What Does This Mean

ghill1962 · Apr 10, 2025

Had some funny bluescreen business like windows wanted to download, something but no download was dues. Couldn't get out unless I removed the battery and disconnected power. Ran Malwarebytes - no issues. Ran FRST64. Cannot interpret results. Can anybody tell me what this means? Thanks a lot.

Oh My! · Apr 10, 2025

Greetings and welcome to the Major Geeks Malware Forum.

Please allow me some time to review what you have posted.

Oh My! · Apr 10, 2025

Greetings.

This is not malware related but let's see what we can do.

Did the computer only freeze/Blue Screen the one time?

I do not recommend 3rd party driver updaters but would encourage you to allow the computer manufacturer and Windows Update to handle that for you. I would like to remove Driver Booster. If you would still like the program we can reinstall it after we are finished.

===================================================

Uninstalling Programs Using Revo Uninstaller Free Portable

--------------------

Launch Revo Uninstaller

From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)
Code:
Driver Booster 12
If the program's uninstaller appears work through the steps to remove the program(s)

Be sure the Advanced option is selected then click Scan

For each window that may appear identifying leftover items click Select All, Delete, then confirm the deletion

Once done click Finish

Reboot your computer

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
CreateRestorePoint:
CloseProcesses:
cmd: type "C:\windows\system32\default_error_stack-000000-000000.txt"
C:\Users\tom\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\*.*
Task: {466B47E4-9574-45BA-988E-8E027BF1F348} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe  -autostart (No File) 
Task: {5E5B545A-4B87-491B-B1C0-37B1C83EF4A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe  --automatic (No File) 
Task: {589312FD-4C4C-48F5-9E71-3247CFA2695C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-717756208-3013412632-3574847575-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (No File) <==== ATTENTION 
Task: {5C80332C-4E87-42EB-A576-D41AB1F5B1FD} - System32\Tasks\Opera scheduled Autoupdate 1654912102 => C:\Users\tom\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (No File) 
Task: {DC0F4377-E6DB-4DB5-8F9D-D1BB4A5404BC} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe  (No File) 
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File 
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File 
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File 
S1 hwinterface; C:\windows\System32\Drivers\hwinterface.sys [0 2022-06-12] () <==== ATTENTION [zero byte File/Folder] 
FCheck: C:\windows\system32\Drivers\hwinterface.sys [2022-06-12] <==== ATTENTION (zero byte File/Folder) 
AlternateDataStreams: C:\Users\tom\Desktop\ScalextricTrackDesigner112.exe:MBAM.Zone.Identifier [211] 
AlternateDataStreams: C:\Users\tom\Desktop\SetupProd_OffScrub.exe:MBAM.Zone.Identifier [153] 
AlternateDataStreams: C:\Users\tom\Downloads\avira_en_pasm0_3439781953_vm3qw8l0mpuipdbftq01_wd.exe:MBAM.Zone.Identifier [155] 
AlternateDataStreams: C:\Users\tom\Downloads\avira_en_sptl1_a4f66694af6bd995__phpws-spotlight-release.exe:MBAM.Zone.Identifier [198] 
AlternateDataStreams: C:\Users\tom\Downloads\OperaSetup (2).exe:MBAM.Zone.Identifier [389] 
Task: {7181C98F-4581-445D-AF87-72884F074661} - System32\Tasks\Open URL by RoboForm => C:\Windows\System32\rundll32.exe [89600 2024-07-10] (Microsoft Windows -> Microsoft Corporation) -> C:\windows\system32\url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?os_name=Windows&os_version=10&app_name=RF-Windows&app_version=9.5.4.4&lang=en"
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Farbar Recovery Scan Tool SearchAll

--------------------

Launch FRST

Type the following in the Search: box
Code:
SearchAll: "task.bat"
Click Search Files button

When completed click OK and a Search.txt document will open on your desktop

Attach the report to your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Only one BSOD?

Driver Booster uninstalled?

Fixlog

Attached Search.txt file

ghill1962 · Apr 10, 2025

Deleted Driver Booster. There was only the one BSOD. Not sure what you mean so added all these files.

ghill1962 · Apr 10, 2025

I see no Fixlist

Oh My! · Apr 10, 2025

If you completed the Farbar Recovery Scan Tool Fix step there should be a Fixlog.txt file on your Desktop.

ghill1962 · Apr 10, 2025

I do not see it anyplace.
also when I click fix on the program it tells me the file will be where the program resides -which is the desktop. Maybe download a new Frst and try again?

ghill1962 · Apr 10, 2025

Installed new FRST64, got the same result. Is MBAM or defender interfering?

Oh My! · Apr 10, 2025

Download the attached Fixlist.txt and save it on the Desktop. Right click on FRST64.exe and select Run as administrator. Click Fix and it should run properly.

ghill1962 · Apr 11, 2025

That worked!

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by tom (11-04-2025 08:22:59) Run:1
Running from C:\Users\tom\Desktop
Loaded Profiles: tom
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
cmd: type "C:\windows\system32\default_error_stack-000000-000000.txt"
C:\Users\tom\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\*.*
Task: {466B47E4-9574-45BA-988E-8E027BF1F348} - System32\Tasks\DolbySelectorTask => %ProgramFiles%\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {5E5B545A-4B87-491B-B1C0-37B1C83EF4A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {589312FD-4C4C-48F5-9E71-3247CFA2695C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-717756208-3013412632-3574847575-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File) <==== ATTENTION
Task: {5C80332C-4E87-42EB-A576-D41AB1F5B1FD} - System32\Tasks\Opera scheduled Autoupdate 1654912102 => C:\Users\tom\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {DC0F4377-E6DB-4DB5-8F9D-D1BB4A5404BC} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (No File)
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
S1 hwinterface; C:\windows\System32\Drivers\hwinterface.sys [0 2022-06-12] () <==== ATTENTION [zero byte File/Folder]
FCheck: C:\windows\system32\Drivers\hwinterface.sys [2022-06-12] <==== ATTENTION (zero byte File/Folder)
AlternateDataStreams: C:\Users\tom\Desktop\ScalextricTrackDesigner112.exe:MBAM.Zone.Identifier [211]
AlternateDataStreams: C:\Users\tom\Desktop\SetupProd_OffScrub.exe:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\tom\Downloads\avira_en_pasm0_3439781953_vm3qw8l0mpuipdbftq01_wd.exe:MBAM.Zone.Identifier [155]
AlternateDataStreams: C:\Users\tom\Downloads\avira_en_sptl1_a4f66694af6bd995__phpws-spotlight-release.exe:MBAM.Zone.Identifier [198]
AlternateDataStreams: C:\Users\tom\Downloads\OperaSetup (2).exe:MBAM.Zone.Identifier [389]
Task: {7181C98F-4581-445D-AF87-72884F074661} - System32\Tasks\Open URL by RoboForm => C:\Windows\System32\rundll32.exe [89600 2024-07-10] (Microsoft Windows -> Microsoft Corporation) -> C:\windows\system32\url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?os_name=Windows&os_version=10&app_name=RF-Windows&app_version=9.5.4.4&lang=en"
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
*****************

Restore point was successfully created.
Processes closed successfully.

========= type "C:\windows\system32\default_error_stack-000000-000000.txt" =========

---------------------------------------
[ *** Error Stack Dump BEGIN *** ]
---------------------------------------
...Stack Protected Flag:...............[1].
...Stack Expandable Flag:..............[1].
...Stack Size Limited Flag:............[1].
...Stack Size Limit Size:..............[256].
...Stack Internal Error Flag:..........[0].
...Stack Max Entries:..................[16].
...Stack Entries Count:................[1].
...Stack Entries Address:..............[00000245FE271590].
---------------------------------------
......ERROR ENTRY: [0]
---------------------------------------
.........Reported Inline:..............[0].
.........Out Of Cycle Flag:............[1].
.........Thread ID:....................[9240].
.........Last System Error Code:.......[0x57].
.........Error Path:...................[APPLICATION PATH].
.........Error Severity:...............[UN-RECOVERABLE].
.........Untranslated Error Code:......[695].
.........Error Code:...................[695: Unable To Open A Registry Key.].
.........Error Sample:.................[0].
.........Error Elapsed Time (in ms):...[0].
.........Error Time:...................[Mon Apr 7 08:10:59 2025].
.........Error File:...................[(...)\driver.c].
.........Error Line:...................[21407].
---------------------------------------
[ *** Error Stack Dump END *** ]
---------------------------------------

========= End of CMD: =========

=========== "C:\Users\tom\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\*.*" ==========

not found

========= End -> "C:\Users\tom\AppData\Local\Opera Software\Opera Stable\Default\Cache\Cache_Data\*.*" ========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{466B47E4-9574-45BA-988E-8E027BF1F348}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466B47E4-9574-45BA-988E-8E027BF1F348}" => removed successfully
C:\windows\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E5B545A-4B87-491B-B1C0-37B1C83EF4A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E5B545A-4B87-491B-B1C0-37B1C83EF4A7}" => removed successfully
C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{589312FD-4C4C-48F5-9E71-3247CFA2695C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{589312FD-4C4C-48F5-9E71-3247CFA2695C}" => removed successfully
C:\windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-717756208-3013412632-3574847575-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-717756208-3013412632-3574847575-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C80332C-4E87-42EB-A576-D41AB1F5B1FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C80332C-4E87-42EB-A576-D41AB1F5B1FD}" => removed successfully
C:\windows\System32\Tasks\Opera scheduled Autoupdate 1654912102 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1654912102" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC0F4377-E6DB-4DB5-8F9D-D1BB4A5404BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC0F4377-E6DB-4DB5-8F9D-D1BB4A5404BC}" => removed successfully
C:\windows\System32\Tasks\Run RoboForm TaskBar Icon => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Run RoboForm TaskBar Icon" => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{ee10d625-cc60-30a4-b3df-4b349785be6b} => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ContextMenu => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\System\CurrentControlSet\Services\hwinterface => removed successfully
hwinterface => service removed successfully
C:\windows\system32\Drivers\hwinterface.sys => moved successfully
C:\Users\tom\Desktop\ScalextricTrackDesigner112.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\tom\Desktop\SetupProd_OffScrub.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\tom\Downloads\avira_en_pasm0_3439781953_vm3qw8l0mpuipdbftq01_wd.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\tom\Downloads\avira_en_sptl1_a4f66694af6bd995__phpws-spotlight-release.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\Users\tom\Downloads\OperaSetup (2).exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7181C98F-4581-445D-AF87-72884F074661}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7181C98F-4581-445D-AF87-72884F074661}" => removed successfully
C:\windows\System32\Tasks\Open URL by RoboForm => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Open URL by RoboForm" => removed successfully

========= sfc /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

========= End of CMD: =========

========= DISM /Online /Cleanup-Image /CheckHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.19041.3636

Image Version: 10.0.19045.5737

No component store corruption detected.
The operation completed successfully.

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 08:40:34 ====

Oh My! · Apr 11, 2025

Nice work.

Were you able to complete the below from the previous instructions?

===================================================

Farbar Recovery Scan Tool SearchAll

--------------------

Launch FRST

Type the following in the Search: box
Code:
SearchAll: "task.bat"
Click Search Files button

When completed click OK and a Search.txt document will open on your desktop

Attach the report to your reply

ghill1962 · Apr 11, 2025

here it is

Oh My! · Apr 11, 2025

Perfect, thank you.

The isolated instance of a computer freeze is not malware related. Since it only occurred once it can be considered as just a hiccup in the system.

The Fixlist identified and repaired system files. This is quite normal and may or may not have been related to the freeze. I suspect it was not.

Some of the information in the Fixlog (Error Stack Dump) indicates the freeze may have been related to a program and interaction with the Registry. Although I am satisfied at this point there is nothing more that is necessary to do, we could dig a little deeper to try to identifiy the possible cause. This would basically be for curiosity sake rather than anything to follow up upon. If you are satisified things are well we can finish up. If you are curious, please complete the below.

===================================================

FullEventLogView by Nirsoft - Advanced Options Specific Search

--------------------

Download FullEventLogView by Nirsoft and save it to your Desktop

Right click on the folder, select Extract All... and extract the folder onto your Desktop

Open the fulleventlogview-x64 folder, right click on FullEventLogView (Application), then select Run as administrator

When completed you will see the number of items detected in the lower left hand corner of the window

Click Edit, then Select All

Click File, then Save Selected Items

Save the file as NirsoftEV.txt

Please zip and attach the file to your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Attached zip file, if applicable

ghill1962 · Apr 11, 2025

OK. My main concern was malware. I guess we can stop now. Thank you for your help and especially for your patience.

Oh My! · Apr 11, 2025

It has been my pleasure. You did well, this is complicated stuff.

I don't expect the freezing to continue but if it does just come back and let me know. We will continue on....

Here is our final step and some additional information to consider.

===================================================

KpRm by Kernel-panik

--------------

Download KpRm and save it to your Desktop (see here if you must use Chrome)

Note: If the file is detected as malware it is not and it is safe to download. The detection is a false positive.

Right click on the icon and select Run as administrator

Click Yes on the Disclaimer

Place a check mark in Delete Tools, Create Restore Point, and Delete in 7 days

Click Run

Click OK on All operations are completed

KpRm will delete itself from you Desktop and you can either save or remove the report that is generated

You are free to remove any other tools/reports still remaining

===================================================

All Clean!

--------------

Your computer is now clean. Please consider this going forward.

===================================================

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean.

Have you Been Hacked? 10 Indicators That Say Yes

So How did I get infected?

How to Spot the Real Download Button on Websites

Pirated Software is All Fun and Games Until Your Data is Stolen

Do You Need Anti-Ransomware Software for Your PC?

How Browser Extensions Turn Into Malware

Why You Should Update All Your Software

How Safe Are Password Managers?

Whats the Best Way to Back Up My Computer?

Why Is My Internet So Slow?

Thank you for placing your trust in Major Geeks. It was a pleasure serving you.

ghill1962 · Apr 11, 2025

OK, will do. Again, thank you.

Log in or Sign up

What Does This Mean

ghill1962 Private E-2

Attached Files:

Addition_09-04-2025 22.11.26.txt

FRST_09-04-2025 22.08.40.txt

Oh My! Malware Expert Staff Member

Oh My! Malware Expert Staff Member

ghill1962 Private E-2

Attached Files:

FRST.txt

Addition_10-04-2025 10.03.26.txt

FRST_10-04-2025 10.01.21.txt

Addition.txt

ghill1962 Private E-2

Oh My! Malware Expert Staff Member

ghill1962 Private E-2

ghill1962 Private E-2

Oh My! Malware Expert Staff Member

Attached Files:

Fixlist.txt

ghill1962 Private E-2

Attached Files:

Fixlog.txt

Oh My! Malware Expert Staff Member

ghill1962 Private E-2

Attached Files:

Search.txt

Oh My! Malware Expert Staff Member

ghill1962 Private E-2

Oh My! Malware Expert Staff Member

ghill1962 Private E-2

Members

Useful Searches