Cant connect to websites

Is the command prompt thing a black box with something like users:john with a flashing prompt?

I did it. it says 1 file moved

Post the logs here, copy and paste so I can see.

Now Adware cleaner will be on your desktop. Right click and run as admin, then hit the scan button. Once it is complete clean all detected items.

I tried to copy it and it wouldnt. Im not sure where to find it now

Let’s move the text files and the program to the desktop. Copy and paste each of these commands into command prompt and hit enter after each.

move %userprofile%\Downloads\FRST.txt "%userprofile%\desktop

---

move %userprofile%\Downloads\Addition.txt "%userprofile%\desktop

---

move %userprofile%\Downloads\FRST64.exe "%userprofile%\desktop

---

move %userprofile%\Downloads\FRST.exe "%userprofile%\desktop

---

It is on the comp but nothing happens. I right click and hit run as admin then a box comes to allow it and i click allow then what looks like a command prompt box pops up but goes away in a second and nothing happens. I did have an old malware thing on my comp i forgot about. it scanned 312,000 files with no objects found. However, its very old and it wouldnt update to the latest version.

Ok. just move the addition.txt and FRST.txt files to your desktop and post them here. You can attach the files or copy and paste. To attach them, click the attach files button when you reply.
[ATTACH type=“full”]11006[/ATTACH]

Here it is copied

move %userprofile%\Downloads\FRST.exe "%userprofile%\desktop

You need to paste those commands into command prompt as you did before. that will move the files to your desktop.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2022
Ran by John (administrator) on SARAH-PC (Compaq-Presario GX618AA-ABA SR5350F) (14-12-2022 09:17:58)
Running from C:\Users\John\Downloads
Loaded Profiles: John
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(explorer.exe ->) (AOL Inc. → AOL Inc.) C:\Program Files\AIM\aim.exe
(explorer.exe ->) (Google Inc → Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Hewlett-Packard Company → Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(explorer.exe ->) (Hewlett-Packard Company) [File not signed] C:\hp\support\hpsysdrv.exe
(explorer.exe ->) (Intel Corporation → Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation → Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(explorer.exe ->) (Microsoft Windows → Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(explorer.exe ->) (Mozilla Corporation → Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <2>
(explorer.exe ->) (Oracle America, Inc. → Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(explorer.exe ->) (OsdMaestro) [File not signed] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(explorer.exe ->) (Yahoo! Inc. → Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(services.exe ->) (Adobe Systems, Incorporated → Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (AVAST Software s.r.o. → AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (Microsoft Windows → Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(svchost.exe ->) (Intel Corporation → Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(svchost.exe ->) (Microsoft Windows → Microsoft Corporation) C:\WINDOWS\System32\mobsync.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Windows → Microsoft Corporation)
HKLM...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) [File not signed]
HKLM...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro) [File not signed]
HKLM...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Microsoft Windows Hardware Compatibility Publisher → Realtek Semiconductor)
HKLM...\Run: =>
HKLM...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-02-18] (Hewlett-Packard Company → Hewlett-Packard)
HKLM...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54680 2009-03-08] (Sun Microsystems, Inc. → Sun Microsystems, Inc.)
HKLM...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated → Adobe Systems Incorporated)
HKLM...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle America, Inc. → Oracle Corporation)
HKLM...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2008-01-19] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-20...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2008-01-19] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Windows → Microsoft Corporation)
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4363504 2009-01-08] (Yahoo! Inc. → Yahoo! Inc.)
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000...\Run: [Aim] => C:\Program Files\AIM\aim.exe [4156312 2017-02-23] (AOL Inc. → AOL Inc.)
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000...\Run: [AvastBrowserIsDefault] => “C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector .exe” --force-protect (No File)
HKLM...\Windows NT x86\Print Processors\winprint: localspl.dll (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] → C:\Program Files\Google\Chrome\Application\49.0.2623.112\Inst aller\chrmstp.exe [2022-03-23] (Google Inc → Google Inc.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {33047591-8B4F-4E15-A0CF-4B4A30556B90} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
Task: {6F5E79BC-5451-4BE4-8858-F7F7B4B1B754} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe (No File)
Task: {7AF197DA-602F-486C-BD9B-8328544A7E5C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_ 0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. → Adobe) [File not signed]
Task: {7C040E69-E581-4AC7-8EB4-91071E0C4223} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-08-09] (Google Inc → Google Inc.)
Task: {82D27DDD-CDE9-4646-8F0E-62E5BACA334D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-08-09] (Google Inc → Google Inc.)
Task: {9AE06C97-3310-4680-BE3B-FEE61B6440FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2020-12-08] (Adobe Inc. → Adobe) [File not signed]
Task: {A0364B18-9C67-4642-A27D-19F8E1364E9D} - System32\Tasks\PC-Doctor\Scheduled Maintanence => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [73728 2007-06-25] (PC-Doctor, Inc.) [File not signed]
Task: {C33B7959-E56A-475B-BCD0-562348DC4289} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1630008 2018-05-31] (AVAST Software s.r.o. → AVAST Software)
Task: {E2A93A77-9013-4FB4-9718-72BBA2998F23} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2762968 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
Task: {EC2DD444-24FC-414F-B116-674077F8029E} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => Command(1): C:\Windows\servicing\vsp1ceip.exe [175104 [2008-01-19]] (Microsoft Windows → Microsoft Corporation)
Task: {F0C37474-8AF1-4947-8556-6C4C06128A88} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\User_Feed_Synchronization-{2216E477-7DEF-4482-AD03-D42193D074E7}.job => C:\Windows\system32\msfeedssync.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip..\Interfaces{73B646CC-8C74-4151-84F9-23E4B03FD810}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Prof iles\su7k0ty2.default-1670861870862 [2022-12-14]
FF HKLM...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer → C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_ 465.dll [2020-12-08] (Adobe Inc. → ) [File not signed]
FF Plugin: @java.com/DTPlugin,version=11.91.2 → C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1. dll [2016-05-10] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 → C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle America, Inc. → Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 → C:\Program Files\Yahoo!\Shared\npYState.dll [2009-01-08] (Yahoo! Inc. → Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 → c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation → Microsoft Corporation)
FF Plugin: Adobe Reader → C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated → Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2022-12-14]
CHR Notifications: Default → hxxps://www.facebook.com; hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-08-09]
CHR Extension: (Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2020-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-01]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-25]
CHR HKLM...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2020-12-08] (Adobe Inc. → Adobe) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6799632 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Windows → Microsoft Corporation)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [386560 2007-10-18] (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.)
S2 avast; “C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe” /svc
S3 avastm; “C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe” /medsvc

