Cannot log into banking

Thank you for your help!

# AdwCleaner v6.040 - Logfile created 07/12/2016 at 22:33:51
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-07.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Jeffro - JEFFRO-PC
# Running from : C:\Users\Jeffro\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.6
[-] Service deleted: WtuSystemSupport

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Avg_Update_0716tb
[-] Folder deleted: C:\ProgramData\Avg_Update_1216tb
[-] Folder deleted: C:\Users\Jeffro\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Tyler\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Don\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Guest\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Security Toolbar
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Security Toolbar
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search

***** [ Files ] *****

[-] File deleted: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\o696dq5g.default\extensions\[email protected]
[-] File deleted: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\o696dq5g.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Data restored: HKU\S-1-5-21-1423331177-2394562957-3836801765-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-1423331177-2394562957-3836801765-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data restored: HKU\S-1-5-21-1423331177-2394562957-3836801765-1003\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

***** [ Web browsers ] *****

[-] Chrome preferences cleaned: "browser.startup.homepage" - "hxxps://mysearch.avg.com/?cid={72A2B0A7-4C43-4B51-9FF3-F5B913446A8D}&mid=f97e32fe2f9a47d28795a59d737f9eea-979bb97d63a1e2b35883eab35591d070dd0af843&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015av&pr=fr&d=2015-11-02 11:05:40&v=4.1.8.599&pid=wtu&sg=&sap=hp"
[-] [C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6319 Bytes] - [07/12/2016 22:33:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [6037 Bytes] - [07/12/2016 22:33:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6465 Bytes] ##########

********************************************************************************************

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Ultimate x64
Ran by Jeffro (Administrator) on Wed 12/07/2016 at 22:43:00.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 16

Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5HCY5EVQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FBLMMU71 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KMQXEK3Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jeffro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKDP2596 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5HCY5EVQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FBLMMU71 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KMQXEK3Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKDP2596 (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/07/2016 at 22:44:55.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

***** [ Services ] *****

[-] Service deleted: vToolbarUpdater40.3.6
[-] Service deleted: WtuSystemSupport

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6319 Bytes] - [07/12/2016 22:33:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [6037 Bytes] - [07/12/2016 22:33:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6465 Bytes] ##########

**********************************************************************************************

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Jeffro (administrator) on JEFFRO-PC (07-12-2016 22:46:57)
Running from C:\Users\Jeffro\Desktop
Loaded Profiles: Jeffro (Available Profiles: Jeffro & Tyler & Don & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
() C:\Program Files\Belkin\USB Control Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-01] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819048 2016-11-11] (Google)
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-10-05] (Apple Inc.)
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\MountPoints2: {c5c9d3da-1c61-11e5-b8b2-74d4359b7719} - I:\setup.exe -a
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1CEF8357-1A42-4CC3-B091-3DA8CC52F57D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{341555AC-0AD7-4520-96D7-45B727EB0EB4}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{EB74F056-1219-4345-B411-242F6F996BA3}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF DefaultProfile: bgf49c2b.default-1438226491564
FF ProfilePath: C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\lsd24pxk.default [2016-06-17]
FF ProfilePath: C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564 [2016-12-07]
FF Homepage: Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564 -> hxxps://www.google.com/webhp?hl=en&tab=ww&gws_rd=ssl
FF Session Restore: Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564 -> is enabled.
FF Extension: (IE Tab) - C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} [2016-04-28]
FF Extension: (Adblock Plus) - C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Extension: (Tab Mix Plus) - C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\bgf49c2b.default-1438226491564\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-10-30]
FF ProfilePath: C:\Users\Jeffro\AppData\Roaming\Mozilla\Firefox\Profiles\3p6uvk4z.default-1444084954893 [2016-07-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-11-04] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Google Slides) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-07]
CHR Extension: (Google Docs) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-07]
CHR Extension: (Google Drive) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-07]
CHR Extension: (YouTube) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-07]
CHR Extension: (Google Sheets) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-07]
CHR Extension: (Gmail) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Jeffro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-07]
CHR HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-01] (AVG Technologies CZ, s.r.o.)
R2 Belkin USB Center Helper; C:\Program Files\Belkin\USB Control Center\Bkapcs.exe [55296 2013-07-30] () [File not signed]
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)
R2 HPSLPSVC; C:\Users\Jeffro\AppData\Local\Temp\7zS3538\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe [72344 2008-05-19] (SiSoftware) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-09-15] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-31] (Disc Soft Ltd)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [310496 2014-05-20] (silex technology, Inc.)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 22:46 - 2016-12-07 22:47 - 00013362 _____ C:\Users\Jeffro\Desktop\FRST.txt
2016-12-07 22:45 - 2016-12-07 22:45 - 02420224 _____ (Farbar) C:\Users\Jeffro\Desktop\FRST64.exe
2016-12-07 22:44 - 2016-12-07 22:44 - 00003192 _____ C:\Users\Jeffro\Desktop\JRT.txt
2016-12-07 22:42 - 2016-12-07 22:42 - 00006584 _____ C:\Users\Jeffro\Desktop\AdwCleaner[C0].txt
2016-12-07 22:40 - 2016-12-07 22:40 - 01631928 _____ (Malwarebytes) C:\Users\Jeffro\Desktop\JRT.exe
2016-12-07 22:30 - 2016-12-07 22:33 - 00000000 ____D C:\AdwCleaner
2016-12-07 22:22 - 2016-12-07 22:22 - 03968464 _____ C:\Users\Jeffro\Desktop\AdwCleaner.exe
2016-12-07 22:19 - 2016-12-07 22:35 - 00000570 _____ C:\Windows\Tasks\AVG-SSU_1216tb.job
2016-12-07 22:19 - 2016-12-07 22:35 - 00000432 _____ C:\Windows\Tasks\AVG-SSU_1216tb_DELETE.job
2016-12-07 22:19 - 2016-12-07 22:19 - 00002934 _____ C:\Windows\System32\Tasks\AVG-SSU_1216tb_DELETE
2016-12-07 22:19 - 2016-12-07 22:19 - 00002866 _____ C:\Windows\System32\Tasks\AVG-SSU_1216tb
2016-12-06 18:52 - 2016-12-06 20:57 - 00000000 ____D C:\Users\Jeffro\Downloads\Entourage.S06.Season.6.1080p.5.1Ch.BluRay.ReEnc-DeeJayAhmed
2016-12-06 18:52 - 2016-12-06 18:52 - 00000000 ____D C:\Users\Jeffro\AppData\LocalLow\uTorrent
2016-12-03 09:02 - 2016-12-03 09:02 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-03 09:02 - 2016-12-03 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-03 09:02 - 2016-12-03 09:02 - 00000000 ____D C:\Program Files\iTunes
2016-12-03 09:02 - 2016-12-03 09:02 - 00000000 ____D C:\Program Files\iPod
2016-12-02 21:26 - 2016-12-02 21:33 - 00000000 ____D C:\Users\Jeffro\Downloads\J. Cole
2016-12-01 21:32 - 2016-12-02 21:26 - 00000000 ____D C:\Users\Jeffro\Downloads\Dead Prez - (DailyNova) TPB
2016-11-29 16:58 - 2016-11-29 16:58 - 00000000 ____D C:\Users\Tyler\AppData\Local\CEF
2016-11-29 16:57 - 2016-12-04 10:37 - 00000000 ____D C:\Users\Tyler\AppData\LocalLow\Mozilla
2016-11-28 16:36 - 2016-11-28 16:36 - 00000000 ____D C:\Users\Jeffro\AppData\Local\CEF
2016-11-26 20:51 - 2016-11-26 20:53 - 21874200 _____ (LastPass) C:\Users\Jeffro\Desktop\lastpass_x64.exe
2016-11-26 20:37 - 2016-11-26 20:44 - 00000000 ____D C:\Users\Jeffro\AppData\LocalLow\LastPass
2016-11-26 10:42 - 2016-11-26 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-11-26 10:40 - 2016-11-26 10:40 - 00000000 ____D C:\Program Files\Bonjour
2016-11-26 10:40 - 2016-11-26 10:40 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-26 10:37 - 2016-11-26 10:37 - 00001355 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2016-11-26 10:37 - 2016-11-26 10:37 - 00000000 ____D C:\Users\Public\Foxit Software
2016-11-26 10:37 - 2016-11-26 10:37 - 00000000 ____D C:\Users\Jeffro\AppData\Roaming\Foxit AgentInformation
2016-11-26 10:37 - 2016-11-26 10:37 - 00000000 ____D C:\ProgramData\Foxit Software
2016-11-26 10:37 - 2016-11-26 10:37 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-11-25 02:35 - 2016-11-25 02:35 - 00002144 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-25 02:35 - 2016-11-25 02:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-24 23:30 - 2016-11-25 00:09 - 00000000 ____D C:\Users\Jeffro\Desktop\2016 credit report
2016-11-18 15:55 - 2016-12-07 22:45 - 00000000 ____D C:\Users\Jeffro\AppData\LocalLow\Mozilla
2016-11-18 00:14 - 2016-12-05 20:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 00:12 - 2016-11-18 00:33 - 00000000 ____D C:\Users\Jeffro\Downloads\Narcos.Season.2.720p.WEBRiP.x265.ShAaNiG
2016-11-16 16:25 - 2016-11-17 22:59 - 00000000 ____D C:\Users\Jeffro\Downloads\Queen of the Clouds (Deluxe)
2016-11-13 10:16 - 2016-11-13 10:16 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-11-07 20:14 - 2016-11-07 20:14 - 00000000 ____D C:\Users\Jeffro\AppData\Local\Private Internet Access
2016-11-07 20:14 - 2016-11-07 20:14 - 00000000 ____D C:\Users\Jeffro\AppData\Local\Crashpad
2016-11-07 20:12 - 2016-11-16 16:39 - 00000000 ____D C:\Users\Jeffro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2016-11-07 20:12 - 2016-11-07 20:12 - 00027136 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-11-07 20:12 - 2016-11-07 20:12 - 00003162 _____ C:\Windows\System32\Tasks\Private Internet Access Startup
2016-11-07 20:12 - 2016-11-07 20:12 - 00001001 _____ C:\Users\Jeffro\Desktop\Private Internet Access.lnk
2016-11-07 20:07 - 2016-11-07 20:09 - 59955885 _____ C:\Users\Jeffro\Desktop\privateinternetaccess.exe
2016-11-07 16:48 - 2016-11-10 21:25 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-07 16:48 - 2016-11-10 21:25 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-07 10:30 - 2016-09-30 15:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-07 10:30 - 2016-09-30 14:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-07 10:30 - 2016-09-30 10:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-07 10:30 - 2016-09-30 10:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-07 10:30 - 2016-09-30 10:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-07 10:30 - 2016-09-30 02:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-07 10:30 - 2016-09-30 01:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-07 10:30 - 2016-09-30 01:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-07 10:30 - 2016-09-30 01:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-07 10:30 - 2016-09-30 01:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-07 10:30 - 2016-09-30 01:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-07 10:30 - 2016-09-30 01:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-07 10:30 - 2016-09-30 01:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-07 10:30 - 2016-09-30 01:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-07 10:30 - 2016-09-30 01:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-07 10:30 - 2016-09-30 01:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-07 10:30 - 2016-09-30 01:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-07 10:30 - 2016-09-30 01:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-07 10:30 - 2016-09-30 01:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-07 10:30 - 2016-09-30 01:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-07 10:30 - 2016-09-30 01:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-07 10:30 - 2016-09-30 01:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-07 10:30 - 2016-09-30 01:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-07 10:30 - 2016-09-30 01:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-07 10:30 - 2016-09-30 00:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-07 10:30 - 2016-09-30 00:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-07 10:30 - 2016-09-30 00:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-07 10:30 - 2016-09-30 00:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-07 10:30 - 2016-09-30 00:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-07 10:30 - 2016-09-30 00:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-07 10:30 - 2016-09-30 00:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-07 10:30 - 2016-09-30 00:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-07 10:30 - 2016-09-30 00:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-07 10:30 - 2016-09-30 00:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-07 10:30 - 2016-09-30 00:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-07 10:30 - 2016-09-30 00:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-07 10:30 - 2016-09-30 00:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-07 10:30 - 2016-09-30 00:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-07 10:30 - 2016-09-30 00:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-07 10:30 - 2016-09-30 00:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-07 10:30 - 2016-09-30 00:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-07 10:30 - 2016-09-30 00:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-07 10:30 - 2016-09-30 00:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-07 10:30 - 2016-09-30 00:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-07 10:30 - 2016-09-30 00:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-07 10:30 - 2016-09-30 00:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-07 10:30 - 2016-09-30 00:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-07 10:30 - 2016-09-30 00:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-07 10:30 - 2016-09-30 00:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-07 10:30 - 2016-09-30 00:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-07 10:30 - 2016-09-30 00:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-07 10:30 - 2016-09-30 00:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-07 10:30 - 2016-09-30 00:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-07 10:30 - 2016-09-30 00:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-07 10:30 - 2016-09-30 00:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-07 10:30 - 2016-09-30 00:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-07 10:30 - 2016-09-30 00:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-07 10:30 - 2016-09-30 00:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-07 10:30 - 2016-09-30 00:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-07 10:30 - 2016-09-30 00:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-07 10:30 - 2016-09-30 00:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-07 10:30 - 2016-09-30 00:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-07 10:30 - 2016-09-30 00:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-07 10:30 - 2016-09-30 00:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-07 10:30 - 2016-09-30 00:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-07 10:30 - 2016-09-29 23:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-07 10:30 - 2016-09-29 23:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-07 10:30 - 2016-09-29 23:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-07 10:30 - 2016-09-29 23:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-07 10:30 - 2016-09-15 10:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-07 10:30 - 2016-09-15 10:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-07 10:30 - 2016-09-15 10:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-07 10:30 - 2016-09-15 10:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-07 10:30 - 2016-09-12 16:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-07 10:30 - 2016-09-12 16:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-07 10:30 - 2016-09-12 16:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-07 10:30 - 2016-09-12 16:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-07 10:30 - 2016-09-12 15:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-07 10:30 - 2016-09-12 15:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-07 10:30 - 2016-09-12 15:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-07 10:30 - 2016-09-12 15:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-07 10:30 - 2016-09-12 15:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-07 10:30 - 2016-09-12 15:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-07 10:30 - 2016-09-12 15:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-07 10:30 - 2016-09-12 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-07 10:30 - 2016-09-12 15:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-07 10:30 - 2016-09-12 14:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-07 10:30 - 2016-09-12 13:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-07 10:30 - 2016-09-12 13:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-07 10:30 - 2016-09-10 11:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-07 10:30 - 2016-09-10 10:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-07 10:30 - 2016-09-09 13:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-07 10:30 - 2016-09-09 13:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-07 10:30 - 2016-09-09 13:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 13:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-07 10:30 - 2016-09-09 13:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-07 10:30 - 2016-09-09 13:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-07 10:30 - 2016-09-09 13:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-07 10:30 - 2016-09-09 13:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-07 10:30 - 2016-09-09 12:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-07 10:30 - 2016-09-09 12:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-07 10:30 - 2016-09-09 12:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-07 10:30 - 2016-09-09 12:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-07 10:30 - 2016-09-09 12:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-07 10:30 - 2016-09-09 12:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-07 10:30 - 2016-09-09 12:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-07 10:30 - 2016-09-09 12:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-07 10:30 - 2016-09-09 12:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-07 10:30 - 2016-09-09 12:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-07 10:30 - 2016-09-09 12:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-07 10:30 - 2016-09-08 15:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-07 10:30 - 2016-09-08 15:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-07 10:30 - 2016-09-08 15:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-07 10:30 - 2016-09-08 15:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-07 10:30 - 2016-09-08 09:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-07 10:30 - 2016-09-08 09:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-07 10:30 - 2016-08-16 13:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls
2016-11-07 10:30 - 2016-08-16 13:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-11-07 10:30 - 2016-08-12 12:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-07 10:30 - 2016-08-12 12:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-07 10:30 - 2016-08-12 12:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-07 10:30 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-07 10:30 - 2016-08-12 12:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-07 10:30 - 2016-08-12 11:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-07 10:30 - 2016-08-12 11:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-07 10:30 - 2016-08-12 11:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-07 10:30 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-07 10:30 - 2016-08-12 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-07 10:30 - 2016-08-12 11:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-07 10:30 - 2016-08-06 10:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-07 10:30 - 2016-08-06 10:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-07 10:30 - 2016-08-06 10:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-07 10:30 - 2016-08-06 10:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-07 10:30 - 2016-08-06 10:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-07 10:30 - 2016-08-06 10:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-07 10:30 - 2016-08-06 10:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-07 10:30 - 2016-08-06 10:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-07 10:30 - 2016-08-06 09:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-07 10:30 - 2016-08-06 09:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-07 10:30 - 2016-08-06 09:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-07 10:30 - 2016-06-14 12:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-07 10:30 - 2016-06-14 12:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-07 10:30 - 2016-06-14 12:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-07 10:30 - 2016-06-14 12:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-07 10:30 - 2016-06-14 10:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-07 10:30 - 2016-06-14 10:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-07 10:30 - 2016-06-14 10:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-07 10:30 - 2016-06-14 10:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-07 10:30 - 2016-06-14 10:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-07 10:30 - 2016-06-14 10:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-07 10:30 - 2016-06-14 10:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-07 10:30 - 2016-06-14 10:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-07 10:30 - 2016-06-14 10:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 22:46 - 2015-05-17 15:51 - 00000000 ____D C:\FRST
2016-12-07 22:43 - 2009-07-13 23:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-07 22:43 - 2009-07-13 23:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-07 22:41 - 2009-07-14 00:13 - 00781782 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-07 22:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-12-07 22:35 - 2014-06-21 16:04 - 00000000 ____D C:\ProgramData\MFAData
2016-12-07 22:35 - 2014-06-10 22:21 - 00000000 ___RD C:\Users\Jeffro\Google Drive
2016-12-07 22:35 - 2014-06-01 14:32 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-07 22:35 - 2014-05-31 23:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-07 22:35 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-07 22:33 - 2016-09-24 11:58 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-07 22:29 - 2015-11-23 18:20 - 00000000 ____D C:\Users\Jeffro\AppData\Local\AvgSetupLog
2016-12-06 23:05 - 2014-05-31 21:09 - 00000000 ____D C:\Users\Jeffro\AppData\Roaming\uTorrent
2016-12-06 23:03 - 2014-06-01 14:32 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-06 22:59 - 2014-11-23 19:39 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-05 20:55 - 2014-06-07 14:21 - 00000000 ____D C:\Users\Jeffro\AppData\Local\CutePDF Writer
2016-12-05 20:25 - 2014-05-31 23:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-04 10:37 - 2015-11-02 11:04 - 00000000 ___RD C:\Users\Tyler\iCloudDrive
2016-12-03 09:02 - 2014-06-01 01:06 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-01 23:12 - 2014-06-01 00:21 - 00000000 ____D C:\Users\Jeffro\AppData\Roaming\vlc
2016-11-29 16:56 - 2009-07-14 00:08 - 00032598 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-28 16:35 - 2015-11-24 18:29 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-11-28 16:35 - 2015-11-24 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-26 21:08 - 2014-06-01 00:27 - 00000000 ____D C:\Users\Jeffro\AppData\Roaming\Foxit Software
2016-11-25 12:59 - 2014-05-31 22:58 - 00000000 ____D C:\Windows\system32\MRT
2016-11-25 12:55 - 2014-05-31 22:58 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-25 02:35 - 2014-05-31 21:51 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-24 19:04 - 2014-06-10 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-17 22:57 - 2014-06-16 20:07 - 00000000 ____D C:\Program Files\pia_manager
2016-11-13 13:53 - 2014-06-17 17:30 - 00000000 ____D C:\Users\Jeffro\Downloads\Windows 7 Ultimate SP1 (32 Bit)
2016-11-13 11:59 - 2014-11-23 19:39 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-13 11:59 - 2014-06-01 00:41 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-13 11:59 - 2014-06-01 00:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-13 11:59 - 2014-06-01 00:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-13 11:59 - 2014-06-01 00:41 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-12 21:06 - 2014-05-31 12:59 - 00000000 ____D C:\Users\Jeffro\AppData\Local\Google
2016-11-07 20:07 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2016-11-07 16:37 - 2009-07-13 23:45 - 00356632 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-07 16:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-07 16:34 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-07 16:33 - 2015-09-18 11:45 - 00000000 ____D C:\Users\Don
2016-11-07 16:33 - 2015-04-11 23:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-07 16:33 - 2015-04-11 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-07 10:46 - 2009-07-13 21:34 - 00000499 _____ C:\Windows\win.ini
2016-11-07 10:42 - 2015-09-09 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-11-07 10:36 - 2015-09-09 20:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-07 10:34 - 2015-04-11 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-07 10:31 - 2011-04-12 03:28 - 00000000 ____D C:\Program Files\Windows Journal

==================== Files in the root of some directories =======

2014-06-03 21:58 - 2016-04-28 16:06 - 14172160 _____ () C:\Users\Jeffro\AppData\Roaming\Sandra.mdb
2014-06-01 12:23 - 2016-04-28 16:06 - 0007651 _____ () C:\Users\Jeffro\AppData\Local\Resmon.ResmonCfg
2014-06-06 23:27 - 2014-07-01 21:48 - 0000125 ___SH () C:\ProgramData\.zreglib

Some files in TEMP:
====================
C:\Users\Jeffro\AppData\Local\Temp\avguirn_081161143464.exe
C:\Users\Jeffro\AppData\Local\Temp\avguirn_081668506024.exe
C:\Users\Jeffro\AppData\Local\Temp\binkw32.dll
C:\Users\Jeffro\AppData\Local\Temp\converter.exe
C:\Users\Jeffro\AppData\Local\Temp\d2l_Install.exe
C:\Users\Jeffro\AppData\Local\Temp\DTLite1010-0074.exe
C:\Users\Jeffro\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Jeffro\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Jeffro\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Jeffro\AppData\Local\Temp\libeay32.dll
C:\Users\Jeffro\AppData\Local\Temp\msvcr120.dll
C:\Users\Jeffro\AppData\Local\Temp\sqlite3.dll
C:\Users\Jeffro\AppData\Local\Temp\vlc-2.2.4-win64.exe
C:\Users\Jeffro\AppData\Local\Temp\VSUSetup.exe
C:\Users\Jeffro\AppData\Local\Temp\_is9CF5.exe
C:\Users\Jeffro\AppData\Local\Temp\_isF3EF.exe
C:\Users\Tyler\AppData\Local\Temp\avguirn_081355476333.exe
C:\Users\Tyler\AppData\Local\Temp\avguirn_081381560096.exe
C:\Users\Tyler\AppData\Local\Temp\avguirn_082005992534.exe
C:\Users\Tyler\AppData\Local\Temp\avguirn_08446985589.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-14 20:45

==================== End of FRST.txt ============================

********************************************************************************************

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Jeffro (07-12-2016 22:47:46)
Running from C:\Users\Jeffro\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-05-31 21:04:34)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-1423331177-2394562957-3836801765-500 - Administrator - Disabled)
Don (S-1-5-21-1423331177-2394562957-3836801765-1004 - Limited - Enabled) => C:\Users\Don
Guest (S-1-5-21-1423331177-2394562957-3836801765-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1423331177-2394562957-3836801765-1002 - Limited - Enabled)
Jeffro (S-1-5-21-1423331177-2394562957-3836801765-1001 - Administrator - Enabled) => C:\Users\Jeffro
Tyler (S-1-5-21-1423331177-2394562957-3836801765-1003 - Limited - Enabled) => C:\Users\Tyler

==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{38f32cea-14ce-4349-882e-8779bcd45e5c}) (Version: 1.2.362.0 - Futuremark)
3DMark (Version: 1.2.362.0 - Futuremark) Hidden
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{1D1DCF8A-6961-F848-0DA0-5401969C44CE}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.3.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.113.2.50020 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
AVG Zen (Version: 1.113.1 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
FMW 1 (Version: 1.143.1 - AVG Technologies) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.1.1115 - Foxit Software Inc.)
Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
iCloud (HKLM\...\{29AAC3D3-23FC-496D-8266-0E3833686758}) (Version: 6.0.2.10 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 en-US)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
MyHarmony (HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NAPS2 3.1.0 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.9.3 - Intuit)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
SiSoftware Sandra Lite 2014.SP2a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.35.2014.6 - SiSoftware)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.0.0.16117 - Blizzard Entertainment)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
USB Control Center (HKLM\...\Belkin USB Control Center) (Version: 2.1.0 - Belkin International, Inc.)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {203737A4-6332-48C1-872B-54504B4004CC} - System32\Tasks\{72E1B20E-442D-4809-B827-8BC29CEDECD9} => pcalua.exe -a H:\INSTALL.EXE -d H:\
Task: {22AEAC77-F0BF-44B4-9170-790B64343C38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {6018D6DE-32DB-407B-A980-1F9535D3CB8C} - System32\Tasks\AVG-SSU_1216tb_DELETE => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
Task: {6B76DC69-75A6-4352-8AF2-100CB22DE52F} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-11-07] ()
Task: {7594D599-E6DE-4C9A-9D2A-791B1811DE43} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {BCA73136-D068-4592-AA94-1D3B0EB99AC0} - System32\Tasks\AVG-SSU_1216tb => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
Task: {C7FEFE9D-F205-4E48-B579-3D484E4656A3} - System32\Tasks\{894D917B-8F89-40A2-B9E4-E38C25396596} => pcalua.exe -a C:\Users\Jeffro\Desktop\R149581.exe -d C:\Users\Jeffro\Desktop
Task: {D3F7595E-4E7F-49F3-95F0-D149A2CEC2E7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-13] (Adobe Systems Incorporated)
Task: {D6396A21-900A-4DF8-983B-1C9AE1A15D10} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {F0F5E01C-4E28-42FC-A3C1-B52713D8AAB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-SSU_1216tb.job => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
Task: C:\Windows\Tasks\AVG-SSU_1216tb_DELETE.job => C:\ProgramData\Avg_Update_1216tb\AVG-Secure-Search-Update_1216tb.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jeffro\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.com

==================== Loaded Modules (Whitelisted) ==============
2014-06-07 14:20 - 2013-10-23 13:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-29 08:58 - 2013-07-30 19:17 - 00055296 ____N () C:\Program Files\Belkin\USB Control Center\Bkapcs.exe
2015-05-10 21:11 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-11-02 10:13 - 2011-10-26 17:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1423331177-2394562957-3836801765-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jeffro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{4CB22B2E-1029-413D-98F7-FE8B6617CC89}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{0C7B931A-C36F-4572-8553-1159CC65E06D}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{70B96760-4AF9-45A0-84B8-D4486BA1DE6F}] => C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{35C55CB3-8CC7-48BA-B7F5-C2C20D01CFA7}] => C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{5893D65D-4EF6-49BC-BC25-E1B79C33AF4B}] => C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{EB9CDAEF-4D37-4EFE-9958-692CFA4DA143}] => C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{83D1D573-A42B-4397-B9C6-B04DA7695284}] => C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{BC5C7041-2201-448C-9553-71D1FD9202AC}] => C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{0CBEC0EA-F521-4F5A-9B54-AD5DD4D8F780}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{AB362DC6-BCEE-4EB6-8C91-5CD75900567A}] => C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{21DDDC69-B111-46A0-BD9B-225CD06F8F1E}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [UDP Query User{E9F30BB2-3EBD-4008-94E3-AC998BF7D27B}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [{5ADBB36F-4CBD-42DC-B41A-A0CCB0F20AC0}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\RpcAgentSrv.exe
FirewallRules: [{12F9B0D4-45C7-492B-B30C-21636183028E}] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{476B4863-2225-4C04-9590-7B37D559C87F}] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{D5F77D49-1CEF-4BEE-A95C-2534D8A5FC59}] => C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{0C53BBC1-6A71-4551-9AC3-5D0AD20CE0BF}] => C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{223C0745-FA00-4FE0-B68E-DE863B1D7889}] => C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{838B871B-F6D5-4D7D-87F4-E95836935218}] => C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{63D339F1-3657-41B1-A3D9-C06419BFE056}] => C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{57817207-51D0-4C99-AE4D-E8BC878E2510}] => C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{AAC6BED2-97D6-43CC-A203-DCC79DC56524}] => C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{89E9A61F-E742-4776-B7FA-92FDD3A607C6}] => C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{118C6663-7827-49B2-A73F-960720BB7105}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{397E2C1B-E8DD-40BF-BB57-120DEB950FEA}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{60B8106D-3A06-4A71-B385-93334F05E2CA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E414031F-D1FE-40CF-804E-3F00E61F5BAA}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{892B303D-61A5-4862-BC30-C8BB8A5239BE}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6C8DDF7C-2FCD-4B97-B682-6A64D86EBF4A}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9636082E-1C11-420B-AA58-DF0E8D01CE06}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{48237562-61FC-43CE-B80A-5E1FD9B7884E}] => C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{5F22D878-166E-4BE3-A06D-99D6836F5081}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A0C98381-08E3-432F-97C3-F640641B9FA9}] => C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{314B187C-768D-4022-908A-1500F78020E6}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{38748877-9FEB-498B-A143-599E5E12BF6A}] => C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{39CDEC80-6D19-40F1-A3DE-179A446977AB}] => C:\Users\Jeffro\AppData\Local\Temp\7zS3538\hppiw.exe
FirewallRules: [{1A39E688-EED4-47FD-88FE-8974291B3EFE}] => C:\Users\Jeffro\AppData\Local\Temp\7zS3538\hppiw.exe
FirewallRules: [{306A5E15-80A4-4638-B6E2-28504303EB7A}] => LPort=54925
FirewallRules: [{AAF6213C-E541-4735-8948-473EE503A842}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE67F7AB-6C9E-4FD7-9614-8DB2109D0163}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{29BB3036-C33F-4BCF-ABFB-48C06DDDA830}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{2FBEB483-0669-4EAC-93C5-0B0237D7CA3F}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6D8C381C-76F1-4B5A-A80E-0F2922BB4A89}] => C:\Program Files\Belkin\USB Control Center\Connect.exe
FirewallRules: [{841A89ED-6023-44AE-BC50-4DBC0A05897C}] => LPort=19540
FirewallRules: [{82E2F59C-0E6D-4F19-999D-E0BB70017573}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B2D46BDC-8DCF-42B9-842C-AE088684AFDE}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C91E26D4-F5C0-46E7-AE6F-842FE3B135BD}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B6D444E8-BE47-41DA-97ED-2F850E1BDB40}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D44E9508-4B52-4B5D-B0DA-AEDE5F6F6E32}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6C3BE7B-D6B7-41BA-8478-CB60CAF32A4C}] => C:\Users\Jeffro\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{515E3572-8C90-42BC-BD5F-299A11D17171}] => C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP2a\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{BD5B4BBE-578A-461D-B9C2-28172E1FDC91}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DC976D38-33D9-4692-96BD-C07B6FC9DA3B}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{6C605E1B-076B-4032-95B7-BCAF0D940470}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{83ABE01E-EC75-4946-B4DB-248AAB791804}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{41AF4AB3-8B5B-497B-92BD-16C68CD9B23C}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0AA90707-EA4D-433C-ADE6-99EF52338DDB}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FA63627C-115F-402E-AE1E-61FC82F8FCB5}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C41B51BB-D13A-4311-86EA-CC74370D81A1}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9F228212-A3F8-405E-94AF-2513ACB9153B}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6FEADEE1-ADAB-4053-B427-7FD8BF2DB2D7}] => C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================
06-05-2014 22:21:39 Installed iTunes
06-05-2014 22:40:11 Removed iTunes
06-05-2014 22:43:04 Installed iTunes
07-05-2014 15:59:55 Installed AVG 2014
07-05-2014 16:00:18 Installed AVG 2014
07-05-2014 16:14:12 Revo Uninstaller's restore point - Visual Studio 2012 x86 Redistributables
07-05-2014 16:26:53 Revo Uninstaller's restore point - iSEEK AnswerWorks English Runtime
07-05-2014 16:27:18 Removed iSEEK AnswerWorks English Runtime
09-05-2014 18:25:19 Installed calibre 64bit
17-05-2014 21:14:46 Scheduled Checkpoint
25-05-2014 08:56:43 Scheduled Checkpoint
25-11-2016 12:54:51 Windows Update
07-12-2016 22:24:32 Revo Uninstaller's restore point - AVG
07-12-2016 22:25:16 Revo Uninstaller's restore point - AVG Protection
07-12-2016 22:25:43 Removed AVG
07-12-2016 22:27:17 Removed AVG 2016
07-12-2016 22:29:46 Revo Uninstaller's restore point - AVG
07-12-2016 22:43:02 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2016 10:43:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1423331177-2394562957-3836801765-1006.bak). hr = 0x80070539, The security ID structure is invalid.
.