PC check-up

**McFastFood** · 03-05-2024, 08:27 PM

i’ve missed the other file

**Malnutrition** · 03-06-2024, 01:39 AM

Copy the content of the code box below.
[COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 GPUZ-v2; C:\Users\Gebruiker\AppData\Local\Temp\GPUZ-v2.sys [52008 2024-01-23] (TechPowerUp LLC -> ) <==== ATTENTION
S3 HWiNFO_190; C:\Users\Gebruiker\AppData\Local\Temp\HWiNFO64A_190.SYS [57936 2024-02-13] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
S3 ALSysIO; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X] <==== ATTENTION
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION
S3 HWiNFO_155; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_155.SYS [X] <==== ATTENTION
S3 HWiNFO_171; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_171.SYS [X] <==== ATTENTION
S3 HWiNFO_180; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ATTENTION
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\Run: [GalaxyClient] => [X]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\Run: [com.blitz.app] => "C:\Users\Gebruiker\AppData\Local\Programs\Blitz\Blitz.exe" --autostart (No File)
Task: {363C8AB0-6CE9-4DDB-A7A4-853255FD0377} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {15D13AF0-A687-44DE-AF0D-AE310635CBD1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe  repair (No File)
Task: {E53144D4-168B-4314-8984-D2D9AF0A639B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe  (No File)
Task: {082A24AB-D43A-42CA-9674-4D6E60C8B020} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1495849277-2272426113-3910581012-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
C:\Program Files\Bitdefender Agent
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::

Re-run FRST this time post both new FRST and Addition.txt logs along with ZHP logs please. Attach all three in your next post.

Download ZHP Suite to your desktop.
Unzip it there.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.[/COLOR]

**McFastFood** · 03-06-2024, 07:29 PM

Originally posted by Malnutrition

Copy the content of the code box below.
[COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 GPUZ-v2; C:\Users\Gebruiker\AppData\Local\Temp\GPUZ-v2.sys [52008 2024-01-23] (TechPowerUp LLC -> ) <==== ATTENTION
S3 HWiNFO_190; C:\Users\Gebruiker\AppData\Local\Temp\HWiNFO64A_190.SYS [57936 2024-02-13] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
S3 ALSysIO; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X] <==== ATTENTION
S3 cpuz158; \??\C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION
S3 HWiNFO_155; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_155.SYS [X] <==== ATTENTION
S3 HWiNFO_171; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_171.SYS [X] <==== ATTENTION
S3 HWiNFO_180; \??\C:\Users\GEBRUI~1\AppData\Local\Temp\HWiNFO64A_180.SYS [X] <==== ATTENTION
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\Run: [GalaxyClient] => [X]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S3 SIUSBXP; \??\C:\Windows\system32\drivers\SiUSBXp.sys [X]
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\Run: [com.blitz.app] => "C:\Users\Gebruiker\AppData\Local\Programs\Blitz\Blitz.exe" --autostart (No File)
Task: {363C8AB0-6CE9-4DDB-A7A4-853255FD0377} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe  (No File)
Task: {15D13AF0-A687-44DE-AF0D-AE310635CBD1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe  repair (No File)
Task: {E53144D4-168B-4314-8984-D2D9AF0A639B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe  (No File)
Task: {082A24AB-D43A-42CA-9674-4D6E60C8B020} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1495849277-2272426113-3910581012-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (No File)
C:\Program Files\Bitdefender Agent
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::

Re-run FRST this time post both new FRST and Addition.txt logs along with ZHP logs please. Attach all three in your next post.

Download ZHP Suite to your desktop.
Unzip it there.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.
[/COLOR]

[COLOR=rgb(184, 49, 47)]
Thanks for the quick reaction and suggested options!

See attached files, i’m reading the logs also very good because i’m very interested in it [/color]

**Malnutrition** · 03-06-2024, 07:37 PM

I need the addition.txt log please.

**McFastFood** · 03-06-2024, 08:17 PM

Originally posted by Malnutrition

I need the addition.txt log please.

I did uploaded them, now again.

**Malnutrition** · 03-06-2024, 09:57 PM

Yes… three of the 4 requested logs. When you run Frst, it produces two logs. Frst.txt and addition.txt. You missed the addition.txt log. ???

**Malnutrition** · 03-07-2024, 02:35 AM

ZHP cleaner Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.

Security Check Scan.

[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\MountPoints2: {e01f6c11-24d5-11ea-a9aa-1c1b0d0b43df} - "E:\LaunchU3.exe" -a
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
2021-05-19 07:52 - 2023-12-05 21:03 - 000000032 _____ () C:\Users\Gebruiker\AppData\Roaming\.machineId
2022-09-09 16:01 - 2024-02-08 21:50 - 000000128 _____ () C:\Users\Gebruiker\AppData\Local\PUTTY.RND
2023-10-20 19:09 - 2023-10-20 19:09 - 000000017 _____ () C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg
deleteKey: HKCU\SOFTWARE\AvastAdSDK
deleteKey: HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\SOFTWARE\AvastAdSDK
C:\ProgramData\Bitdefender
C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
emptytemp:
Reboot:
End::

Cut your scheduled task. Task Scheduler Viewer for Windows 11 / 10 / 7 / 8 / Vista
Cut your start up. WhatInStartup - Disable/delete programs at Windows startup

**McFastFood** · 03-07-2024, 08:03 PM

Originally posted by Malnutrition

ZHP cleaner Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.

Security Check Scan.

[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please Copy and paste that log here in your next post[/li][/ul]

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code:

Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\...\MountPoints2: {e01f6c11-24d5-11ea-a9aa-1c1b0d0b43df} - "E:\LaunchU3.exe" -a
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2024-03-06] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
2021-05-19 07:52 - 2023-12-05 21:03 - 000000032 _____ () C:\Users\Gebruiker\AppData\Roaming\.machineId
2022-09-09 16:01 - 2024-02-08 21:50 - 000000128 _____ () C:\Users\Gebruiker\AppData\Local\PUTTY.RND
2023-10-20 19:09 - 2023-10-20 19:09 - 000000017 _____ () C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg
deleteKey: HKCU\SOFTWARE\AvastAdSDK
deleteKey: HKU\S-1-5-21-1495849277-2272426113-3910581012-1001\SOFTWARE\AvastAdSDK
C:\ProgramData\Bitdefender
C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
emptytemp:
Reboot:
End::

Cut your scheduled task. Task Scheduler Viewer for Windows 11 / 10 / 7 / 8 / Vista
Cut your start up. WhatInStartup - Disable/delete programs at Windows startup

I uploaded all logs, but didnt see addition, but hey
Thanks again for the quick reaction. I didn’t know the ZHPcleaner, will remember it.
See attached logs.

**Malnutrition** · 03-08-2024, 11:27 AM

I’ll check these after work today

**Malnutrition** · 03-09-2024, 10:25 PM

How is the machine running?

SecurityCheck by glax24 & Severnyj v.1.4.0.57 [24.01.24]
WebSite: www.safezone.cc
DateLog: 07.03.2024 20:54:31
Path starting: C:\Users\Gebruiker\AppData\Local\Temp\SecurityChec k\SecurityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: Gebruiker
VersionXML: 10.98is-02.03.2024

Windows 10(6.3.19045) (x64) Core Release: 2009 Lang: Dutch(0413)
Installation date OS: 19.10.2022 20:44:39
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [232.3 Gb] Used: [199.8 Gb] Free: [32.5 Gb]
------------------------------- [ Windows ] -------------------------------
User Account Control enabled (Level 3)
Automatically download and schedule installation
Security Center (wscsvc) - The service has stopped
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x86 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50918.0 Warning! This software is no longer supported.
NVIDIA GeForce Experience 3.27.0.120 v.3.27.0.120
PuTTY release 0.79 (64-bit) v.0.79.0.0 Warning! Download Update
Steam v.2.10.91.91
TeamViewer v.15.41.9 Warning! Download Update
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 v.14.38.33130.0 Warning! Download Update
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 v.14.38.33130.0 Warning! Download Update
Epic Games Launcher v.1.3.93.0
------------------------------- [ Backup ] --------------------------------
Dropbox v.194.4.6267
------------------------------ [ ArchAndFM ] ------------------------------
WinRAR 6.24 (64-bit) v.6.24.0 Warning! Download Update
-------------------------- [ IMAndCollaborate ] ---------------------------
Microsoft Teams classic v.1.6.00.29964 Warning! Download Update
-------------------------------- [ Media ] --------------------------------
VLC media player v.3.0.20
HandBrake 1.7.0 v.1.7.0 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat (64-bit) v.23.008.20555
Adobe AIR v.32.0.0.125 Warning! This software is no longer supported. Please uninstall it.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.122.0.6261.112
Microsoft Edge v.122.0.2365.66
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe v.4.18.24020.7
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe v.4.18.24020.7
Microsoft Defender Antivirus Service (WinDefend) - The service is running
Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
CCleaner v.6.21 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
----------------------------- [ End of Log ]

**Malnutrition** · 03-11-2024, 11:32 PM

@McFastFood How about an update?

**McFastFood** · 03-12-2024, 08:07 PM

Originally posted by Malnutrition

@McFastFood How about an update?

My apologies for the late reply, have been very busy and couldn’t use the pc. The pc is working a lot better, i havent any crashes/glitches anymore when i used the pc but, i didn’t use the pc very often and for a very long time. But i suppose it’s better , so many thanks for the help! The only thing i experience after the fixed is that my taskbar dont show up or takes very long time before all icons have been loaded. Any suggestions?

**Malnutrition** · 03-16-2024, 02:25 PM

Clearing the prefetch will cause things to load a bit slower.

Download KpRM
Save to Desktop
Check Delete Tools’
Check Delete Restore points.
Create Restore point.
Click delete quarantines.
Then click run.

I suggest:
Ublock Origin
O&O Shutup Ten
O&O App Buster

**Bruce** · 03-19-2024, 09:27 PM

@McFastFood - you logged in but didn’t update - any news?

PC check-up

PC check-up

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment