Help pls

I’d like you to run a full scan with malware bytes
Please download Malwarebytes Anti-Malware from here
[ul]
[li]Right-click on the MBAM icon and select Run as administrator to run the tool.[/li][li]Click Yes to accept any security warnings that may appear.[/li][li]Once the MBAM dashboard opens, on the right detail pane click on the word “Current” under the Scan Status to update the tool database.[/li][li]On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/li][li]Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/li][li]Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/li][li]Note: The scan may take some time to finish, so please be patient.[/li][li]If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.[/li][li]While still on the Scan tab, click the View Reportbutton, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/li][li]The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/li][/ul]
Please post the log for my review.
Note: If asked to restart the computer, please do so immediately.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

[spoiler]~ ZHPCleaner v2022.3.23.20 by Nicolas Coolman (2022/03/23)
~ Run by Home (Administrator) (24/03/2022 21:05:07)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : ZHP
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Home\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Home\AppData\Roaming\ZHP\ZHPCleaner_Reg.t xt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19044)

—\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

—\ Services (0)
~ No malicious or unnecessary items found.

—\ Browser internet (0)
~ No malicious or unnecessary items found.

—\ Hosts file (1)
~ The hosts file is legitimate (1)

—\ Scheduled automatic tasks. (1)
DELETED task: [Adobe Flash Player PPAPI Notifier] [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_330_pepper.exe] =>Riskware.FlashPlayer

—\ Explorer ( File, Folder) (7)
MOVED file: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium
MOVED file: C:\Users\Home\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\Home\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Preferences =>Préférences Chromium
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware =>SUP.Optional.ByteFence
MOVED folder: C:\Users\Home\AppData\Roaming\Microsoft\Windows\St art Menu\ByteFence =>SUP.Optional.ByteFence
MOVED folder: C:\Documents and Settings\Home\Application Data\Microsoft\Windows\Start Menu\ByteFence =>SUP.Optional.ByteFence

—\ Registry ( Key, Value, Data) (36)
DELETED key*: [X64] HKLM\SOFTWARE\57979c68-f490-55b8-8fed-8b017a5af2fe =>Adware.CrossRider
DELETED key*: HKCU\Software\undefined [AdditionalScan 150] =>.SUP.Downloader
DELETED key*: HKLM\SOFTWARE\Classes*\shell\ByteFence File Scan [AdditionalScan 499] =>SUP.Optional.ByteFence
DELETED key*: HKLM\SOFTWARE\Classes\Directory\Shell\ByteFence Folder Scan [AdditionalScan 503] =>SUP.Optional.ByteFence
DELETED key*: HKLM\System\CurrentControlSet\Services\EventLog\Re ason\ReasonByteFence [AdditionalScan 579] =>SUP.Optional.ByteFence
DELETED key*: HKEY_USERS\S-1-5-21-1362471941-3298207752-877008659-1001\SOFTWARE\Classes\discord-377212089443549194 [URL:Run game 377212089443549194 protocol] =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-1362471941-3298207752-877008659-1001\SOFTWARE\Classes\discord-424004941485572097 [URL:Run game 424004941485572097 protocol] =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-1362471941-3298207752-877008659-1001\SOFTWARE\Classes\discord-432980957394370572 [URL:Run game 432980957394370572 protocol] =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-1362471941-3298207752-877008659-1001\SOFTWARE\Classes\discord-445956193924546560 [URL:Run game 445956193924546560 protocol] =>.SUP.Discord
DELETED key*: HKEY_USERS\S-1-5-21-1362471941-3298207752-877008659-1001\SOFTWARE\Classes\discord-475006012840083466 [URL:Run game 475006012840083466 protocol] =>.SUP.Discord
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com =>Toolbar.Ask
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\free.gamingwonderland.com =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\gamingwonderland.com =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\gamingwonderland.dl.tb.ask. com =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage[www.y5freegames.com](‘http://www.y5freegames.com’) =>PUP.Optional.ScriptHost
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\y5freegames.com =>PUP.Optional.ScriptHost
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com =>Toolbar.Ask
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage\free.gamingwonderland.com [26] =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage\gamingwonderland.com =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage\gamingwonderland.dl.tb.ask.com [12] =>SUP.Optional.MindSpark
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage[www.y5freegames.com](‘http://www.y5freegames.com’) [24] =>PUP.Optional.ScriptHost
DELETED key*: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion \AppContainer\Storage\microsoft.microsoftedge_8wek yb3d8bbwe\Children\001\Internet Explorer\DOMStorage\y5freegames.com =>PUP.Optional.ScriptHost
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net =>.SUP.AkamaiHD
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdncache-a.akamaihd.net [2069] =>.SUP.AkamaiHD
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Installer\Products\76CE7A1A5 E7AE9C4E81AAEABF75DA170 [SlimCleaner Plus] =>.SUP.SlimCleanerPlus
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Applications\WeatherBugStub. exe =>PUP.Optional.WeatherBug
DELETED key*: [X64] HKLM\SOFTWARE\ByteFence =>SUP.Optional.ByteFence
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\0800CEA69D2D89054A0AA12E10C70F74 [C:\Program Files\SlimCleaner Plus\locales\pl.pak (Not File)] =>.SUP.SlimCleanerPlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\115F541272442CE5E897A5683E850A35 [C:\Program Files\SlimCleaner Plus\locales\es.pak (Not File)] =>.SUP.SlimCleanerPlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\147B3F5099DCE0051A45956BF50C2209 [C:\Program Files\SlimCleaner Plus\locales\nl.pak (Not File)] =>.SUP.SlimCleanerPlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Components\14EA134D31848DC5F92EA9E1D583F73D [C:\Program Files\SlimCleaner Plus\locales\fa.pak (Not File)] =>.SUP.SlimCleanerPlus
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{A1A7EC67-A7E5-4C9E-8EA1-EABA7FD51A07} [Slimware Utilities Holdings, Inc.] =>.SUP.SlimWareUtilities
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier =>Riskware.FlashPlayer
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\Adobe Flash Player Plugin [Adobe Systems Incorporated] =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion[/spoiler]

