Freezes after first bootup of day, and after exiting sleep mode. Also freezes randomly

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • crimson51
    PCHF Member
    • Jul 2022
    • 39

    #16
    Originally posted by Malnutrition
    FRST Fix.
    Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Post new FRST and Addition.txt logs and let me know how the machine is performing.
    Here you are. A restart was in fact required, in case that information might be useful

    Comment

    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7041

      #17
      How is the machine now? Same issue?

      Comment

      • crimson51
        PCHF Member
        • Jul 2022
        • 39

        #18
        Originally posted by Malnutrition
        How is the machine now? Same issue?
        For the most part, yes. Except the audio is now similar to a full freeze. Just a rapid loop of whatever sound was playing at the time of the freeze. Still no blue screen or error message. Still needs to be restarted. Still happens both randomly and in the same situations as before

        Comment

        • Malnutrition
          PCHF Moderator
          • Jul 2016
          • 7041

          #19
          Please perform a clean boot on your machine and let me know the result.

          Troubleshooting a problem computer requires patience, know-how, and a lot of trial and error. Booting your PC in a clean configuration can help automate the process.


          I’ll double check the logs to make sure I did not miss anything, that usually takes me an hour. So I will have a reply tomorrow after work, as I’m headed to sleep now. 4 am comes early…

          Comment

          • crimson51
            PCHF Member
            • Jul 2022
            • 39

            #20
            Originally posted by Malnutrition
            Please perform a clean boot on your machine and let me know the result.

            Troubleshooting a problem computer requires patience, know-how, and a lot of trial and error. Booting your PC in a clean configuration can help automate the process.


            I’ll double check the logs to make sure I did not miss anything, that usually takes me an hour. So I will have a reply tomorrow after work, as I’m headed to sleep now. 4 am comes early…
            Have a good night. Thank you so much for your help

            Comment

            • Malnutrition
              PCHF Moderator
              • Jul 2016
              • 7041

              #21
              How is the machine under a clean boot?

              After going over everything again, I am not seeing any malware, but we will run a couple more checks to make sure. I am however seeing some clutter that could be removed. We can remove some un needed programs and trim up the scheduled task on the machine to try and improve things if you wish.



              ZHP cleaner Scan.

              Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
              Once you have started the program, you will need to click the scanner button.
              The program will close all open browsers!
              Once the scan is completed, the you will want to click the Repair button.
              At the end of the process you may be asked to reboot your machine.
              After you reboot a report will open on your desktop.
              Attach the report here in your next reply.


              Disable windows 10 spyware with O&O software, this can chew up bandwidth… microsoft is constantly uploading various data from your machine.

              Disable windows update, and only enable it once a week to update on your terms not whenever microsoft feels you need an update.

              Uninstall Useless to you windows apps with O&O App buster.



              Download AV block remover .
              Unzip to your desktop, Right click run as admin and follow the instructions. If it does not start, rename the AVbr.exe file to, for example, AV_br.exe
              Click yes to reset hosts file.
              After the machine reboots then there will be a logfile in the new folder created, post that please.


              Let’s run a scan with Emsisoft Emergency Kit to be safe.

              [ul]
              [li]Install and Run Emsisoft Emergency Kit (EEK):[/li]
              • [li]Double click EmergencyKitScanner.exe to install EEK[/li][li]When the installation of EEK is complete the Emergency Kit scanner will run.[/li]NOTE: Make sure to enable PUPs detection.
                [li]Click β€œYes” to Update Emsisoft Emergency Kit[/li][li]Under β€œScan” click-on β€œMalware Scan”.[/li]IMPORTANT: Do not quarantine or delete anything. We just want the scan log without anything being quarantined or deleted.
                [li]Save the scan log somewhere that you can find it.[/li][li]Exit Emsisoft Emergency Kit.[/li][/ul]

              Emsisoft Emergency Kit log (C:\EEK\Reports) can be found here, attach it in your next reply.

              Comment

              • crimson51
                PCHF Member
                • Jul 2022
                • 39

                #22
                With a clean boot I do not experience the freezes after sleep mode. I tried running ZHPCleaner but was unable to connect to the internet. A restart fixed that issue. Here’s the reports

                Comment

                • Malnutrition
                  PCHF Moderator
                  • Jul 2016
                  • 7041

                  #23
                  Originally posted by crimson51
                  With a clean boot I do not experience the freezes after sleep mode.
                  Ok. we must try and narrow the culprit, reverse the clean boot, by re enabling the startups and services. Then reboot the machine. Then post a hijack this log for me.

                  HijackThis.

                  1- Please click HERE to download HijackThis.
                  2- Run the program.
                  3- Click on the Main Menu button if not already there.
                  4- Select Do a system scan and save a logfile.
                  5- Copy paste the log here.

                  Comment

                  • Malnutrition
                    PCHF Moderator
                    • Jul 2016
                    • 7041

                    #24
                    @crimson51 Please update the thread, in 72 hours it will be closed if there is no reply.

                    Comment

                    • crimson51
                      PCHF Member
                      • Jul 2022
                      • 39

                      #25
                      Hey, sorry for the wait. Here is the HiJack This log. I re-enabled all the stuff I disabled before for the clean boot. Thank you for your help

                      Comment

                      • crimson51
                        PCHF Member
                        • Jul 2022
                        • 39

                        #26
                        Originally posted by Malnutrition
                        @crimson51 Please update the thread, in 72 hours it will be closed if there is no reply.
                        Oh, just to let you know I updated the thread. Thanks for the help

                        Comment

                        • Malnutrition
                          PCHF Moderator
                          • Jul 2016
                          • 7041

                          #27
                          Sorry I am not at home until tomorrow

                          Comment

                          • Malnutrition
                            PCHF Moderator
                            • Jul 2016
                            • 7041

                            #28
                            I apologize for the delay.

                            uninstall the following programs with GeekUninstaller.

                            The item in red, only remove if you do not use.

                            Lenovo Service Bridge (HKU\S-1-5-21-3816550260-3502602530-2828805135-1001...{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.12 - Lenovo)
                            Lenovo System Update (HKLM-x32...\TVSU_is1) (Version: 5.07.0136 - Lenovo)
                            Lenovo Vantage Service (HKLM-x32...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
                            [COLOR=rgb(184, 49, 47)]Microsoft OneDrive [/COLOR][COLOR=rgb(184, 49, 47)]COLOR=rgb(184, 49, 47) (Version: 22.131.0619.0001 - Microsoft Corporation)
                            Panda Cloud Cleaner (HKLM-x32...{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
                            WebAdvisor by McAfee (HKLM-x32...{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.726 - McAfee, LLC)

                            Start Hijack this as Admin, check the following, then click the fix,
                            Reboot your machine.
                            Code:
                            O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                            O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                            O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
                            O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
                            O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                            O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                            O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                            O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                            O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission
                            O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
                            O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                            O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                            O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                            O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                            O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
                            O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
                            O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
                            O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
                            O22 - Task: OneDrive Reporting Task-S-1-5-21-3816550260-3502602530-2828805135-1001 - C:\Users\19524\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
                            O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
                            O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
                            O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
                            O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
                            [/color]

                            Comment

                            • crimson51
                              PCHF Member
                              • Jul 2022
                              • 39

                              #29
                              Originally posted by Malnutrition
                              I apologize for the delay.

                              uninstall the following programs with GeekUninstaller.

                              The item in red, only remove if you do not use.

                              Lenovo Service Bridge (HKU\S-1-5-21-3816550260-3502602530-2828805135-1001...{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.12 - Lenovo)
                              Lenovo System Update (HKLM-x32...\TVSU_is1) (Version: 5.07.0136 - Lenovo)
                              Lenovo Vantage Service (HKLM-x32...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
                              [COLOR=rgb(184, 49, 47)]Microsoft OneDrive [/COLOR][COLOR=rgb(184, 49, 47)]COLOR=rgb(184, 49, 47) (Version: 22.131.0619.0001 - Microsoft Corporation)
                              Panda Cloud Cleaner (HKLM-x32...{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
                              WebAdvisor by McAfee (HKLM-x32...{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.726 - McAfee, LLC)

                              Start Hijack this as Admin, check the following, then click the fix,
                              Reboot your machine.
                              Code:
                              O2 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                              O2-32 - HKLM\..\BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                              O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
                              O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
                              O9 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                              O9 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll
                              O9-32 - Button: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                              O9-32 - Tools menu item: HKLM\..\{48A61126-9A19-4C50-A214-FF08CB94995C}: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
                              O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission
                              O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
                              O22 - Task: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                              O22 - Task: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                              O22 - Task: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                              O22 - Task: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
                              O22 - Task: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
                              O22 - Task: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
                              O22 - Task: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
                              O22 - Task: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
                              O22 - Task: OneDrive Reporting Task-S-1-5-21-3816550260-3502602530-2828805135-1001 - C:\Users\19524\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
                              O23 - Service R2: McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
                              O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
                              O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
                              O23 - Service S3: System Update - (SUService) - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
                              [/color]
                              [COLOR=rgb(184, 49, 47)]
                              I was able to find most but not all of those things. I didn’t find any of the files related to McAfee after removing it, same with the Lenovo systems. Also anything starting with O23. Here’s everything that showed up and everything I checked off. I’ll update once I’ve done the fix and reboot
                              [ATTACH type=β€œfull”]10323[/ATTACH][/color]

                              Comment

                              • crimson51
                                PCHF Member
                                • Jul 2022
                                • 39

                                #30
                                Originally posted by crimson51
                                I was able to find most but not all of those things. I didn’t find any of the files related to McAfee after removing it, same with the Lenovo systems. Also anything starting with O23. Here’s everything that showed up and everything I checked off. I’ll update once I’ve done the fix and reboot
                                [ATTACH type=β€œfull” alt=β€œ1658853491236.png”]10323[/ATTACH]
                                Reboot’s done. Computer is functional, though unsure about the freezes being fixed

                                Comment

                                Working...