to the same directory where you put FRST C:\Users\izzy1\Downloads) then run FRST as before (right click and Run As Admin) but instead of hitting Scan you hit FIX instead.  You will get one file.  Please post.  Then rerun FRST and hit SCAN and post both files.

 

 


  • 0

#5
Izzy1665

Izzy1665

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Well, right after I posted the SPECCY results I went ahead and shut down and installed another 1TB WD drive to start backing up the main drive and I couldn't get Windows to boot up again. I tried several times, checked the SATA and power cable on the original drive and they were fine. Pulled the cables on the added WD drive but still nothing so I just unhooked the original drive cables and reloaded Windows onto the new WD 1TB drive and here I am.  

 

Thank you for the attempt at helping me RKinner , I'll try the drive again in a day or so and see if it spins back up and hopefully I can back it up. 

 

Bob up by the Space Center waving at ya again.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,721 posts
  • MVP

Were you able to recover your data from the sick hard drive?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP