Browser Refreshing Itself

ManWarBear · Sep 29, 2023

Recently I've started having an issue with Chrome refreshing itself. I hope it's not a malware issue but I came here to be on the safe side. It's quite an annoying issue because I can be in the middle of typing something and it will refresh. I've used the incognito feature and that seems to help but then I don't have the protection of my ad blockers, etc. Any help with this issue would be greatly appreciated.

ManWarBear · Sep 29, 2023

I'm having trouble locating the Hitman log. It's not in the folder where I put the others for some reason. I can do a fresh scan if needed.

ManWarBear · Sep 29, 2023

I ran a new scan and then found the previous log file in an old folder. smh

Oh My! · Sep 29, 2023

Greetings and welcome to the Major Geeks Malware Forum.

While I review what you have posted please do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------

Right click on Farbar Recover Scan Tool for 64 bit systems select Save Link As..., and save the file onto your Desktop

Right click on the icon and select Run as administrator

Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option

Click Yes to the disclaimer

Click Scan and allow the program to run

Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen

2 Notepad documents should now be open on your desktop.

Please attach both reports to your reply

===================================================

Things I would like to see in your next reply. :thumbsup2:

FRST.txt

Addition.txt

ManWarBear · Sep 29, 2023

Here are the requested logs.

Oh My! · Sep 29, 2023

Thank you for the reports.

Let's start with this.

===================================================

Disabling Automatic Chrome Browser Refresh

--------------------

Launch Chrome

Copy and paste chrome://settings/performance in the address bar then hit Enter

If Enabled, Disable Energy saver

If there are specific sites the refresh occurs with click Add on Always keep these sites active

Select Add current sites or add site information manually

Close, then relaunch Chrome and check for tab reloading

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
CreateRestorePoint:
CloseProcesses:
C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Micheal.job => E:\ASC (portable)\ASC.exe
Task: {88B4543F-D0A6-456F-9170-A45451A5A8B7} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {93335E62-2C63-4044-81E4-80EFED41ECA6} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe"  /Task (No File) 
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} =>  -> No File 
Task: {93335E62-2C63-4044-81E4-80EFED41ECA6} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe"  /Task (No File) 
C:\Windows\Temp\*.*
C:\users\CurrentUserName\AppData\Local\Temp\*.*
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

Status of Chrome refresh?

ManWarBear · Sep 29, 2023

The fix was taking a really long time and I thought something was wrong so I forced it to close. Do I need to run it again?

ManWarBear · Sep 29, 2023

Also, the refresh issue seems to be remedied.

Oh My! · Sep 29, 2023

It looks like a couple of commands were still in progress/hung.

Run this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
CloseProcesses:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

ManWarBear · Sep 29, 2023

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Bear (29-09-2023 12:21:26) Run:2
Running from C:\Users\Micheal\Desktop
Loaded Profiles: Bear
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
*****************

Processes closed successfully.

========= sfc /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.

Windows Resource Protection found corrupt files but was unable to fix some of them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.

========= End of CMD: =========

========= DISM /Online /Cleanup-Image /CheckHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19045.3448

The component store is repairable.
The operation completed successfully.

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 12:34:49 ====

Oh My! · Sep 29, 2023

Thank you.

Windows Resource Protection found corrupt files but was unable to fix some of them.
The component store is repairable.
Click to expand...

There are some system issues we need to address.

Please do this.

===================================================

SFCFix Scan

--------------------

Download SFCFix and save it to your Desktop

Right click on the icon and select Run as administrator

When prompted Press any key to continue . . . 3 times

Allow the process to complete, which can take as long as 15 minutes

When completed press Enter and a report will appear on your Desktop

Copy and paste the contents of the report in your reply

If the tool fails to run or errors are present in the report zip and upload the entire C:\Windows\Logs\CBS folder to Gofile or the file hosting site of your choice and post the download link in your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

SFCFix report

Zipped CBS folder, if applicable

ManWarBear · Sep 29, 2023

The scan is still running at the moment but my browser just refreshed itself during that time.

Oh My! · Sep 29, 2023

We will discount the refresh for now since the program is running.

ManWarBear · Sep 29, 2023

SFCFix version 3.0.2.1 by niemiro.
Start time: 2023-09-29 13:06:38.762
Microsoft Windows 10 Build 19045 - amd64
Not using a script file.

AutoAnalysis::
SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 8
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption count: 0
SURT total detected corruption count: 0
SURT total unimportant corruption count: 0
SURT total fixed corruption count: 0
AutoAnalysis:: directive completed successfully.

Successfully processed all directives.

Failed to generate a complete zip file. Upload aborted.

SFCFix version 3.0.2.1 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2023-09-29 14:04:59.676
----------------------EOF-----------------------

ManWarBear · Sep 29, 2023

It failed to create a zip file.

Oh My! · Sep 29, 2023

Can you zip and upload the entire C:\Windows\Logs\CBS folder to Gofile or the file hosting site of your choice and post the download link in your reply? I suspect sfc not being able to repair files is of no consequence and related to Avira which used to be on your system but we need to double check.

ManWarBear · Sep 29, 2023

https://gofile.io/d/graW2s

Sorry, I don't know where my mind is today.

Oh My! · Sep 29, 2023

In all fairness my instructions did not include zipping the CBS folder if SFCFix ran and no corruptions were found.

As I suspected, it is the typical and irrelevant Avast/Avira error.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
CloseProcesses:
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

ManWarBear · Sep 29, 2023

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Bear (29-09-2023 14:47:59) Run:3
Running from C:\Users\Micheal\Desktop
Loaded Profiles: Bear
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CloseProcesses:
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::
*****************

Processes closed successfully.

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19045.3448

[== 3.8% ]

[== 3.9% ]

[== 4.2% ]

[== 4.4% ]

[== 4.8% ]

[=== 5.2% ]

[=== 5.5% ]

[=== 5.9% ]

[=== 6.1% ]

[=== 6.3% ]

[=== 6.6% ]

[=== 6.8% ]

[=== 6.9% ]

[==== 7.2% ]

[==== 7.5% ]

[==== 7.7% ]

[==== 7.9% ]

[==== 8.2% ]

[==== 8.5% ]

[===== 8.8% ]

[===== 9.2% ]

[===== 9.6% ]

[===== 9.9% ]

[===== 10.2% ]

[====== 10.6% ]

[====== 10.7% ]

[====== 10.9% ]

[====== 11.2% ]

[====== 11.3% ]

[====== 11.6% ]

[======= 12.1% ]

[======= 12.4% ]

[======= 12.6% ]

[======= 13.0% ]

[======= 13.4% ]

[======== 13.8% ]

[======== 14.2% ]

[======== 14.5% ]

[======== 14.8% ]

[======== 14.9% ]

[======== 15.1% ]

[======== 15.5% ]

[========= 15.8% ]

[========= 15.8% ]

[========= 16.2% ]

[========= 16.5% ]

[========= 16.8% ]

[========= 17.1% ]

[========== 17.5% ]

[========== 17.7% ]

[========== 18.2% ]

[========== 18.5% ]

[========== 18.6% ]

[=========== 19.1% ]

[=========== 19.2% ]

[=========== 19.5% ]

[=========== 19.8% ]

[=========== 20.1% ]

[=========== 20.4% ]

[=========== 20.6% ]

[============ 20.9% ]

[============ 21.3% ]

[============ 21.6% ]

[============ 22.0% ]

[============ 22.2% ]

[============= 22.4% ]

[============= 22.6% ]

[============= 23.2% ]

[============= 23.5% ]

[============= 23.8% ]

[============= 24.0% ]

[============== 24.4% ]

[============== 24.5% ]

[============== 24.8% ]

[============== 25.0% ]

[============== 25.0% ]

[============== 25.1% ]

[============== 25.1% ]

[============== 25.1% ]

[============== 25.1% ]

[============== 25.1% ]

[============== 25.6% ]

[============== 25.8% ]

[=============== 26.6% ]

[=============== 27.5% ]

[================ 28.3% ]

[================ 28.8% ]

[================ 29.1% ]

[================= 29.4% ]

[================= 29.9% ]

[================= 30.5% ]

[================= 30.9% ]

[================== 31.6% ]

[================== 31.9% ]

[================== 32.3% ]

[================== 32.5% ]

[================== 32.7% ]

[=================== 32.9% ]

[=================== 33.2% ]

[=================== 33.4% ]

[=================== 33.6% ]

[=================== 33.7% ]

[=================== 33.7% ]

[=================== 33.7% ]

[=================== 33.8% ]

[=================== 34.0% ]

[=================== 34.2% ]

[=================== 34.4% ]

[==================== 34.6% ]

[==================== 35.0% ]

[==================== 35.2% ]

[==================== 35.6% ]

[==================== 35.9% ]

[===================== 36.3% ]

[===================== 36.7% ]

[===================== 37.1% ]

[===================== 37.1% ]

[===================== 37.5% ]

[===================== 37.8% ]

[===================== 37.8% ]

[====================== 38.1% ]

[====================== 38.3% ]

[====================== 38.5% ]

[====================== 38.9% ]

[====================== 39.0% ]

[====================== 39.3% ]

[====================== 39.5% ]

[======================= 39.7% ]

[======================= 39.8% ]

[======================= 39.9% ]

[======================= 40.2% ]

[======================= 40.5% ]

[======================= 40.7% ]

[======================= 41.1% ]

[======================= 41.1% ]

[======================= 41.3% ]

[======================== 41.5% ]

[======================== 41.7% ]

[======================== 42.0% ]

[======================== 42.3% ]

[======================== 42.6% ]

[======================== 42.6% ]

[======================== 42.7% ]

[======================== 42.8% ]

[======================== 42.9% ]

[========================= 43.2% ]

[========================= 43.6% ]

[========================= 43.6% ]

[========================= 43.7% ]

[========================= 43.7% ]

[========================= 43.8% ]

[========================= 43.8% ]

[========================= 44.1% ]

[========================= 44.3% ]

[========================= 44.3% ]

[========================= 44.4% ]

[========================= 44.5% ]

[========================= 44.6% ]

[========================= 44.7% ]

[========================== 44.8% ]

[========================== 45.0% ]

[========================== 45.2% ]

[========================== 45.2% ]

[========================== 45.4% ]

[========================== 45.5% ]

[========================== 45.7% ]

[========================== 45.7% ]

[========================== 45.9% ]

[========================== 46.1% ]

[========================== 46.2% ]

[========================== 46.3% ]

[========================== 46.3% ]

[========================== 46.3% ]

[========================== 46.3% ]

[========================== 46.4% ]

[========================== 46.4% ]

[========================== 46.5% ]

[===========================46.6% ]

[===========================46.6% ]

[===========================46.8% ]

[===========================46.9% ]

[===========================46.9% ]

[===========================47.2% ]

[===========================47.4% ]

[===========================47.5% ]

[===========================47.5% ]

[===========================47.6% ]

[===========================47.7% ]

[===========================47.7% ]

[===========================47.7% ]

[===========================47.8% ]

[===========================47.8% ]

[===========================47.8% ]

[===========================47.8% ]

[===========================48.0% ]

[===========================48.0% ]

[===========================48.1% ]

[===========================48.2% ]

[===========================48.2% ]

[===========================48.2% ]

[===========================48.2% ]

[===========================48.3% ]

[===========================48.4% ]

[===========================48.4% ]

[===========================48.5% ]

[===========================48.5% ]

[===========================48.5% ]

[===========================48.7% ]

[===========================48.8% ]

[===========================48.8% ]

[===========================48.8% ]

[===========================48.8% ]

[===========================48.9% ]

[===========================49.0% ]

[===========================49.1% ]

[===========================49.1% ]

[===========================49.2% ]

[===========================49.4% ]

[===========================49.4% ]

[===========================49.5% ]

[===========================49.5% ]

[===========================49.7% ]

[===========================49.7% ]

[===========================49.8% ]

[===========================49.9% ]

[===========================50.0% ]

[===========================50.2% ]

[===========================50.4% ]

[===========================50.5% ]

[===========================50.7% ]

[===========================51.0% ]

[===========================51.2% ]

[===========================51.4% ]

[===========================51.5% ]

[===========================51.8% ]

[===========================51.9% ]

[===========================51.9% ]

[===========================52.4% ]

[===========================52.8% ]

[===========================53.1% ]

[===========================53.6% ]

[===========================54.0% ]

[===========================54.3% ]

[===========================54.5% ]

[===========================54.6% ]

[===========================54.8% ]

[===========================54.9% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.1% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.3% ]

[===========================55.3% ]

[===========================55.3% ]

[===========================55.3% ]

[===========================55.4% ]

[===========================55.4% ]

[===========================55.4% ]

[===========================55.4% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.5% ]

[===========================55.6% ]

[===========================55.6% ]

[===========================55.6% ]

[===========================55.7% ]

[===========================55.7% ]

[===========================55.7% ]

[===========================55.7% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.8% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================55.9% ]

[===========================56.0% ]

[===========================56.0% ]

[===========================56.1% ]

[===========================56.1% ]

[===========================56.1% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.3% ]

[===========================56.3% ]

[===========================56.3% ]

[===========================56.3% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.4% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.6% ]

[===========================56.6% ]

[===========================56.6% ]

[===========================56.7% ]

[===========================56.7% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.8% ]

[===========================56.9%= ]

[===========================56.9%= ]

[===========================56.9%= ]

[===========================57.0%= ]

[===========================57.0%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.1%= ]

[===========================57.2%= ]

[===========================57.3%= ]

[===========================57.3%= ]

[===========================57.3%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.4%= ]

[===========================57.6%= ]

[===========================57.7%= ]

[===========================57.8%= ]

[===========================58.0%= ]

[===========================58.0%= ]

[===========================58.0%= ]

[===========================58.0%= ]

[===========================58.1%= ]

[===========================58.1%= ]

[===========================58.2%= ]

[===========================58.4%= ]

[===========================58.6%= ]

[===========================58.6%= ]

[===========================59.2%== ]

[===========================59.7%== ]

[===========================59.8%== ]

[===========================60.2%== ]

[===========================62.3%==== ]

[===========================84.9%================= ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========

The system needed a reboot.

==== End of Fixlog 15:12:00 ====

Oh My! · Sep 29, 2023

Excellent.

Please run Windows Update until no more updates are available or you receive an error message. If you get an error, provide the error information.

On a side note. It is not essential to remove all remnants of Avira (aka Avast) but typically there is a lot of junk left behind by those programs even after a routine uninstall. If you want to pursue that let me know.

ManWarBear · Sep 29, 2023

I think this is going to be a lengthy process because just one update took 2 hours to fully install. I'll have to do it in batches so I don't go insane with boredom. Though, I am definitely interested in getting rid of all the junk Avira left behind.

Oh My! · Sep 29, 2023

Take your time, there is no need to rush. Let me know if you continue to experience the refresh issue.

ManWarBear · Sep 30, 2023

Apparently windows is all up to date. I'm still having the refresh issue, though.

Oh My! · Sep 30, 2023

Thank you.

I am going to provide an expanded version of my previous post. Please do this.

===================================================

Disabling Automatic Chrome Browser Refresh

--------------------

Launch Chrome

Copy and paste chrome://settings/performance in the address bar then hit Enter

If Enabled, Disable Energy saver

If there are specific sites the refresh occurs with click Add on Always keep these sites active

Select Add current sites or add site information manually

Copy and paste chrome://discards in the address bar then hit Enter

Under Auto Discardable, if necessary, toggle each line so it is Disabled which is indicated by an X

Copy and paste chrome://flags/#automatic-tab-discarding in the address bar then hit Enter

Hit the Ctrl + S key at the same time to bring up the Search bar

Type Discarding and if there are any detections look for Automatic Tab Discarding and select Disabled (may not be present)

Close, then relaunch Chrome and check for tab reloading

===================================================

Things I would like to see in your next reply.

Results?

ManWarBear · Oct 1, 2023

I can't find Automatic Tab Discarding. Though, the refresh issue is still ongoing.

Oh My! · Oct 1, 2023

Can you verify the refresh does not occur when you visit the same page(s) when using the Edge browser?

ManWarBear · Oct 1, 2023

I've been using Edge for a couple of hours and while Chrome has refreshed a couple of times, Edge has not. :/ I'm really not looking forward to switching browsers but if that's what I have to do, so be it.

Oh My! · Oct 1, 2023

You shouldn't have to switch browsers, we just needed to isolate it to Chrome and rule out a more system-wide problem. I try not to manipulate things more than is necessary so this can be an incremental process.

Please test this next.

===================================================

Launching Chrome Without Extensions

--------------------

Hit the Windows Key + R at the same time

In the Run box type or copy/paste chrome --disable-extensions and hit Enter

Let me know if Chrome works properly

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Results?

ManWarBear · Oct 1, 2023

I tried that but my extensions/ad blockers were still running. Weird. I'll try to disable them all manually.

ManWarBear · Oct 1, 2023

After disabling all extensions, I haven't had an automatic refresh happen. One extension I've been using for years, Adguard Adblocker. The other three are BetterTTV, IObit Surfing Protection, and WebRTC Leak Shield.

Oh My! · Oct 1, 2023

Now we need to enable the extension, one at a time, to find the culprit. I would recommend starting with IObit Surfing Protection.

ManWarBear · Oct 2, 2023

So far I haven't had a refresh with IObit enabled.

Oh My! · Oct 2, 2023

So far I haven't had a refresh with IObit enabled.
Click to expand...

IObit Enabled or Disabled?

ManWarBear · Oct 2, 2023

I take that back. IObit is enabled and I just got two refreshes.

Oh My! · Oct 2, 2023

Have you Disabled IObit and tested?

ManWarBear · Oct 2, 2023

Yes, I'm currently waiting to see if another refresh happens.

Oh My! · Oct 2, 2023

Great, let me know.

ManWarBear · Oct 2, 2023

So, I enabled my other three extensions and disabled IObit. I haven't had a refresh in quite a few hours.

Oh My! · Oct 3, 2023

I am not surprised. I would recommend we completely remove IObit. If that is OK with you please do the following.

===================================================

Farbar Recovery Scan Tool SearchAll

--------------------

Right click on FRST and select Run as administrator

Copy/paste the following in the Search: box
Code:
SearchAll: IObit;SystemCare
Click Search Files button

When completed click OK and a Search.txt document will open on your desktop

Please zip and upload the file to GoFile, WeTransfer, or the file hosting site of your choice and post the download link in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Search.txt

ManWarBear · Oct 3, 2023

https://gofile.io/d/2NvA5u

Oh My! · Oct 3, 2023

Surprisingly it looks like there is only one other entry. Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

[/indent]

ManWarBear · Oct 3, 2023

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Bear (03-10-2023 16:25:36) Run:4
Running from C:\Users\Micheal\Desktop
Loaded Profiles: Bear
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn
End::
*****************

"C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn" folder move:

C:\Users\Micheal\AppData\Local\Google\Chrome\User Data\Default\Extensions\imgpenhngnbnmhdkpdfnfhdpmfgmihdn => moved successfully

==== End of Fixlog 16:25:40 ====

Oh My! · Oct 3, 2023

Very good.

Are you having any issues or have questions before I post some clean-up instructions and information for you to consider going forward?

ManWarBear · Oct 3, 2023

"On a side note. It is not essential to remove all remnants of Avira (aka Avast) but typically there is a lot of junk left behind by those programs even after a routine uninstall. If you want to pursue that let me know."

I'm definitely interested in getting rid of any junk left behind by Avira.

Oh My! · Oct 3, 2023

Sorry about that, it slipped by me.

Please do this.

===================================================

Farbar Recovery Scan Tool SearchAll

--------------------

Right click on FRST and select Run as administrator

Copy/paste the following in the Search: box
Code:
SearchAll: Avast;Avira
Click Search Files button

When completed click OK and a Search.txt document will open on your desktop

Zip and upload the file to GoFile, WeTransfer, or the file hosting site of your choice and post the download link in your reply

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Uploaded file

ManWarBear · Oct 4, 2023

https://gofile.io/d/LK0Mtl

Oh My! · Oct 4, 2023

Thank you.

I am pleasantly surprised at how few entries are present during our searches.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST64 icon and select Run as administrator

Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied

There is no need to paste the information anywhere, FRST64 will do it for you
Code:
Start::
2023-06-13 00:00 - 2023-06-13 00:00 _____ C:\Windows\Temp\_avast_
2023-06-13 00:00 - 2023-06-13 00:00 _____ C:\Users\Micheal\AppData\Local\Temp\_avast_
cmd: del C:\Windows\prefetch\*.* /s /q
cmd: del %temp%\*.* /s /q
End::
Click Fix

When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

Fixlog

ManWarBear · Oct 4, 2023

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Bear (04-10-2023 11:33:42) Run:5
Running from C:\Users\Micheal\Desktop
Loaded Profiles: Bear
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
2023-06-13 00:00 - 2023-06-13 00:00 _____ C:\Windows\Temp\_avast_
2023-06-13 00:00 - 2023-06-13 00:00 _____ C:\Users\Micheal\AppData\Local\Temp\_avast_
cmd: del C:\Windows\prefetch\*.* /s /q
cmd: del %temp%\*.* /s /q
End::
*****************

"C:\Windows\Temp\_avast_" folder move:

C:\Windows\Temp\_avast_ => moved successfully

"C:\Users\Micheal\AppData\Local\Temp\_avast_" folder move:

C:\Users\Micheal\AppData\Local\Temp\_avast_ => moved successfully

========= del C:\Windows\prefetch\*.* /s /q =========

Deleted file - C:\Windows\prefetch\117.0.5938.132_117.0.5938.92_-B4C38947.pf
Deleted file - C:\Windows\prefetch\117.0.5938.134_117.0.5938.132-DD262565.pf
Deleted file - C:\Windows\prefetch\7ZFM.EXE-56DE4F9A.pf
Deleted file - C:\Windows\prefetch\7ZG.EXE-F49B3D46.pf
Deleted file - C:\Windows\prefetch\ACTIONCENTERDOWNLOADER.EXE-4EC49131.pf
Deleted file - C:\Windows\prefetch\ADWCLEANER(1).EXE-9B0E302B.pf
Deleted file - C:\Windows\prefetch\ADWCLEANER(2).EXE-0080A168.pf
Deleted file - C:\Windows\prefetch\ADWCLEANER.EXE-8564FFA1.pf
Deleted file - C:\Windows\prefetch\AE MYSTERIES.EXE-8D734812.pf
Deleted file - C:\Windows\prefetch\AEM.EXE-CE430C62.pf
Deleted file - C:\Windows\prefetch\AgAppLaunch.db
Deleted file - C:\Windows\prefetch\AgCx_SC1.db
Deleted file - C:\Windows\prefetch\AgCx_SC1.db.trx
Deleted file - C:\Windows\prefetch\AgCx_SC2.db
Deleted file - C:\Windows\prefetch\AgCx_SC4.db
Deleted file - C:\Windows\prefetch\AgCx_SC5.db
Deleted file - C:\Windows\prefetch\AgGlFaultHistory.db
Deleted file - C:\Windows\prefetch\AgGlFgAppHistory.db
Deleted file - C:\Windows\prefetch\AgGlGlobalHistory.db
Deleted file - C:\Windows\prefetch\AgGlUAD_P_S-1-5-21-745247706-1955576132-408695703-1001.db
Deleted file - C:\Windows\prefetch\AgGlUAD_S-1-5-21-745247706-1955576132-408695703-1001.db
Deleted file - C:\Windows\prefetch\AgRobust.db
Deleted file - C:\Windows\prefetch\AM_BASE_PATCH1.EXE-B2ACC39D.pf
Deleted file - C:\Windows\prefetch\AM_DELTA.EXE-78CA83B0.pf
Deleted file - C:\Windows\prefetch\AM_DELTA_PATCH_1.397.1864.0.E-7872351B.pf
Deleted file - C:\Windows\prefetch\AM_DELTA_PATCH_1.397.1894.0.E-FC60AC62.pf
Deleted file - C:\Windows\prefetch\AM_DELTA_PATCH_1.397.1947.0.E-259086C5.pf
Deleted file - C:\Windows\prefetch\AM_DELTA_PATCH_1.397.1995.0.E-54C9847C.pf
Deleted file - C:\Windows\prefetch\AM_ENGINE_PATCH_1.1.23080.200-C07CA65A.pf
Deleted file - C:\Windows\prefetch\ANALYSE.EXE-E6A7F51A.pf
Deleted file - C:\Windows\prefetch\APPLICATIONFRAMEHOST.EXE-8CE9A1EE.pf
Deleted file - C:\Windows\prefetch\ASC.EXE-DA1D8216.pf
Deleted file - C:\Windows\prefetch\ASCSTP.EXE-91124D88.pf
Deleted file - C:\Windows\prefetch\AUDIODG.EXE-AB22E9A6.pf
Deleted file - C:\Windows\prefetch\AU_.EXE-44ACA9C6.pf
Deleted file - C:\Windows\prefetch\AU_.EXE-B5F85CA9.pf
Deleted file - C:\Windows\prefetch\AVIRA.SPOTLIGHT.BOOTSTRAPPER.-10236DA7.pf
Deleted file - C:\Windows\prefetch\AVIRA.SPOTLIGHT.BOOTSTRAPPER.-CE60551F.pf
Deleted file - C:\Windows\prefetch\AVIRA.SPOTLIGHT.UI.APPLICATIO-17D20DBA.pf
Deleted file - C:\Windows\prefetch\AVIRA_GAME_BOOSTER.TMP-B77324D7.pf
Deleted file - C:\Windows\prefetch\AVIRA_SPOTLIGHT_SETUP_1.TMP-6738A209.pf
Deleted file - C:\Windows\prefetch\AVIRA_SPOTLIGHT_SETUP_1.TMP-94285D8E.pf
Deleted file - C:\Windows\prefetch\AVIRA_SYSTEM_SPEEDUP.TMP-6830F681.pf
Deleted file - C:\Windows\prefetch\BACKGROUNDTASKHOST.EXE-05A8BF9D.pf
Deleted file - C:\Windows\prefetch\cadrespri.7db
Deleted file - C:\Windows\prefetch\CALCULATOR.EXE-B4C49869.pf
Deleted file - C:\Windows\prefetch\CALCULATORAPP.EXE-BD3622F6.pf
Deleted file - C:\Windows\prefetch\CALCULATORAPP.EXE-DC469C54.pf
Deleted file - C:\Windows\prefetch\CHCP.COM-2CF9B15C.pf
Deleted file - C:\Windows\prefetch\CHROME.EXE-5349D2D7.pf
Deleted file - C:\Windows\prefetch\CHROME.EXE-5349D2D8.pf
Deleted file - C:\Windows\prefetch\CHROME.EXE-5349D2D9.pf
Deleted file - C:\Windows\prefetch\CHROME.EXE-5349D2DE.pf
Deleted file - C:\Windows\prefetch\CHROME.EXE-5349D2DF.pf
Deleted file - C:\Windows\prefetch\CHXSMARTSCREEN.EXE-061DFBA0.pf
Deleted file - C:\Windows\prefetch\CLEANMGR.EXE-1282D612.pf
Deleted file - C:\Windows\prefetch\CMD.EXE-0BD30981.pf
Deleted file - C:\Windows\prefetch\COMPATTELRUNNER.EXE-B7A68ECC.pf
Deleted file - C:\Windows\prefetch\COMPPKGSRV.EXE-4780F0C1.pf
Deleted file - C:\Windows\prefetch\CONHOST.EXE-0C6456FB.pf
Deleted file - C:\Windows\prefetch\CONSENT.EXE-40419367.pf
Deleted file - C:\Windows\prefetch\CSRSS.EXE-F3C368CB.pf
Deleted file - C:\Windows\prefetch\CTFMON.EXE-795F8130.pf
Deleted file - C:\Windows\prefetch\DEFRAG.EXE-3D9E8D72.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-2E6C35AC.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-6E3E892C.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-6F625E57.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-72E7B289.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-7617EDA2.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-7D5CE0CA.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-8EE3ADE8.pf
Deleted file - C:\Windows\prefetch\DLLHOST.EXE-F144D205.pf
Deleted file - C:\Windows\prefetch\DRIVER BOOSTER.TMP-6ECA26EB.pf
Deleted file - C:\Windows\prefetch\DWM.EXE-314E93C5.pf
Deleted file - C:\Windows\prefetch\dynrespri.7db
Deleted file - C:\Windows\prefetch\ELEVATION_SERVICE.EXE-8E2E8EB3.pf
Deleted file - C:\Windows\prefetch\ENCODER.EXE-B968B2EC.pf
Deleted file - C:\Windows\prefetch\ESCAPEFROMSCHOOL.EXE-00AFD763.pf
Deleted file - C:\Windows\prefetch\ESIF_ASSIST_64.EXE-62800BD1.pf
Deleted file - C:\Windows\prefetch\EXPLORER.EXE-D5E97654.pf
Deleted file - C:\Windows\prefetch\FONTDRVHOST.EXE-8152304A.pf
Deleted file - C:\Windows\prefetch\FRST64.EXE-38913B78.pf
Deleted file - C:\Windows\prefetch\GAME.EXE-6FEABD64.pf
Deleted file - C:\Windows\prefetch\GAME.EXE-C3D62511.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-32D7E1C0.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-496CFF42.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-9F7E369E.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-F333C8D6.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-F8AA1B0A.pf
Deleted file - C:\Windows\prefetch\GAMEBAR.EXE-FCA42608.pf
Deleted file - C:\Windows\prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
Deleted file - C:\Windows\prefetch\HELPPANE.EXE-2CB7BD18.pf
Deleted file - C:\Windows\prefetch\HITMANPRO_X64.EXE-8C624452.pf
Deleted file - C:\Windows\prefetch\IDENTITY_HELPER.EXE-C23847B7.pf
Deleted file - C:\Windows\prefetch\IGCC.EXE-4AC08C93.pf
Deleted file - C:\Windows\prefetch\IGCC.EXE-C3FC3DDF.pf
Deleted file - C:\Windows\prefetch\IGCCTRAY.EXE-52F21751.pf
Deleted file - C:\Windows\prefetch\IRSETUP.EXE-5ED196FB.pf
Deleted file - C:\Windows\prefetch\KPRM_2.14.EXE-1D1407A1.pf
Deleted file - C:\Windows\prefetch\Layout.ini
Deleted file - C:\Windows\prefetch\LOCKAPP.EXE-ACD69F07.pf
Deleted file - C:\Windows\prefetch\LOGONUI.EXE-F639BD7E.pf
Deleted file - C:\Windows\prefetch\MBAM.EXE-728D2E12.pf
Deleted file - C:\Windows\prefetch\MBAMTRAY.EXE-08C66B4A.pf
Deleted file - C:\Windows\prefetch\MBSETUP.EXE-E932147F.pf
Deleted file - C:\Windows\prefetch\MICROSOFT.MEDIA.PLAYER.EXE-B9925872.pf
Deleted file - C:\Windows\prefetch\MICROSOFT.PHOTOS.EXE-34EA06BE.pf
Deleted file - C:\Windows\prefetch\MICROSOFT.PHOTOS.EXE-CED05E2C.pf
Deleted file - C:\Windows\prefetch\MICROSOFTEDGEUPDATE.EXE-2A52A33E.pf
Deleted file - C:\Windows\prefetch\MICROSOFTEDGEUPDATE.EXE-7A595326.pf
Deleted file - C:\Windows\prefetch\MICROSOFTEDGEUPDATE.EXE-7C7DBA86.pf
Deleted file - C:\Windows\prefetch\MICROSOFTEDGE_X64_117.0.2045.-6CC04F8A.pf
Deleted file - C:\Windows\prefetch\MICROSOFTEDGE_X64_117.0.2045.-FB876684.pf
Deleted file - C:\Windows\prefetch\MMC.EXE-C72AC07B.pf
Deleted file - C:\Windows\prefetch\MPCMDRUN.EXE-56407324.pf
Deleted file - C:\Windows\prefetch\MPSIGSTUB.EXE-5D0450B3.pf
Deleted file - C:\Windows\prefetch\MSCORSVW.EXE-16B291C4.pf
Deleted file - C:\Windows\prefetch\MSCORSVW.EXE-8CE1A322.pf
Deleted file - C:\Windows\prefetch\MSDT.EXE-D579957D.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25F9A.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25F9B.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25F9C.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25F9D.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25F9F.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25FA1.pf
Deleted file - C:\Windows\prefetch\MSEDGE.EXE-37D25FA2.pf
Deleted file - C:\Windows\prefetch\MSPAINT.EXE-6406C4A1.pf
Deleted file - C:\Windows\prefetch\MUSIC.UI.EXE-94A5DF24.pf
Deleted file - C:\Windows\prefetch\NGEN.EXE-4A8DA13E.pf
Deleted file - C:\Windows\prefetch\NGEN.EXE-734C6620.pf
Deleted file - C:\Windows\prefetch\NGENTASK.EXE-0E6CEC17.pf
Deleted file - C:\Windows\prefetch\NGENTASK.EXE-849BFD75.pf
Deleted file - C:\Windows\prefetch\NOTEPAD.EXE-032BB3D8.pf
Deleted file - C:\Windows\prefetch\NOTEPAD.EXE-C5670914.pf
Deleted file - C:\Windows\prefetch\NOTEPAD.EXE-D096D5BE.pf
Deleted file - C:\Windows\prefetch\Op-EXPLORER.EXE-D5E97654-000000F5.pf
Deleted file - C:\Windows\prefetch\Op-MSEDGE.EXE-37D25F9A-00000001.pf
Deleted file - C:\Windows\prefetch\Op-SEARCHAPP.EXE-DD93808B-00000002.pf
Deleted file - C:\Windows\prefetch\OPENWITH.EXE-8B50D58B.pf
Deleted file - C:\Windows\prefetch\OSK.EXE-FFD4810E.pf
Deleted file - C:\Windows\prefetch\PALTALK.EXE-871B8468.pf
C:\Windows\prefetch\PfPre_9d05316d.mkd
Deleted file - C:\Windows\prefetch\PfSvPerfStats.bin
Deleted file - C:\Windows\prefetch\PICKERHOST.EXE-DE4B8E61.pf
Deleted file - C:\Windows\prefetch\POWERSHELL.EXE-CA1AE517.pf
Deleted file - C:\Windows\prefetch\REGEDIT.EXE-DAB4D60B.pf
Deleted file - C:\Windows\prefetch\REGISTER.EXE-06B4CB64.pf
Deleted file - C:\Windows\prefetch\ResPriHMStaticDb.ebd
Deleted file - C:\Windows\prefetch\ROGUEKILLER_PORTABLE64.EXE-8E01B1F6.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-52A71BD0.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-8B3CB926.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-B7243F55.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-BF167F42.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-C0159C27.pf
Deleted file - C:\Windows\prefetch\RUNDLL32.EXE-DE99C3E9.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-4551A062.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-67310593.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-6B83017D.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-6C9EBCC0.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-929314A6.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-D2EE0952.pf
Deleted file - C:\Windows\prefetch\RUNTIMEBROKER.EXE-D938BA9E.pf
Deleted file - C:\Windows\prefetch\SAFETIPS.EXE-74C65B05.pf
Deleted file - C:\Windows\prefetch\SCHTASKS.EXE-8B6144A9.pf
Deleted file - C:\Windows\prefetch\SDIAGNHOST.EXE-B3171AA1.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-5B5FCE95.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-74DFC353.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-7D7320D8.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-86067E5D.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-8E99DBE2.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-D91D826A.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-F7220F7E.pf
Deleted file - C:\Windows\prefetch\SEARCHAPP.EXE-FFB56D03.pf
Deleted file - C:\Windows\prefetch\SEARCHFILTERHOST.EXE-44162447.pf
Deleted file - C:\Windows\prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
Deleted file - C:\Windows\prefetch\SECHEALTHUI.EXE-FAB65C18.pf
Deleted file - C:\Windows\prefetch\SECURITYHEALTHSYSTRAY.EXE-E527A4AE.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-12CC282B.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-4D3A566E.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-4D3A5675.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-8FD37F5C.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-A0279610.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-CDB8FCFF.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-CDB8FD06.pf
Deleted file - C:\Windows\prefetch\SETUP.EXE-E74BA75B.pf
Deleted file - C:\Windows\prefetch\SETUP.TMP-1A1A1058.pf
Deleted file - C:\Windows\prefetch\SHELLEXPERIENCEHOST.EXE-4CC9062B.pf
Deleted file - C:\Windows\prefetch\SHELLEXPERIENCEHOST.EXE-B3EF1F80.pf
Deleted file - C:\Windows\prefetch\SIHCLIENT.EXE-98C47F6C.pf
Deleted file - C:\Windows\prefetch\SMARTSCREEN.EXE-EACC1250.pf
Deleted file - C:\Windows\prefetch\SMSS.EXE-B5B810DB.pf
Deleted file - C:\Windows\prefetch\SNDVOL.EXE-425BC49B.pf
Deleted file - C:\Windows\prefetch\SOLITAIRE.EXE-37AFE681.pf
Deleted file - C:\Windows\prefetch\SPPSVC.EXE-96070FE0.pf
Deleted file - C:\Windows\prefetch\STARTMENUEXPERIENCEHOST.EXE-DF593AF9.pf
Deleted file - C:\Windows\prefetch\STEAM.EXE-D936A6F2.pf
Deleted file - C:\Windows\prefetch\STPSALE.EXE-F0C66196.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-19B557B1.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-1B73F444.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-4B98D760.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-4CC24C49.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-59D511F9.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-5F87ABED.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-6493017E.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-6867B1E5.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-6A4A44E7.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-73D024B2.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-84F32335.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-852EC587.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-952637C2.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-9D041ABC.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-C2DA4F6F.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-C38EF8DD.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-C4B64CAF.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-C625B657.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-C88A2A3B.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-D8C907E1.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-F5E1DCD3.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-F952D9A9.pf
Deleted file - C:\Windows\prefetch\SVCHOST.EXE-FA38241C.pf
Deleted file - C:\Windows\prefetch\SYSTEMSETTINGS.EXE-BE0858C5.pf
Deleted file - C:\Windows\prefetch\SYSTEMSETTINGSADMINFLOWS.EXE-F74198E7.pf
Deleted file - C:\Windows\prefetch\TASKHOSTW.EXE-2E5D4B75.pf
Deleted file - C:\Windows\prefetch\TASKMGR.EXE-4C8500BA.pf
Deleted file - C:\Windows\prefetch\TASKSCHEDULERVIEW.EXE-15457D7C.pf
Deleted file - C:\Windows\prefetch\TEXTINPUTHOST.EXE-1D647C71.pf
Deleted file - C:\Windows\prefetch\TEXTINPUTHOST.EXE-3958C394.pf
Deleted file - C:\Windows\prefetch\TEXTINPUTHOST.EXE-B983F932.pf
Deleted file - C:\Windows\prefetch\TIWORKER.EXE-59D56BF6.pf
Deleted file - C:\Windows\prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
Deleted file - C:\Windows\prefetch\UNINS000.EXE-15903799.pf
Deleted file - C:\Windows\prefetch\UNINS000.EXE-335FE043.pf
Deleted file - C:\Windows\prefetch\UNINS000.EXE-4AAB51BC.pf
Deleted file - C:\Windows\prefetch\UNINS000.EXE-B273CD9C.pf
Deleted file - C:\Windows\prefetch\UNINSTALL.EXE-124CEEFC.pf
Deleted file - C:\Windows\prefetch\UNINSTALLINFO.EXE-B5C847BC.pf
Deleted file - C:\Windows\prefetch\UN_A.EXE-3F5CC12C.pf
Deleted file - C:\Windows\prefetch\UPFC.EXE-89D4FAEB.pf
Deleted file - C:\Windows\prefetch\USERACCOUNTCONTROLSETTINGS.EX-381ECB63.pf
Deleted file - C:\Windows\prefetch\USERINIT.EXE-5114915C.pf
Deleted file - C:\Windows\prefetch\USEROOBEBROKER.EXE-65584ADF.pf
Deleted file - C:\Windows\prefetch\USOCLIENT.EXE-4ADC110B.pf
Deleted file - C:\Windows\prefetch\VSSVC.EXE-6C8F0C66.pf
Deleted file - C:\Windows\prefetch\WELCOMETOFREEWILL.EXE-22CCD239.pf
Deleted file - C:\Windows\prefetch\WERFAULT.EXE-155C56CF.pf
Deleted file - C:\Windows\prefetch\WEVTUTIL.EXE-1E154F39.pf
Deleted file - C:\Windows\prefetch\WINLOGON.EXE-DEDDC9B6.pf
Deleted file - C:\Windows\prefetch\WINRAR.EXE-BA8CDB31.pf
Deleted file - C:\Windows\prefetch\WINSTORE.APP.EXE-4B6220B1.pf
Deleted file - C:\Windows\prefetch\WINSTORE.APP.EXE-B0221A8F.pf
Deleted file - C:\Windows\prefetch\WINWORD.EXE-9C1B7AB3.pf
Deleted file - C:\Windows\prefetch\WMIPRVSE.EXE-E8B8DD29.pf
Deleted file - C:\Windows\prefetch\WUAUCLT.EXE-5D573F0E.pf
Deleted file - C:\Windows\prefetch\YOURPHONE.EXE-C7BD2D0E.pf
Deleted file - C:\Windows\prefetch\ZAMTALK.EXE-81728616.pf
Deleted file - C:\Windows\prefetch\ZAMTALK_V1301 (1).TMP-782A78F4.pf
Deleted file - C:\Windows\prefetch\ZAMTALK_V1301.TMP-8A705A56.pf
Deleted file - C:\Windows\prefetch\ReadyBoot\rblayout.xin
Deleted file - C:\Windows\prefetch\ReadyBoot\Trace2.fx
Deleted file - C:\Windows\prefetch\ReadyBoot\Trace3.fx
Deleted file - C:\Windows\prefetch\ReadyBoot\Trace4.fx
Deleted file - C:\Windows\prefetch\ReadyBoot\Trace5.fx
Deleted file - C:\Windows\prefetch\ReadyBoot\Trace6.fx

========= End of CMD: =========

========= del %temp%\*.* /s /q =========

Deleted file - C:\Users\Micheal\AppData\Local\Temp\.ses
C:\Users\Micheal\AppData\Local\Temp\039c53c8-f3c8-4bba-a936-d76eecf9f137.tmp
C:\Users\Micheal\AppData\Local\Temp\1af0f099-acf8-4fc5-9c0c-eb6fafb7c468.tmp
C:\Users\Micheal\AppData\Local\Temp\1c46b52c-1330-47a2-ab1d-fc6282585a00.tmp
C:\Users\Micheal\AppData\Local\Temp\28a0ba39-c961-4ec0-be50-bc400821c538.tmp
C:\Users\Micheal\AppData\Local\Temp\2ece3f99-fcfd-4f0e-8c65-6ada04eecfe6.tmp
C:\Users\Micheal\AppData\Local\Temp\393dc388-a2b7-4942-a653-7d3559afcee5.tmp
C:\Users\Micheal\AppData\Local\Temp\6aab5233-b038-440b-9b59-cb11b4656f9a.tmp
C:\Users\Micheal\AppData\Local\Temp\74ccb50a-2008-4839-8f94-1d50b4e05824.tmp
C:\Users\Micheal\AppData\Local\Temp\7c7808f4-8114-41d9-88b6-7c7c27ae8abd.tmp
C:\Users\Micheal\AppData\Local\Temp\809c20d5-87c4-4547-b2c0-f76255050772.tmp
C:\Users\Micheal\AppData\Local\Temp\84192211-fc10-458c-b1ad-81e8567ecae1.tmp
C:\Users\Micheal\AppData\Local\Temp\914c3700-59a1-4c10-8569-aa6da30da26c.tmp
C:\Users\Micheal\AppData\Local\Temp\a084ac8f-c25b-4c16-bc63-b68ca12d7be0.tmp
C:\Users\Micheal\AppData\Local\Temp\a3cd708e-d7f5-4c1a-b0fa-8a1077256201.tmp
C:\Users\Micheal\AppData\Local\Temp\a51df6a0-27da-45df-9f1b-20a982a6cd3e.tmp
C:\Users\Micheal\AppData\Local\Temp\a80f4c07-f94e-458b-ac6e-521abc4636a4.tmp
Deleted file - C:\Users\Micheal\AppData\Local\Temp\AdobeARM.log
C:\Users\Micheal\AppData\Local\Temp\ca8e5657-525a-486a-b23c-0ea075e6d4ba.tmp
Deleted file - C:\Users\Micheal\AppData\Local\Temp\cv_debug.log
C:\Users\Micheal\AppData\Local\Temp\ea493f53-3b9c-4956-9c28-27e10bcd3c17.tmp
C:\Users\Micheal\AppData\Local\Temp\faaf4870-007d-4750-ab6a-b4151f0c8ac9.tmp
C:\Users\Micheal\AppData\Local\Temp\fffed642-68dc-43e7-a2fa-70e447881e0b.tmp
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\CbsProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\DismCorePS.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\DismHost.exe
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\DmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\SetupPlatformProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\1C804FF3-E771-428D-865A-290DF4D5C502\UnattendProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\27E1474C-409F-40AB-8BA6-264B32919808\DismCore.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\27E1474C-409F-40AB-8BA6-264B32919808\ImagingProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\27E1474C-409F-40AB-8BA6-264B32919808\SetupPlatformProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\AppxProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\AssocProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\CbsProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\DismCore.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\DismCorePS.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\DismHost.exe
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\DismProv.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\DmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\FfuProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\FolderProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\GenericProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\IBSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\ImagingProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\IntlProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\LogProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\MsiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\OfflineSetupProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\OSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\ProvProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\SetupPlatformProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\SmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\SysprepProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\TransmogProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\UnattendProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\VhdProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\WimProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\AppxProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\AssocProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\DismCore.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\DismProv.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\FfuProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\GenericProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\IBSProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\ImagingProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\LogProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\OfflineSetupProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\OSProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\ProvProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\SetupPlatformProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\SysprepProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\VhdProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\2A26B220-0EEF-4FD1-9FAB-3B74506CCCA8\en-US\WimProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\36A95F20-D7A5-4E85-B94B-E1FE001537F4\DismProv.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\36A95F20-D7A5-4E85-B94B-E1FE001537F4\IntlProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\36A95F20-D7A5-4E85-B94B-E1FE001537F4\en-US\VhdProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\41857283-8E6B-4FB8-B8FF-A11703BEDAC9\FolderProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\41857283-8E6B-4FB8-B8FF-A11703BEDAC9\UnattendProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\439FCF27-BEF7-444E-9E8D-DE52BE39D54C\AssocProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\439FCF27-BEF7-444E-9E8D-DE52BE39D54C\SysprepProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\4E0C45CE-172E-4455-A3F4-D4C210AEAF71\GenericProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\4E0C45CE-172E-4455-A3F4-D4C210AEAF71\ProvProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\4E0C45CE-172E-4455-A3F4-D4C210AEAF71\SysprepProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\4E0C45CE-172E-4455-A3F4-D4C210AEAF71\TransmogProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\4E0C45CE-172E-4455-A3F4-D4C210AEAF71\WimProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\7A9A8EF3-E0C2-4CCC-9B5A-B255D48A3A5B\ImagingProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\867E823A-03E9-41D5-B4F0-9BC2398A2169\en-US\IBSProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\867E823A-03E9-41D5-B4F0-9BC2398A2169\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\AppxProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\DismCorePS.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\DismProv.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\DmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\IBSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\MsiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\OSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\8A85566C-CAF2-4B43-862B-F81812139963\SetupPlatformProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\BC39974B-DD08-4D33-B156-BB76C3C9AB67\DismCore.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\C5A56F4B-993A-4728-AD15-734AD206E18B\OSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\C5A56F4B-993A-4728-AD15-734AD206E18B\SmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_11132_1513469899\4e07ca724ca5f9f1a358cf3414606f239204cefd0116b6d7c51cc4341b85cbfb.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1086337503\14399ef2aeb0bdc3d9fbfec7d4ef2d87b3d859f599fcbf845f0513c11e68e428.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1427864998\f912ab7a4134f4e24aa44cccdafb3006230ff0d14ef93de2cf2bb4e940845b98.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1483132464\e321caf00941392088cd861747d4b4d92a1a07b4eb987ca3d27d66b9af9a2b26.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1556873588\c8cbcc3e8a1e8fc23d7eb086558f135028c0b3bb3542408644b68d1f4343fa38.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1774778266\06e3c54b75018e361906d882eee449c6ead4f8db2665952fa28a2a406f5a208b.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_1982788834\42674fd4a8cc9a7aac32fd89389f64f4974744c8362c947116056e0203e49a22.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_2051779874\52ce0c7b89c01fd1c2bd08e3fd7f25371896bd253a037fec6491d3ec1124eb61.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_2127788416\03839086981499d0fd218fc68fbb18b352bd67793cb88b703423dd45b5ac6b98.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_275701061\a40d37a14b76caebb51d601335a37020a581b187ce27c3b937489a90f4bc66f9.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_485350323\9e485c3ed8fee913eaaf493ddd59cd4253c135857907bc9275ac54240efc8ac3.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_591149135\8455fcd476ec818386f8d8abef1b3add67b092a53a4a16a4613e7b35cd64526d.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_720595219\2875d17ad4625f2dc19a3c43d1ba060d28fd5b051ed3d8c6430e91a8bac9c998.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_802913907\339ac8f7beda9ba1aed6d6da84590b72497bb4bad647d447b6e30457dfd66044.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_902779858\db013f1ac0b7119540e3eec4c5357f4a1f600a183ba8616685e7407e989061b4.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_6312_909962362\6bffcf8bb7b395ce5e8a80206fd2de3d43cdbe661504babfd4ac5cf50e598c75.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\chrome_BITS_8868_777292872\c99ebfbd56b489e9eebdcceefc22c2ba6679b729ea9a97c9eb338e4c675e9094.puff
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\AppxProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\AssocProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\CbsProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\DismCore.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\DismCorePS.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\DismHost.exe
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\DismProv.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\DmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\FfuProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\FolderProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\GenericProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\IBSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\ImagingProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\IntlProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\LogProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\MsiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\OfflineSetupProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\OSProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\ProvProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\SetupPlatformProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\SmiProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\SysprepProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\TransmogProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\UnattendProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\VhdProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\WimProvider.dll
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\AppxProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\AssocProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\CbsProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\DismCore.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\DismProv.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\DmiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\FfuProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\FolderProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\GenericProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\IBSProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\ImagingProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\IntlProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\LogProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\MsiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\OfflineSetupProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\OSProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\ProvProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\SetupPlatformProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\SmiProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\SysprepProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\TransmogProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\UnattendProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\VhdProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\DDC98C6B-AC92-4ADD-AAFD-955AC671F535\en-US\WimProvider.dll.mui
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_13036_329540088\61b883c3-1673-4e93-88fa-c441982404b2
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_13832_1219681065\61b883c3-1673-4e93-88fa-c441982404b2
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_14344_51836325\8bd12207-18e3-4318-87d1-269806c66e8c
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_14344_970365581\85bce91a-39ca-4843-abf8-5aa76cac7994
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_15052_1434587686\85bce91a-39ca-4843-abf8-5aa76cac7994
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_15116_1029959288\61b883c3-1673-4e93-88fa-c441982404b2
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_15116_1193759854\2514c7d0-b437-44ad-8cd5-a3771bdfdafe
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_1206126374\873489b1-33b2-480a-baa2-641b9e09edcd
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_1299124084\ff81ac6d-1d96-4aa6-a59f-979dcf1459bb
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_1328935744\198da330-782c-4555-b1a2-9fd404f600a7
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_1437702768\12ed7c6f-b741-47d7-afa5-30f752dc978b
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_1796170053\5686322a-ffa9-43cd-98c7-9900dceae2d0
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_405292099\e9f8c500-8e5e-4ddd-9bef-4e0b522248e9
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_460583044\4643befd-79b8-4e0c-a2fb-c0e3ee78dcd5
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_471125401\1187695d-8276-4e31-8de1-9e57768989bd
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_567699289\7f41fcdb-a3ef-47d4-86cb-0f3555d3db82
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_2784_996806739\c50698d5-282c-4c8d-9fa6-c155f2d8d379
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_7616_209864664\61b883c3-1673-4e93-88fa-c441982404b2
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_9120_1418910447\01d00eb7-ae22-4601-b5b4-6bd76494c105
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_9120_424369772\85bce91a-39ca-4843-abf8-5aa76cac7994
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_9524_521121721\85bce91a-39ca-4843-abf8-5aa76cac7994
Deleted file - C:\Users\Micheal\AppData\Local\Temp\edge_BITS_9524_601721570\61b883c3-1673-4e93-88fa-c441982404b2
Deleted file - C:\Users\Micheal\AppData\Local\Temp\mbam\qt-jl-icons\1498f81f9d0.ico
Deleted file - C:\Users\Micheal\AppData\Local\Temp\mbam\qt-jl-icons\1498f81fa80.ico
Deleted file - C:\Users\Micheal\AppData\Local\Temp\mbam\qt-jl-icons\1498f81faa0.ico
Deleted file - C:\Users\Micheal\AppData\Local\Temp\mbam\qt-jl-icons\21107bf0c50.ico
Deleted file - C:\Users\Micheal\AppData\Local\Temp\mbam\qt-jl-icons\21107bf0cc0.ico

========= End of CMD: =========

==== End of Fixlog 11:33:47 ====

Oh My! · Oct 4, 2023

That looks good. Any remaining issues?

ManWarBear · Oct 4, 2023

As far as I can tell, no. All good. Thank you so much for helping me. I'm super relieved that there was nothing malware related.

Browser Refreshing Itself

ManWarBear Private First Class

Attached Files:

ManWarBear Private First Class

ManWarBear Private First Class

Attached Files:

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Attached Files:

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Attached Files:

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class

Oh My! Malware Expert Staff Member

ManWarBear Private First Class