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software s.r.o. → AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-18] (AVAST Software s.r.o. → AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-05-23] (AVAST Software s.r.o. → AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-05-23] (AVAST Software s.r.o. → AVAST Software)
R3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-21] (AVAST Software s.r.o. → AVAST Software)
R3 HSF_DP; C:\Windows\System32\DRIVERS\HSX_DP.sys [980992 2008-05-08] (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.)
R3 HSXHWBS2; C:\Windows\System32\DRIVERS\HSXHWBS2.sys [266752 2008-05-08] (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.)
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows → Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows → Integrated Technology Express, Inc.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Microsoft Windows Hardware Compatibility Publisher → Conexant)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows → LSI Logic Corporation)
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows → N-trig Innovative Technologies)
R3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [91648 2007-08-03] (Microsoft Windows Hardware Compatibility Publisher → Realtek Corporation)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2009-01-23] (Acronis, Inc → Acronis)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [235112 2006-11-02] (Microsoft Windows → ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows → Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2006-11-02] (Microsoft Windows → Promise Technology, Inc.)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-01] (Microsoft Windows Hardware Compatibility Publisher → America Online, Inc.)
R3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [661504 2008-05-08] (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio.sys [8704 2007-10-18] (Microsoft Windows Hardware Compatibility Publisher → Conexant Systems, Inc.)
S3 謌챊젳২精诿ﱊ젳￨靖룿栨旟૩ﯦ쳿쳌쳌䶋菰Ӂ䗩诿솃郊￬咋ࠤ䊍謌젳짨靖룿桤旟퓩ﯥ쳿쳌쳌쳌쳌쳌쳌쳌 ⡪䖋僤靖菿ࣄ诃觩诿삃倌䖋僠秨菿ࣄ诃༁಄HdsKe; C:\Windows\system32\drivers\謌챊젳২精诿ﱊ젳￨靖룿栨旟૩ﯦ쳿쳌쳌䶋菰Ӂ䗩 诿솃郊￬咋ࠤ䊍謌젳짨靖룿桤旟퓩ﯥ쳿쳌쳌쳌쳌쳌쳌쳌⡪䖋僤靖菿ࣄ诃觩诿삃倌䖋僠秨菿ࣄ诃 ༁಄HdsKe.sys [84928 2017-09-07] (AVAST Software) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys
S3 IpInIp; system32\DRIVERS\ipinip.sys
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys
S3 SymIM; system32\DRIVERS\SymIM.sys
S3 SymIMMP; system32\DRIVERS\SymIM.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-14 09:17 - 2022-12-14 09:17 - 002078720 _____ (Farbar) C:\Users\John\Downloads\FRST(2).exe
2022-12-14 08:53 - 2022-12-14 08:56 - 000009280 _____ C:\Users\John\Downloads\Addition.txt
2022-12-14 08:49 - 2022-12-14 09:20 - 000018312 _____ C:\Users\John\Downloads\FRST.txt
2022-12-14 08:49 - 2022-12-14 08:49 - 002078720 _____ (Farbar) C:\Users\John\Downloads\FRST(1).exe
2022-12-14 08:48 - 2022-12-14 08:48 - 002375680 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2022-12-14 08:46 - 2022-12-14 09:19 - 000000000 ____D C:\FRST
2022-12-14 08:46 - 2022-12-14 08:46 - 002078720 _____ (Farbar) C:\Users\John\Downloads\FRST.exe
2022-12-14 08:36 - 2022-12-14 08:36 - 008791352 _____ (Malwarebytes) C:\Users\John\Downloads\adwcleaner.exe
2022-12-14 08:30 - 2022-12-14 08:30 - 002821616 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup(5).exe
2022-12-14 08:29 - 2022-12-14 08:29 - 002821640 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup(4).exe
2022-12-14 08:03 - 2022-12-14 08:03 - 002821616 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup(3).exe
2022-12-14 08:02 - 2022-12-14 08:02 - 002821640 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup(2).exe
2022-12-14 07:37 - 2022-12-14 07:38 - 002821952 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup(1).exe
2022-12-13 16:32 - 2022-12-13 16:32 - 002821976 _____ (Opera Software) C:\Users\John\Downloads\OperaSetup.exe
2022-12-12 11:18 - 2022-12-12 11:18 - 000000000 ____D C:\Users\John\Desktop\Old Firefox Data
2022-12-12 02:15 - 2022-12-12 02:15 - 000145216 _____ C:\Windows\Minidump\Mini121222-01.dmp
2022-12-04 08:25 - 2022-12-04 08:25 - 000145216 _____ C:\Windows\Minidump\Mini120422-01.dmp
2022-12-01 18:40 - 2022-12-01 18:40 - 000145216 _____ C:\Windows\Minidump\Mini120122-01.dmp
2022-12-01 08:33 - 2018-11-21 04:46 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-11-27 20:43 - 2022-11-27 20:43 - 000145216 _____ C:\Windows\Minidump\Mini112722-01.dmp
2022-11-25 15:46 - 2022-11-25 15:46 - 000145216 _____ C:\Windows\Minidump\Mini112522-01.dmp
2022-11-24 13:53 - 2022-11-24 13:53 - 000145216 _____ C:\Windows\Minidump\Mini112422-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-14 09:15 - 2016-11-16 18:21 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla
2022-12-14 08:30 - 2006-11-02 07:47 - 000003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-14 08:30 - 2006-11-02 07:47 - 000003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-14 08:28 - 2015-02-18 02:48 - 000000000 ____D C:\Program Files\Google
2022-12-14 07:39 - 2015-09-30 15:49 - 000098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2022-12-14 05:42 - 2006-11-02 06:18 - 000000000 ____D C:\Windows\inf
2022-12-13 08:36 - 2017-02-01 19:12 - 000000000 ___SD C:\Users\John\AppData\LocalLow\Temp
2022-12-13 07:43 - 2018-06-21 06:20 - 000000000 ____D C:\Users\John\AppData\Local\AVAST Software
2022-12-12 10:30 - 2006-11-02 08:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-12 10:29 - 2006-11-02 08:01 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-12-12 02:15 - 2008-08-01 14:35 - 000000000 ____D C:\Windows\Minidump
2022-12-12 02:14 - 2019-01-01 18:18 - 230307517 _____ C:\Windows\MEMORY.DMP
2022-12-10 21:11 - 2017-12-06 09:06 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-12-10 21:11 - 2017-08-09 22:31 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineU A
2022-12-10 21:11 - 2017-08-09 22:31 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineC ore
2022-12-09 13:56 - 2011-05-14 04:56 - 000000000 ____D C:\Users\John\AppData\Roaming\HpUpdate
2022-12-08 18:41 - 2017-03-01 13:20 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-12-01 08:36 - 2017-01-31 18:26 - 000001835 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-11-30 23:31 - 2008-05-28 14:26 - 000000000 ____D C:\Users\John
2022-11-30 23:31 - 2006-11-02 06:18 - 000000000 ____D C:\Windows\system32\spool
2022-11-30 23:31 - 2006-11-02 06:18 - 000000000 ____D C:\Windows\system32\Msdtc
2022-11-30 23:31 - 2006-11-02 06:18 - 000000000 ____D C:\Windows\registration
2022-11-30 23:31 - 2006-11-02 05:22 - 033554432 _____ C:\Windows\system32\config\software_previous
2022-11-30 23:31 - 2006-11-02 05:22 - 028573696 _____ C:\Windows\system32\config\system_previous
2022-11-30 23:26 - 2006-11-02 05:22 - 039583744 _____ C:\Windows\system32\config\components_previous
2022-11-30 23:26 - 2006-11-02 05:22 - 000053248 _____ C:\Windows\system32\config\sam_previous
2022-11-30 20:22 - 2006-11-02 05:22 - 000524288 _____ C:\Windows\system32\config\default_previous
2022-11-30 20:22 - 2006-11-02 05:22 - 000020480 _____ C:\Windows\system32\config\security_previous

==================== Files in the root of some directories ========

2010-10-18 11:59 - 2014-07-15 08:03 - 000003688 _____ () C:\Users\John\AppData\Roaming\wklnhst.dat
2010-04-11 20:10 - 2010-04-11 20:16 - 000010032 ___SH () C:\Users\John\AppData\Local\0CMR8yFmkXh
2011-07-05 19:55 - 2011-07-05 19:55 - 000001558 ___SH () C:\Users\John\AppData\Local\1hu4i5i6c1wx6ngdh3brb4 vh33mo74i8k66043
2008-05-28 14:59 - 2022-05-31 09:00 - 000005892 _____ () C:\Users\John\AppData\Local\d3d9caps.dat
2009-01-23 18:47 - 2014-08-28 23:05 - 000007680 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-29 14:09 - 2011-05-29 14:17 - 000011864 ___SH () C:\Users\John\AppData\Local\e32lig0acfqskqq
2012-01-11 21:35 - 2012-01-11 21:41 - 000008642 ___SH () C:\Users\John\AppData\Local\q3k132b461d0vlmjgwe342 3qks888wt4i067x
2010-02-11 07:57 - 2010-02-11 08:06 - 000007446 ___SH () C:\Users\John\AppData\Local\R4AlO7HdsW5
2021-10-21 05:01 - 2021-10-21 05:01 - 000000000 _____ () C:\Users\John\AppData\Local{BF478C30-F17C-40D8-8397-984D790151A8}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2022-12-13 22:56
==================== End of FRST.txt ========================

[HEADING=1]This might be the same thing
move %userprofile%\Downloads\FRST.exe "%userprofile%\desktopAdditional scan result of Farbar Recovery Scan Tool (x86) Version: 11-12-2022
Ran by John (14-12-2022 09:20:49)
Running from C:\Users\John\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) (2008-05-28 22:18:41)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2314338359-2121603862-2684469121-500 - Administrator - Disabled)
Guest (S-1-5-21-2314338359-2121603862-2684469121-501 - Limited - Disabled)
John (S-1-5-21-2314338359-2121603862-2684469121-1000 - Administrator - Enabled) => C:\Users\John

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader X (10.1.16) (HKLM...{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AIM 7 (HKLM...\AIM_7) (Version: - )
AIM Toolbar (HKLM...\AIM Toolbar) (Version: - )
AusLogics Disk Defrag (HKLM...{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}is1) (Version: version 1.5 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Update Helper (HKLM...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
Compatibility Pack for the 2007 Office system (HKLM...{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM...{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1019 - CyberLink Corp.)
Download Updater (AOL Inc.) (HKLM...\SoftwareUpdUtility) (Version: - AOL Inc.)
Google Chrome (HKLM...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Hardware Diagnostic Tools (HKLM...\PC-Doctor 5 for Windows) (Version: 5.00.4589.14 - PC-Doctor, Inc.)
Hewlett-Packard Active Check (HKLM...{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (HKLM...{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 2.0.62.5 - HP) Hidden
HP Advisor (HKLM...{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM...{AFAD41A9-9687-48A3-848F-693C11451433}) (Version: 5.4.0.2360 - Hewlett-Packard)
HP Customer Feedback (HKLM...{9DBA770F-BF73-4D39-B1DF-6035D95268FC}) (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Easy Setup - Frontend (HKLM...{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM...\OsdMaestro) (Version: - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Update (HKLM...{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM...\HDMI) (Version: - )
Java 8 Update 91 (HKLM...{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 10.6.5 Basic (HKLM...\KLiteCodecPack_is1) (Version: 10.6.5 - )
LabelPrint (HKLM...{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2209 - CyberLink Corp.)
LightScribe System Software (HKLM...{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
LightScribe Template Labeler (HKLM...{3EBA6E7C-3DF6-48AE-B87B-4CAFB2C1C3F7}) (Version: 1.10.13.1 - LightScribe)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM...{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}) (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM...{3C3901C5-3455-3E0A-A214-0B093A5070A6}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM...{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.363 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM...{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 52.9.0 ESR (x86 en-US) (HKLM...\Mozilla Firefox 52.9.0 ESR (x86 en-US)) (Version: 52.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 52.9.0.6746 - Mozilla)
MSN (HKLM...\MSNINST) (Version: - )
muvee autoProducer 6.1 (HKLM...{E8C2622C-9FF1-4F60-8008-A0208154F9F3}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
Power2Go (HKLM...{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3417 - CyberLink Corp.)
PowerDirector (HKLM...\InstallShield{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209 - CyberLink Corp.)
Python 2.5 (HKLM...{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
Realtek High Definition Audio Driver (HKLM...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5548 - Realtek Semiconductor Corp.)
RTC Client API v1.2 (HKLM...{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Snapfish Picture Mover (HKLM...{029B5901-1F27-4347-9923-E8ACC8F54E15}) (Version: 1.9.0.16 - HP Snapfish)
Soft Data Fax Modem with SmartCP (HKLM...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_2 00C14F1) (Version: 7.74.00 - Conexant Systems)
Visual Studio 2012 x86 Redistributables (HKLM...{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WeatherBug Gadget (HKLM...{209CDA54-D390-46A2-A97C-7BF61734418D}) (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
Yahoo! Messenger (HKLM...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000_Classes\CLSID{47198917-0962-7895-9795-211497132047}\InprocServer32 → C:\Users\John\AppData\Local\Temp\npd.dll => No File
CustomCLSID: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000_Classes\CLSID{51906541-9778-0483-4923-241141919285}\InprocServer32 → C:\Users\John\AppData\Local\Temp\npd.dll => No File
CustomCLSID: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000_Classes\CLSID{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 → C:\Program Files\AOL 9.0\axtrack.dll => No File
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Windows → Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-21] (AVAST Software s.r.o. → AVAST Software)
ContextMenuHandlers1: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-21] (AVAST Software s.r.o. → AVAST Software)
ContextMenuHandlers3: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-21] (AVAST Software s.r.o. → AVAST Software)
ContextMenuHandlers5: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-03-25] (Microsoft Windows Hardware Compatibility Publisher → Intel Corporation)
ContextMenuHandlers6: [avast] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-11-21] (AVAST Software s.r.o. → AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-01-31 18:23 - 2017-01-31 18:23 - 048936448 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\libcef.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 000102400 _____ () [File not signed] C:\Program Files\Yahoo!\Messenger\clientmanager.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 000913408 _____ () [File not signed] C:\Program Files\Yahoo!\Messenger\yui.dll
2017-08-09 23:28 - 2016-09-06 11:00 - 000147456 _____ () [File not signed] C:\Users\John\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2017-08-09 23:28 - 2016-09-06 11:00 - 005197312 _____ () [File not signed] C:\Users\John\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2020-12-08 21:07 - 2020-12-08 21:07 - 020518968 ____R (Adobe Inc. → Adobe) [File not signed] [File is in use] C:\Windows\system32\Macromed\Flash\Flash32_32_0_0_ 465.ocx
2017-02-23 16:47 - 2017-02-23 16:47 - 000752128 _____ (AOL Inc.) [File not signed] [File is in use] C:\Program Files\AIM\acccore.dll
2017-02-23 16:47 - 2017-02-23 16:47 - 001208320 _____ (AOL Inc.) [File not signed] C:\Program Files\AIM\coolcore61.dll
2017-02-23 16:47 - 2017-02-23 16:47 - 000252928 _____ (AOL Inc.) [File not signed] C:\Program Files\AIM\xprt6.dll
2010-01-06 01:03 - 2010-01-06 01:03 - 000163840 _____ (AOL Inc.) [File not signed] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000477080 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\arPot.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000378264 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswArray.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000566680 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswCmnBS.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000440728 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswCmnIS.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000172952 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswCmnOS.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 001753496 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswEngin.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000613784 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswFiDb.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000741272 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\aswRep.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000066456 _____ (Avast Software s.r.o. → Avast Software) [File not signed] [File is in use] C:\Program Files\AVAST Software\Avast\defs\22121402\uiExt.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 000559000 _____ (Avast Software s.r.o. → Avast Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\22121402\aswCleanerDLL.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 005220056 _____ (Avast Software s.r.o. → AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\22121402\bcuengine.dll
2022-12-14 07:21 - 2022-12-14 07:21 - 002467224 _____ (Avast Software s.r.o. → AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\22121402\swhealthex2.dll
2018-10-22 02:58 - 2018-10-22 02:58 - 002387776 _____ (AVAST Software s.r.o. → The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll
2018-10-22 02:58 - 2018-10-22 02:58 - 000512832 _____ (AVAST Software s.r.o. → The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\libssl-1_1.dll
2009-03-17 12:25 - 2009-03-17 12:25 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2009-03-17 12:25 - 2009-03-17 12:25 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000163840 _____ (Netscape Communications Corporation) [File not signed] C:\Program Files\Yahoo!\Messenger\nspr4.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 001339392 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\res_msgr.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 000200704 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\RGX.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000184320 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YAlertCenterM.DLL
2009-01-25 11:21 - 2009-01-08 19:38 - 001056768 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YCPFoundation.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000761856 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YCPSSL.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000286720 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YHTTP.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000270336 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YImage.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 000053248 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\ylog.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 000032768 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YML.dll
2009-01-25 11:22 - 2009-01-08 19:38 - 001486848 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YMSGLite.dll
2009-01-25 11:21 - 2009-01-08 19:38 - 000475136 _____ (Yahoo! Inc.) [File not signed] C:\Program Files\Yahoo!\Messenger\YPluginRegistry.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
URLSearchHook: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 - (No Name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} - No File
SearchScopes: HKLM → DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM → {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationT ype=tb50trie7
SearchScopes: HKLM → {55C1D719-5274-4281-A484-D799AE2BA7E5} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt
SearchScopes: HKLM → {6FFC5051-438A-4405-9F3C-54DFE9532F52} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKLM → {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationT ype=tb50trie7
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → {55C1D719-5274-4281-A484-D799AE2BA7E5} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-psdt
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → {6FFC5051-438A-4405-9F3C-54DFE9532F52} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → {8f6ecace-7280-4a70-834a-38c6fca77ee7} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationT ype=bu10aiminstabie7
SearchScopes: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO: No Name → {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} → No File
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle America, Inc. → Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle America, Inc. → Oracle Corporation)
Toolbar: HKLM - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2314338359-2121603862-2684469121-1000 → No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation → Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2022-12-14 07:18 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\Path → C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\s ystem32;%SystemRoot%;%SystemRoot%\System32\Wbem;C: \hp\bin\Python;%SYSTEMROOT%\System32\WindowsPowerS hell\v1.0
HKU\S-1-5-21-2314338359-2121603862-2684469121-1000\Control Panel\Desktop\Wallpaper → C:\Windows\web\Wallpaper\img24.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish Media Detector.lnk => C:\Windows\pss\Snapfish Media Detector.lnk.CommonStartup
MSCONFIG\startupreg: ApnUpdater => “C:\Program Files\Ask.com\Updater\Updater.exe”
MSCONFIG\startupreg: HP Health Check Scheduler => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) C:\Windows\system32\dfsr.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) C:\Windows\system32\dfsr.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [WinCollab-Out-UDP] => (Allow) C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Windows → Microsoft Corporation)
FirewallRules: [{E8483AA0-B6A2-4E65-8E1A-487AF1D60F96}] => (Allow) c:\Program Files\Cyberlink\PowerDirector\PDR.EXE (CyberLink → CyberLink Corp.)
FirewallRules: [{FF70F5DB-A77F-4995-82F4-F392FE088383}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{7CA489F2-040E-4A14-B3CE-841374A39D14}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{6C9B8201-7929-4920-92D0-FBF369AB8F02}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{793C14E1-E9F1-43A0-81E3-5990CECA9272}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{409E208E-3A8E-4C91-A4EA-CF32EC792BE1}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{32E8602A-B424-4804-8652-6DD5FCE87884}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe (EarthLink → EarthLink, Inc.)
FirewallRules: [{C133EC92-F266-4770-AE47-0907D744B98D}] => (Allow) C:\Program Files\AOL\RC\regclient.exe => No File
FirewallRules: [{20DBAB36-0150-4D56-BC7D-54541BE99CD0}] => (Allow) C:\Program Files\AOL\RC\regclient.exe => No File
FirewallRules: [{409BA08A-77F4-4A4D-992F-B6A8C2BEA8B5}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLDial.exe => No File
FirewallRules: [{8B5638FA-DE84-45C7-9BC6-978A743378C4}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLDial.exe => No File
FirewallRules: [{DF95CEE6-1067-4A15-AF9E-814CE1FA82E6}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLacsd.exe => No File
FirewallRules: [{028FE028-17D8-4F17-86B2-A75431342C79}] => (Allow) C:\Program Files\Common Files\aol\acs\AOLacsd.exe => No File
FirewallRules: [{034FF40F-BEF0-41DF-A275-9ADDA0E1B9D2}] => (Allow) C:\Program Files\AOL 9.0\waol.exe => No File
FirewallRules: [{F3AE08AF-70CD-4291-8B8B-F12AD64A57BC}] => (Allow) C:\Program Files\AOL 9.0\waol.exe => No File
FirewallRules: [{C2375134-BB0B-4A77-B2D0-F77CBBC733B4}] => (Allow) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe => No File
FirewallRules: [{B74C0255-0363-4721-9ECE-FBDCEDDE3008}] => (Allow) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe => No File
FirewallRules: [{D2DFA983-1E8D-460E-89CB-0352F1AB2BA8}] => (Allow) C:\Program Files\Common Files\aol\Loader\aolload.exe (AOL Inc. → AOL Inc.)
FirewallRules: [{32AFA6F4-899C-4C3C-9130-749E79257543}] => (Allow) C:\Program Files\Common Files\aol\Loader\aolload.exe (AOL Inc. → AOL Inc.)
FirewallRules: [{887358AC-FFBB-4D2D-AA5A-BC075B527666}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe => No File
FirewallRules: [{13BFD45F-CF68-4EE8-AB8F-798534491DC6}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe => No File
FirewallRules: [{4B02A4DA-033C-446D-9CBA-8F15BE579CF8}] => (Allow) C:\Program Files\AOL\RC\regclient.exe => No File
FirewallRules: [{7874A038-C8C4-4AC3-8E31-A2E7256564E7}] => (Allow) C:\Program Files\AOL\RC\regclient.exe => No File
FirewallRules: [{59A90F23-9877-45CD-A803-CDE2A96E6F8F}] => (Allow) C:\Program Files\Common Files\aol\ACS\AOLDial.exe => No File
FirewallRules: [{144F2593-F905-49C8-AC64-E06BED99271E}] => (Allow) C:\Program Files\Common Files\aol\ACS\AOLDial.exe => No File
FirewallRules: [{BC18F993-9262-4132-8699-D07D226CE809}] => (Allow) C:\Program Files\Common Files\aol\ACS\AOLacsd.exe => No File
FirewallRules: [{1E5BA508-903A-4F15-8E9E-35FBFB97BF10}] => (Allow) C:\Program Files\Common Files\aol\ACS\AOLacsd.exe => No File
FirewallRules: [{FACA43AB-EF9E-44C0-8075-8F53F77541CC}] => (Allow) C:\Program Files\AOL 9.0\waol.exe => No File
FirewallRules: [{6862ABA1-CD2D-445C-B923-3BA9E6143310}] => (Allow) C:\Program Files\AOL 9.0\waol.exe => No File
FirewallRules: [{B7319344-442A-416B-9DB7-D0CAE33DE301}] => (Allow) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe => No File
FirewallRules: [{3C1CD680-FC89-4B2B-BC29-900E787123AD}] => (Allow) C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe => No File
FirewallRules: [{B862DD3D-630A-478D-9901-8D589C31EB1C}] => (Allow) C:\Program Files\Common Files\aol\Loader\aolload.exe (AOL Inc. → AOL Inc.)
FirewallRules: [{18954565-0C09-4879-942F-5DD029B03AB8}] => (Allow) C:\Program Files\Common Files\aol\Loader\aolload.exe (AOL Inc. → AOL Inc.)
FirewallRules: [{6E42CD65-F903-4BD4-8EEC-1ADD17BF0914}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe => No File
FirewallRules: [{5DDE8334-035E-490C-AB30-12440EF16748}] => (Allow) C:\Program Files\Common Files\aol\System Information\sinf.exe => No File
FirewallRules: [{282E5F63-F2DE-4390-990C-31EDBDF45A97}] => (Allow) C:\Program Files\Common Files\aol\1212182531\ee\aolsoftware.exe => No File
FirewallRules: [{CA5E833B-4277-4352-832F-AB028D206023}] => (Allow) C:\Program Files\Common Files\aol\1212182531\ee\aolsoftware.exe => No File
FirewallRules: [{C86B1F57-57D4-45E2-AB94-0A02254EA863}] => (Allow) C:\Program Files\AIM6\aim6.exe => No File
FirewallRules: [{30D77DDD-3A5B-411C-A015-B783C97EBA4F}] => (Allow) C:\Program Files\AIM6\aim6.exe => No File
FirewallRules: [TCP Query User{33B25B29-68F1-4854-89D9-99CBA08971B1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [UDP Query User{B4C7D4F5-239B-43BA-9A0E-231DD5044C73}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation → Microsoft Corporation)
FirewallRules: [{60D32775-8659-4D06-B54C-3B6171048679}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. → Yahoo! Inc.)
FirewallRules: [{8B1743DE-136A-4409-90EC-8BBACEFEAF0A}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. → Yahoo! Inc.)
FirewallRules: [TCP Query User{85AAFA08-706B-49E1-999B-B5FF8BD3AA6D}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe => No File
FirewallRules: [UDP Query User{AF2C37B3-6DFE-441F-870C-FF59F0AC308E}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe => No File
FirewallRules: [{4F87DBE6-6356-42F1-824B-BDCF6BDFBB9F}] => (Allow) C:\Program Files\AIM\aim.exe (AOL Inc. → AOL Inc.)
FirewallRules: [{98E15AFD-DED9-4FE8-B9CF-D50DE8A89A1E}] => (Allow) C:\Program Files\AIM\aim.exe (AOL Inc. → AOL Inc.)
FirewallRules: [TCP Query User{370899B0-DC0F-4C66-A99D-862E3F33507D}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe (Microsoft Windows Component Publisher → Microsoft Corporation)
FirewallRules: [UDP Query User{6B4D3CD6-142F-42B2-80D9-BCFCF612DE37}C:\windows\system32\wuauclt.exe] => (Block) C:\windows\system32\wuauclt.exe (Microsoft Windows Component Publisher → Microsoft Corporation)
FirewallRules: [{857D3169-708F-4F8D-BA1F-E6CCF850BF2C}] => (Allow) LPort=80
FirewallRules: [{205B24DF-41BD-4198-AB65-428419E931C9}] => (Allow) LPort=80
FirewallRules: [{7AC26C43-F94F-47C3-A07C-07F39E26E8C9}] => (Allow) LPort=80
FirewallRules: [{2F1C4541-2B64-4B4A-8EA8-0F3ED7B890C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{6D78CD1A-7F6A-4A87-A8AE-46A55023C5E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [TCP Query User{A5E60A3B-4561-424E-8A18-174F42E21003}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [UDP Query User{EB8C3515-5A35-4A71-A72B-F5E61F7E2008}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{2F134E04-97DC-49A8-B255-2B36AE9A218C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{65921389-A4FF-4AF2-B28E-9A38485FE263}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation → Mozilla Corporation)
FirewallRules: [{7A079647-21C6-4286-9747-39ECC71EB2CA}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{C679F87D-AC18-409F-8F53-8138C5E43D83}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{5930E0D1-F887-4C3D-AFA7-663F001D3755}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe => No File
FirewallRules: [{9DCEE7C7-A0AC-48AD-83A9-C1055C5ABA0D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc → Google Inc.)
FirewallRules: [{7CFFBEFF-43DB-4A1C-8833-27560307053A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. → AVAST Software)
FirewallRules: [{2F3596B0-FED9-43BD-A9A0-AD47A640FA32}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. → AVAST Software)
StandardProfile\AuthorizedApplications: [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe] => Enabled:Earthlink

==================== Restore Points =========================

02-12-2022 15:36:16 Scheduled Checkpoint
03-12-2022 03:52:25 Scheduled Checkpoint
03-12-2022 15:53:03 Scheduled Checkpoint
04-12-2022 11:00:08 Scheduled Checkpoint
04-12-2022 23:40:54 Scheduled Checkpoint
06-12-2022 00:00:11 Scheduled Checkpoint
06-12-2022 15:02:03 Scheduled Checkpoint
07-12-2022 16:22:41 Scheduled Checkpoint
08-12-2022 05:55:34 Scheduled Checkpoint
09-12-2022 13:16:18 Scheduled Checkpoint
10-12-2022 16:41:37 Scheduled Checkpoint
12-12-2022 04:01:08 Scheduled Checkpoint
14-12-2022 00:34:53 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft 6to4 Adapter #3
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{F05BCA3E-C3F5-4180-9854-C7D45E1D1F7F}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{51C707ED-47E5-4CD2-9358-696DFB65C052}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: isatap.{D198F27B-6061-4FB6-BF4D-9C66D7E0C0D3}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: ========================
[HEADING=1]Application errors:[/HEADING]
Error: (12/14/2022 09:30:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
.

Error: (12/14/2022 09:30:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
.

Error: (12/14/2022 09:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
.

Error: (12/14/2022 09:30:14 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
.

Error: (12/14/2022 09:08:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST(1).exe version 11.12.2022.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 15a8
Start Time: 01d90fc2e1e4f190
Termination Time: 31

Error: (12/14/2022 09:06:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application firefox.exe, version 52.9.0.6746, time stamp 0x5b2bbbea, faulting module mozglue.dll, version 52.9.0.6746, time stamp 0x5b2bbbde, exception code 0x80000003, fault offset 0x0000fb33,
process id 0x1294, application start time 0x01d90edcb01cf184.

Error: (12/14/2022 09:06:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 52.9.0.6746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: bfc
Start Time: 01d90edc94dfad44
Termination Time: 18181

Error: (12/14/2022 08:29:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
.
[HEADING=1]System errors:[/HEADING]
==================== Memory info ===========================

BIOS: American Megatrends Inc. 5.16 10/01/2007
Motherboard: ASUSTeK Computer INC. Lancaster8
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz
Percentage of memory in use: 94%
Total physical RAM: 2038.64 MB
Available physical RAM: 103.16 MB
Total Virtual: 4890.55 MB
Available Virtual: 991.12 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:326.01 GB) (Free:241.9 GB) (Model: ST3360320AS ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.34 GB) (Free:1.26 GB) (Model: ST3360320AS ATA Device) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ====================

================================================== ========
Disk: 0 (Size: 335.4 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Ok, good give me a minute to go over this.

I wanted to add occasionally a pop up will appear to find updates for drivers. When i click to find updates it always fails. Also, should i try another one of those browsers other than opera and could you send a link to opera 36. Its pretty confusing and i might not be trying to download the right opera. You are awesome for all the help.

No lets just focus on this right now, you do not need to download anything while we do this unless instructed to do so by me while we complete this process.