You already posted that log. I need the malwarebytes log, and the nex fixlog from FRST.

It restart my pc so how should I find it and I’m doing the second thing right now

Download and save this tool to your desktop.
Run the Malwarebytes Support tool.
Click I don’t have an open support ticket.
Go to advanced tab.
Click Gather logs.
Attach the result here.

Ok I will I just fix completed is saved in the same direction rest is located

Post the fix from FRST. The last tool I linked will gather logs from malwarebytes.

What do I need help with in the support tool

there

It will gather fresh FRST logs and the malwarebytes log.

Security Check Scan.
[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post[/li][/ul]

Like witch one [ATTACH type=“full”]9304[/ATTACH]

SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: www.safezone.cc
DateLog: 24.03.2022 22:53:19
Path starting: C:\Users\Home\AppData\Local\Temp\SecurityCheck\Sec urityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: Home
VersionXML: 9.60is-21.03.2022

---

Windows 10(6.3.19044) (x64) Core Release: 2009 Lang: English(0409)
Installation date OS: 09.02.2021 06:13:35
LicenseStatus: Office 16, Office16HomeStudentR_Grace edition Windows is in Notification mode
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
SystemDrive: C: FS: [NTFS] Capacity: [1843.7 Gb] Used: [1229.8 Gb] Free: [613.9 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.789.19041.0
User Account Control enabled (Level 3)
Automatically download and schedule installation
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled and up to date)
Malwarebytes (enabled and up to date)
McAfee VirusScan (enabled)
---------------------------- [ Firewall_WMI ] -----------------------------
McAfee Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
McAfee VirusScan (enabled)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Malwarebytes version 4.5.6.180 v.4.5.6.180
McAfee LiveSafe v.16.0 R44
-------------------------- [ SecurityUtilities ] --------------------------
Internet Security Essentials v.1.2.422025.92
WebAdvisor by McAfee v.4.1.1.685
--------------------------- [ OtherUtilities ] ----------------------------
Steam v.2.10.91.91
Epic Games Launcher v.1.1.135.0
Evernote v. 5.3 v.5.3.0.3360 Warning! Download Update
------------------------------- [ Backup ] --------------------------------
Microsoft OneDrive v.22.033.0213.0002
------------------------------ [ ArchAndFM ] ------------------------------
7-Zip 16.04 (x64) v.16.04 Warning! This software is no longer supported. Uninstall old version, download and install new one.
7-Zip 9.20 (x64 edition) v.9.20.00.0 Warning! Download Update
Uninstall old version and install new one.
-------------------------- [ IMAndCollaborate ] ---------------------------
Zoom v.5.2.2 (45108.0831) Warning! Download Update
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.5.5.45311 Warning! Ad-supported P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 321 (64-bit) v.8.0.3210.7
------------------------------- [ Browser ] -------------------------------
Opera Stable 48.0.2685.50 v.48.0.2685.50 Warning! Download Update
Brave v.99.1.36.119
Google Chrome v.99.0.4844.82
Microsoft Edge v.99.0.1150.46
------------------ [ AntivirusFirewallProcessServices ] -------------------
isesrv (isesrv) - The service has stopped
COMODO LPS Launcher (CLPSLauncher) - The service has stopped
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1286
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1043
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe v.22.2.0.148
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe v.22.2.0.543
McAfee Firewall Core Service (mfefire) - The service has stopped
McAfee AP Service (McAPExe) - The service is running
C:\Program Files\Common Files\McAfee\VSCore_22_2\mcapexe.exe v.10.14.131.0
C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe v.9.18.109.0
McAfee CSP Service (mccspsvc) - The service is running
C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe v.5.1.104.0
McAfee Service Controller (mfemms) - The service is running
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe v.22.2.0.148
McAfee Module Core Service (ModuleCoreService) - The service is running
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe v.3.15.110.0
Microsoft Defender Antivirus Service (WinDefend) - The service has stopped
Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Bonjour v.3.0.0.10 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------

For now. I’d suggest that you power down your machine, then re seat the hardware, make sure and unplug the computer before doing so.

[MEDIA=youtube]DLxNPBQBfT8[/MEDIA]

Then run DDU and clean install your graphics driver after.

Grab a fresh driver from here.