CreateRestorePoint:
Task: {4F5DC897-BD95-4BC2-B238-5CB679979FEE} - System32\Tasks\{6C7D338A-2E1E-4972-A35D-4978246CF85D} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
Task: {882D04AF-C293-432A-A82C-08C804DF41D9} - System32\Tasks\{3210778E-5496-4C77-A527-F3271C956218} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
Task: {9D5EE1DC-9316-45A3-B827-3BCBD0D7FF7B} - System32\Tasks\{682D6941-A475-423A-93C2-5474B3F39685} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
Task: {D59C3ED1-688E-4E7A-9AD0-63F099B6325B} - System32\Tasks\{8EB10212-CDB5-4C54-B0D9-CFF150C2548B} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
FirewallRules: [{6DC57B63-5F82-4C4B-B21F-B4ED8AE30B8F}] => (Allow) svchost.exe
FirewallRules: [{9C755D83-ECBD-4C97-BAE6-1AF8B2AC4F18}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgemc.exe
FirewallRules: [{B1084A64-360F-4130-BFE7-0A86997D1B85}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgupd.exe
FirewallRules: [{9E3BA463-E4AE-404A-956C-B3C7E4402131}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
FirewallRules: [TCP Query User{8239AE58-5A7A-4CE7-B5D5-E7CFC5F180F0}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{F460941F-59B9-4E74-850D-7EEDCC4BDA00}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{7559F51F-A7C6-485A-AD7C-E56F25DE4756}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{289FE499-7570-4B89-8501-4E8BDDC532EF}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{2A4F61AC-AC2F-4DAA-B1AA-E3C2C6AEF524}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [UDP Query User{3787462F-FB42-4515-91C3-F11FBE6B6EFF}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [TCP Query User{4724D3AE-6D7A-46AF-AC63-BA10519530B3}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [UDP Query User{AF668C6A-9A95-453C-98EF-0DDB3CD4E34B}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [TCP Query User{700C3F65-997C-414F-9222-0876ECFEEA09}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
FirewallRules: [UDP Query User{41AE2CEA-842D-4D9F-8B00-36B97F187635}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
AppInit_DLLs: avgrssta.dll => C:\WINDOWS\system32\avgrssta.dll [13048 2010-08-01] (AVG Technologies CZ, s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
2015-09-11 14:32 - 2015-09-11 14:33 - 04923920 _____ (McAfee, Inc.) C:\Users\Adams\Desktop\MCPR.exe
2015-09-11 14:32 - 2015-09-11 14:32 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe
C:\Users\Test Virus Account
2015-08-31 11:59 - 2015-08-31 11:59 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Adams\Desktop\iExplore.exe
2015-08-29 12:18 - 2015-08-29 19:41 - 466111637 _____ C:\WINDOWS\MEMORY.DMP
2015-08-27 16:46 - 2015-08-27 16:46 - 00000000 ____D C:\WINDOWS\system32\%APPDATA%
2015-08-27 16:43 - 2015-09-10 12:47 - 00000000 ____D C:\Users\Adams\AppData\Roaming\tor
2015-08-24 12:27 - 2015-09-09 11:21 - 00002188 _____ C:\WINDOWS\system32\CFG3967552228
2015-08-29 12:28 - 2014-11-03 15:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-29 12:21 - 2010-04-26 10:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-27 18:15 - 2010-04-26 10:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-08-27 17:58 - 2010-04-26 09:59 - 00000000 ____D C:\Program Files (x86)\AVG
RemoveProxy:
EmptyTemp: