Trojan On Computer 1

Hello. The long sob story regarding Computer 1 is included in the beginning of my thread about Computer 2.

The short story: a couple of days ago a Windows Defender full scan found a trojan on this computer. I since cleared the cookies and cache and recycle bin (I didn't really understand, but I thought the trojan was found in my firefox cache on Computer 1, I have a screenshot of what Windows found if it would be helpful), then I ran windows Smart Scan, Offline scan, another full scan, and found nothing. Ran Malwarebytes free, Spybot, Spybot rootkit, Avast smart scan, Avast full scan, and all found nothing.

I'm worried that there's more I should do, or something I didn't find since today a trojan appeared on Computer 2.

Here are FRST logs for Computer 1. As soon as FRST finished scanning, Avast put it in quarantine. A bit of a delayed reaction, I'd say.

Thanks!

 

I forgot to mention that a Windows security update in February failed to install on this computer. I troubleshooted, and tried different things to make it work (this is not the first time I encountered this problem with Windows 11, so I figured I had it under control). Before I was able to fix it, in early March windows suggested I install a repair version, so I did that and it seemed to fix the problem. But I think it was less than a week later when this trojan was found, so I don't know if the two things are related or not.

 

Here are updated FRST and Addition logs.

My friend uses this computer more than I do, and she says she's noticed a few weird things over the past few days (she doesn't know specifically when she started noticing it) that this computer did not used to do.

She says images take a long time to load, like if she goes to a shopping site, the page starts out blank, then eventually everything fills in. Her game manager does the same thing. She has also noticed that sometimes her start button is randomly framed in white, but then the white frame disappears.

She likes to keep the Windows Security shield on her task bar so she can see quickly that it has a green check and know everything is fine, but sometimes it randomly disappears from the task bar and won't come back until the computer is restarted a couple of times.

When I started using this computer after it caught the trojan horse to help her run scans and reinstall Avast, part of what I did was check her microphone, camera, and location to make sure they were all turned off. Minutes after I did this, I gave the computer back to her, and she says "What's this airplane thing?" I said it's your location, but I just turned it off. We checked it, and for some reason her location had turned itself back on.

Not sure if any of this is fixable or related to the trojan, but just because you're paranoid doesn't mean they aren't out to get you.

Since I started working with you on Computer 2, I haven't done anything else to this one, so everything above is still all I've done.

While I was typing, she told me to ask you if the Windows Security shield on the task bar would also show a red x if there was a problem with her firewall (like if it were turned off), or if she needs to drag something else down there to see that?

Thanks again for all your help.

 

I guess it's more of a paper airplane, but it definitely was the location settings. I just turned it off, and then when she saw the icon we checked together and it was turned back on. I have a screenshot of where we looked attached.

While Avast disables windows defender, it still shows green checks or red x's on her windows defender shield depending on if Avast is up to date or not.

I wonder why it always says Spybot is out of date, I updated when I was running scans the weekend before last.

Spybot is uninstalled,
Flash Player is uninstalled (you probably tire of having me uninstall it, I think it automatically reinstalls with some of the games we download),
and the getservices file is attached.

I'll run the fix later tonight.

Happy St. Patrick's Day!

 

The fix log is attached. Thanks!

 

Hah! The tab key framing the icons is what we're seeing. I feel a little dumb now. She swears it frames all on it's own, and then disappears all on its own, without her clicking anything or hitting tab. Do you know why it might do this?

The Windows Defender icon monitors the firewall as well then, and would show a red X if there were an issue with it too, right?

When the shield disappears, it hasn't gone to the tray for hidden icons, it's just gone. I tried fixing this the first time by going to the Personalization>Taskbar settings, then "Other system tray icons", figuring I would just turn the Windows Security Notification Icon back on, but it was still on. Turning it off and then on again did not help. It didn't reappear until I restarted the computer. This has happened off and on since Windows 11, and the icon usually appears after a restart, but sometimes not until we restart it twice.

All of the "Let apps access your location" are turned off. The day when I made sure it was off and it came back on, all the apps in the list stayed off, it was just the main toggle button at the top which was on (and I am sure it was off just a few minutes before).

I didn't run the fix until she got off her computer late last night, and she says she hasn't done much with it yet to tell if the pictures loading or anything else has improved. I'll let you know what she says after she uses it tonight, maybe we'll give her a couple of days and see.

Do you see anything suggesting the trojan might still be there, or do you think Windows took care of it at first? When something catches malware, I'm never quite sure if that means it's time to breathe a sigh of relief because it was caught, or time to work hard to make sure it's completely gone and fix how it got through in the first place.

I can't believe you provide computer help on more than one website. I don't know how you do it! Sorry to bug you with my little problems. I'm learning slowly but surely, but I still have trouble telling when whatever's going on is something to worry about.

I really appreciate what you do!

 

Thanks for the advice. Why do you prefer ESET scanner?

The location recent activity says 0 in the past 7 days, but I think this happened over 7 days ago. Maybe we cleared some info when we got rid of all the cache and temporary files, too? Anyway, I'll know to check there if it happens again.

Right now the Windows Defender icon is already on the task bar. Should I wait to try the Rebuilding Icon Cache until it disappears again?

 

After using this computer for a few days, she says the images are loading much better except in her Big Fish Game Manager and the Windows Start menu and Windows Settings, they still start out all white and take a long time to load.

Of course her Windows security icon has not disappeared again, so I still have not been able to try the rebuilding icon cache yet.

A couple of days ago, she said an error message popped up that she had never seen before. I can't remember any of what she said it said other than something like "Debug" and then "Apollo", but it said more than that. She said it did not look like a normal windows error message, it was all white with a white OK button and red letters instead of black. It had a red x and a red bar across the top, but it disappeared before we could figure out what it was. Do you have any idea?

 

Here's a bizarre update to my update:

I wrote the above response on Computer 1, everything was fine, I posted, closed Firefox, and went on with life. Just now, my friend got on Computer 1 and tried to open Firefox, but she got the notification that it had crashed. I was the last one on there, and it hadn't crashed. Then the window opened, and it automatically reloaded Major Geeks, and my above post was not there. I thought, oh great, now I'll have to rewrite it; came over to Computer 2 to do so, and here is my post. Strange.

Do you see both of the two posts I posted today?

 

The logs are attached. Our main concern is if all of this strange stuff happening with this computer could be malicious, or if it is just glitches. It seems like it started doing a lot of weird things all at once, something new seems to happen everyday. I often don't see what she says is going on, and we don't know how to describe it, so I haven't included everything.

Thanks for taking a look.

 

The router is an Arris BGW210. Here is the fix log:


Fix result of Farbar Recovery Scan Tool (x64) Version: 25-03-2026
Ran by Hellhound Hunter (26-03-2026 12:50:51) Run:4
Running from C:\Users\Hellhound Hunter\Desktop
Loaded Profiles: Hellhound Hunter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
Folder: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache
2026-03-02 07:14 - 2026-03-02 07:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
HKLM\...\StartupApproved\Run32: => "SDTray"
2025-10-27 19:57 - 2025-10-27 19:57 - 000000000 _____ () C:\Users\Hellhound Hunter\AppData\Roaming\log.txt
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:0CC87BCF [242]
AlternateDataStreams: C:\ProgramData\TEMP:0E61938B [272]
AlternateDataStreams: C:\ProgramData\TEMP:156EA786 [266]
AlternateDataStreams: C:\ProgramData\TEMP:195E8317 [296]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [270]
AlternateDataStreams: C:\ProgramData\TEMP:2EDB83ED [288]
AlternateDataStreams: C:\ProgramData\TEMP:481B6848 [278]
AlternateDataStreams: C:\ProgramData\TEMP:4DFF1E02 [238]
AlternateDataStreams: C:\ProgramData\TEMP:550991CD [280]
AlternateDataStreams: C:\ProgramData\TEMP:57E54B1F [130]
AlternateDataStreams: C:\ProgramData\TEMP:61BE8163 [278]
AlternateDataStreams: C:\ProgramData\TEMP:717F51DE [460]
AlternateDataStreams: C:\ProgramData\TEMP:7BD99608 [290]
AlternateDataStreams: C:\ProgramData\TEMP:9D568B87 [260]
AlternateDataStreams: C:\ProgramData\TEMP:A0E43F10 [294]
AlternateDataStreams: C:\ProgramData\TEMP73BDA53 [290]
AlternateDataStreams: C:\ProgramData\TEMPCACED86 [260]
AlternateDataStreams: C:\ProgramData\TEMP:F4039384 [468]
AlternateDataStreams: C:\ProgramData\TEMP:F9411724 [272]
AlternateDataStreams: C:\ProgramData\TEMP:FF914CC6 [296]
2026-03-17 17:35 - 2026-03-17 17:35 - 000000000 _____ C:\Users\Hellhound Hunter\Desktop\uninstall_flash_player.exe
2026-03-17 17:34 - 2026-03-17 17:35 - 001503928 _____ (Adobe) C:\Users\Hellhound Hunter\Desktop\uninstall_flash_player(1).exe
Unlock: C:\Users\Hellhound Hunter\AppData\LocalLow\3c08412103fa11f5651b148e2beb819a6aab089566b510d1be5ca15334859806
2026-03-17 22:02 - 2026-03-17 22:02 - 000064812 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\7b656f1f03b09b7ff5c7fce3e355262b38761d7c34c046bcb6f6632aa6d10581
2026-03-17 22:02 - 2026-03-17 22:02 - 000000130 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\f690b76eda7ff27fa825c662fbe7bbb6ec55d82d07d93023eb3c28244b178403
2026-03-17 21:46 - 2026-03-23 13:20 - 000019883 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\86cda845fb34fc8d76e06b3c2457ab8b8652e36ebdfd4e83d1179764c3415a32
2026-03-17 21:44 - 2026-03-24 22:20 - 000307298 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\a3a555296d48ace65d74fd798cea2d23f658cce24c04ef0d483bd5838eb0b770
2026-03-17 21:44 - 2026-03-24 14:04 - 000000130 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\46fc982a3fc746c21684f8a82fac28362f17e278971a077b5645b9210ef4adb7
2026-03-17 21:36 - 2026-03-24 12:57 - 000011216 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\3c08412103fa11f5651b148e2beb819a6aab089566b510d1be5ca15334859806
2026-03-18 03:54 - 2025-12-23 22:08 - 000146573 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\a6854f1fe51efe3ba81976ebfb4fad233a73d79e5a802f7e3f1408cf13f2c387
2026-03-18 03:54 - 2025-12-23 22:08 - 000000130 _____ C:\Users\Hellhound Hunter\AppData\LocalLow\b1e4146669058f9e8f258fc1df98ab6b4bb268b3b342fea69124af950e032194
2026-03-17 17:29 - 2025-12-24 14:36 - 000000085 _____ C:\WINDOWS\wininit.ini
CMD: bitsadmin /reset /allusers
End::
*****************

Restore point was successfully created.
Processes closed successfully.

========================= Folder: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache ========================

2026-03-02 06:47 - 2026-03-26 12:48 - 016777216 ____A [44DBD584E875F5CA86BE26F4E1D8D38B] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-FontFace.dat
2026-03-02 07:17 - 2026-03-02 07:17 - 008388608 ____A [38C7D07C3A129D182BCBF789306967B8] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-18.dat
2026-03-11 14:06 - 2026-03-11 14:06 - 008388608 ____A [96F083659F61426EC17DEA3C11822043] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\~FontCache-S-1-5-21-127966655-3041496052-59511839-1001.dat
2026-03-02 07:17 - 2026-03-02 07:17 - 000000252 ____A [F2D6AACFE0C84BE89AFA3BB5BAAD066A] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-FontSet-S-1-5-18.dat
2026-03-02 19:10 - 2026-03-02 19:10 - 000000252 ____A [F2D6AACFE0C84BE89AFA3BB5BAAD066A] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-FontSet-S-1-5-19.dat
2026-03-11 14:06 - 2026-03-11 14:06 - 000016440 ____A [01978CB24E2C5F03D817D0B1C6EB22C0] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-FontSet-S-1-5-21-127966655-3041496052-59511839-1001.dat
2026-03-02 06:47 - 2026-03-26 12:47 - 016777216 ____A [003744A9814E67A342DB50BEEB553729] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-Obsolete-718.dat
2026-03-02 19:10 - 2026-03-02 19:10 - 008388608 ____A [D28DD68159AC2B5F1C9D967632C7A1DE] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-S-1-5-19.dat
2026-03-02 06:47 - 2026-03-02 07:06 - 000605316 ____A [17796C7166D0298419C3524095D004A1] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\FontCache-System.dat
2026-03-02 06:47 - 2026-03-23 08:02 - 000000000 ____D [00000000000000000000000000000000] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts
2017-05-16 17:58 - 2017-05-16 17:58 - 000356906 ____A [4E1D5902EB974481B726CF52336B9158] () C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\fontset-2017-04.json

====== End of Folder: ======


"C:\WINDOWS\system32\Tasks\Safer-Networking" Folder move:

C:\WINDOWS\system32\Tasks\Safer-Networking => moved successfully
"AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\SDTray" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SDTray" => not found
C:\Users\Hellhound Hunter\AppData\Roaming\log.txt => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
C:\ProgramData\TEMP => ":0CC87BCF" ADS removed successfully
C:\ProgramData\TEMP => ":0E61938B" ADS removed successfully
C:\ProgramData\TEMP => ":156EA786" ADS removed successfully
C:\ProgramData\TEMP => ":195E8317" ADS removed successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":2EDB83ED" ADS removed successfully
C:\ProgramData\TEMP => ":481B6848" ADS removed successfully
C:\ProgramData\TEMP => ":4DFF1E02" ADS removed successfully
C:\ProgramData\TEMP => ":550991CD" ADS removed successfully
C:\ProgramData\TEMP => ":57E54B1F" ADS removed successfully
C:\ProgramData\TEMP => ":61BE8163" ADS removed successfully
C:\ProgramData\TEMP => ":717F51DE" ADS removed successfully
C:\ProgramData\TEMP => ":7BD99608" ADS removed successfully
C:\ProgramData\TEMP => ":9D568B87" ADS removed successfully
C:\ProgramData\TEMP => ":A0E43F10" ADS removed successfully
C:\ProgramData\TEMP => "73BDA53" ADS removed successfully
C:\ProgramData\TEMP => "CACED86" ADS removed successfully
C:\ProgramData\TEMP => ":F4039384" ADS removed successfully
C:\ProgramData\TEMP => ":F9411724" ADS removed successfully
C:\ProgramData\TEMP => ":FF914CC6" ADS removed successfully
C:\Users\Hellhound Hunter\Desktop\uninstall_flash_player.exe => moved successfully
C:\Users\Hellhound Hunter\Desktop\uninstall_flash_player(1).exe => moved successfully
"C:\Users\Hellhound Hunter\AppData\LocalLow\3c08412103fa11f5651b148e2beb819a6aab089566b510d1be5ca15334859806" => was unlocked
C:\Users\Hellhound Hunter\AppData\LocalLow\7b656f1f03b09b7ff5c7fce3e355262b38761d7c34c046bcb6f6632aa6d10581 => moved successfully
C:\Users\Hellhound Hunter\AppData\LocalLow\f690b76eda7ff27fa825c662fbe7bbb6ec55d82d07d93023eb3c28244b178403 => moved successfully
C:\Users\Hellhound Hunter\AppData\LocalLow\86cda845fb34fc8d76e06b3c2457ab8b8652e36ebdfd4e83d1179764c3415a32 => moved successfully
C:\Users\Hellhound Hunter\AppData\LocalLow\a3a555296d48ace65d74fd798cea2d23f658cce24c04ef0d483bd5838eb0b770 => moved successfully
C:\Users\Hellhound Hunter\AppData\LocalLow\46fc982a3fc746c21684f8a82fac28362f17e278971a077b5645b9210ef4adb7 => moved successfully
Could not move "C:\Users\Hellhound Hunter\AppData\LocalLow\3c08412103fa11f5651b148e2beb819a6aab089566b510d1be5ca15334859806" => Scheduled to move on reboot.
C:\Users\Hellhound Hunter\AppData\LocalLow\a6854f1fe51efe3ba81976ebfb4fad233a73d79e5a802f7e3f1408cf13f2c387 => moved successfully
C:\Users\Hellhound Hunter\AppData\LocalLow\b1e4146669058f9e8f258fc1df98ab6b4bb268b3b342fea69124af950e032194 => moved successfully
C:\WINDOWS\wininit.ini => moved successfully

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.


========= End of CMD: =========


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-03-2026 13:15:50)

C:\Users\Hellhound Hunter\AppData\LocalLow\3c08412103fa11f5651b148e2beb819a6aab089566b510d1be5ca15334859806 => Is moved successfully

==== End of Fixlog 13:15:51 ====

 

I ran the Icon cache rebuild. At the start, the windows security icon was there, and afterwards it was still there. But then I did the fix, and once I checked after that, the windows shield was gone. Currently, the windows shield is gone. There is also no arrow to show the hidden icon tray, so this means her flux icon is also gone, and I'm not sure what else. I will restart after this post and let you know if it comes back.

The fix log follows. It looks to me like it was completed successfully, yet was terminated because it reached the time limit. Let me know if it didn't work.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-03-2026
Ran by Hellhound Hunter (27-03-2026 15:03:28) Run:5
Running from C:\Users\Hellhound Hunter\Desktop
Loaded Profiles: Hellhound Hunter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
cmd: sc stop FontCache
Move: C:\Windows\System32\FNTCACHE.DAT C:\Windows\System32\FNTCACHE.DAT.old
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::
*****************

Restore point was successfully created.
Processes closed successfully.

========= sc stop FontCache =========


SERVICE_NAME: FontCache
TYPE : 30 WIN32
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0


========= End of CMD: =========

"C:\Windows\System32\FNTCACHE.DAT" moved successfully to C:\Windows\System32\FNTCACHE.DAT.old

========= DISM /Online /Cleanup-Image /RestoreHealth =========


Fixing is terminated due to reaching maximum fixing time of 60 minutes. <==== ATTENTION

 

After a restart all the taskbar icons came back and look normal. This is what it has been doing, I don't know why.
Thanks for your help.

 

Hello. It did successfully complete, and her windows security icon and everything else did not disappear this time. She told me this morning that her images were all having trouble loading again, should this DISM cleanup have helped?

 

So far I think this is her only remaining complaint. The windows security shield is still on the taskbar, but sometimes days go between times it disappears. Nothing super strange has happened in the last couple days. Maybe we can work on the images, and I'll let you know if anything else happens in the meantime?

 

Hello, sorry I haven't gotten to this yet, I've been really busy the last couple of days.
What affect will this have on her computer? Whether it helps or doesn't help, I wonder if changing the resolution would bother her (she has problems with her eyes). I'd like to try it and see, but if she wants me to change it back, would that be hard to do?

 

Thanks for explaining so well. I just followed the steps, we'll let her use it tonight and tomorrow and I'll update you on how its doing tomorrow evening.

 

Sorry I'm late to respond. We're not really sure if bypassing the video drivers helped or not. She said that at the beginning of this, all of her images would start out white and then slowly pixelate in. Now she says they just take a long time to load, but she says this change happened before I bypassed the video drivers. Often her Big Fish Game Manager is the slowest to load, we don't know if that is a problem with her computer or Big Fish. Images on the internet are still slow to load as well. She thought they might have been a little faster, but it is difficult to tell.

Yesterday and the day before, after I bypassed the video, there were two occasions where nothing would work on her computer, she couldn't click anything or open any windows, and she had to restart.

I changed the settings so that it would stop bypassing the video driver last night.

A few minutes ago, before I wrote you I went to check the weather on her computer. I went to the site, tried to scroll down, and the top window bar as well as the top website banner multiplied all down and filled her whole computer screen, covering even the task bar at the bottom. The minimize and maximize buttons were still on the right (though tons of them all down the side of the screen) but the x had moved to the left of the screen. The whole screen was flashing. I couldn't get the window to close, so I hit escape. Her desktop looked normal, but was also flashing. I restarted and now it looks fine.

 

We do only use Firefox, but the other day her whole desktop was flashing, and the Big Fish game manager doesn't use Firefox to run.

I tried Edge and went to some of the websites that take the longest to load, and was amazed at how fast it was. I closed it, and immediately went to the same places using Firefox, but was still amazed at how much faster the images loaded. I had my friend go to the websites she had issues with normally (using Firefox) and she agreed that it's all working much better today.

So I'm not sure what to say about Firefox vs Edge, I guess her computer is having a good day today. I guess it's very difficult to diagnose intermittent problems, sorry about that.

I ran the fix, the log follows and the summary is attached. Thanks!

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-04-2026 01
Ran by Hellhound Hunter (04-04-2026 13:21:51) Run:6
Running from C:\Users\Hellhound Hunter\Desktop
Loaded Profiles: Hellhound Hunter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
cmd: msinfo32 /nfo SystemSummary.nfo /categories +systemsummary
End::
*****************


========= msinfo32 /nfo SystemSummary.nfo /categories +systemsummary =========

0

========= End of CMD: =========


==== End of Fixlog 13:26:57 ====

 

Hmm, I'm having trouble uploading the SystemSummary file. I click "Upload a File" and when I search through the files on the desktop it doesn't show up. It saved the file as a .nfo , should I convert it somehow?

 

Yes, I did uncheck Base Video before her computer started working so much better yesterday. The only issue that occurred (so far) after returning the setting to normal was the flashing and multiplied banner I described in the last paragraph of post 29.

The summary zip is attached.

Happy Easter!

 

That's fine. I followed the steps again. Both times after I save it to the desktop, after waiting for it to finish, when I go to close the system information window, it says it isn't repsonding and has to report it to Microsoft. So I let it do that. This time, before compressing the file into a zip folder, I tried to open it myself. It said it was corrupt, but when I clicked okay it opened for me anyway. I think it will do the same thing again. Am I able to copy and past information for you or do something else?

What if I followed your first steps in post 30, would I be able to upload it to Gofile or something?