Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by Adams (2015-09-14 12:22:11) Run:3
Running from C:\Users\Adams\Desktop
Loaded Profiles: Adams (Available Profiles: Adams)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
Task: {4F5DC897-BD95-4BC2-B238-5CB679979FEE} - System32\Tasks\{6C7D338A-2E1E-4972-A35D-4978246CF85D} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
Task: {882D04AF-C293-432A-A82C-08C804DF41D9} - System32\Tasks\{3210778E-5496-4C77-A527-F3271C956218} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
Task: {9D5EE1DC-9316-45A3-B827-3BCBD0D7FF7B} - System32\Tasks\{682D6941-A475-423A-93C2-5474B3F39685} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
Task: {D59C3ED1-688E-4E7A-9AD0-63F099B6325B} - System32\Tasks\{8EB10212-CDB5-4C54-B0D9-CFF150C2548B} => C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe [2015-09-11] (AVG Technologies CZ, s.r.o.)
FirewallRules: [{6DC57B63-5F82-4C4B-B21F-B4ED8AE30B8F}] => (Allow) svchost.exe
FirewallRules: [{9C755D83-ECBD-4C97-BAE6-1AF8B2AC4F18}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgemc.exe
FirewallRules: [{B1084A64-360F-4130-BFE7-0A86997D1B85}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgupd.exe
FirewallRules: [{9E3BA463-E4AE-404A-956C-B3C7E4402131}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
FirewallRules: [TCP Query User{8239AE58-5A7A-4CE7-B5D5-E7CFC5F180F0}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{F460941F-59B9-4E74-850D-7EEDCC4BDA00}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{7559F51F-A7C6-485A-AD7C-E56F25DE4756}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{289FE499-7570-4B89-8501-4E8BDDC532EF}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{2A4F61AC-AC2F-4DAA-B1AA-E3C2C6AEF524}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [UDP Query User{3787462F-FB42-4515-91C3-F11FBE6B6EFF}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [TCP Query User{4724D3AE-6D7A-46AF-AC63-BA10519530B3}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [UDP Query User{AF668C6A-9A95-453C-98EF-0DDB3CD4E34B}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [TCP Query User{700C3F65-997C-414F-9222-0876ECFEEA09}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
FirewallRules: [UDP Query User{41AE2CEA-842D-4D9F-8B00-36B97F187635}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
AppInit_DLLs: avgrssta.dll => C:\WINDOWS\system32\avgrssta.dll [13048 2010-08-01] (AVG Technologies CZ, s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe
2015-09-11 14:32 - 2015-09-11 14:33 - 04923920 _____ (McAfee, Inc.) C:\Users\Adams\Desktop\MCPR.exe
2015-09-11 14:32 - 2015-09-11 14:32 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe
C:\Users\Test Virus Account
2015-08-31 11:59 - 2015-08-31 11:59 - 02019656 _____ (Bleeping Computer, LLC) C:\Users\Adams\Desktop\iExplore.exe
2015-08-29 12:18 - 2015-08-29 19:41 - 466111637 _____ C:\WINDOWS\MEMORY.DMP
2015-08-27 16:46 - 2015-08-27 16:46 - 00000000 ____D C:\WINDOWS\system32\%APPDATA%
2015-08-27 16:43 - 2015-09-10 12:47 - 00000000 ____D C:\Users\Adams\AppData\Roaming\tor
2015-08-24 12:27 - 2015-09-09 11:21 - 00002188 _____ C:\WINDOWS\system32\CFG3967552228
2015-08-29 12:28 - 2014-11-03 15:53 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-29 12:21 - 2010-04-26 10:15 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-08-27 18:15 - 2010-04-26 10:15 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2015-08-27 17:58 - 2010-04-26 09:59 - 00000000 ____D C:\Program Files (x86)\AVG
RemoveProxy:
EmptyTemp:
*****************

Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F5DC897-BD95-4BC2-B238-5CB679979FEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F5DC897-BD95-4BC2-B238-5CB679979FEE}" => key removed successfully
C:\WINDOWS\System32\Tasks\{6C7D338A-2E1E-4972-A35D-4978246CF85D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6C7D338A-2E1E-4972-A35D-4978246CF85D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{882D04AF-C293-432A-A82C-08C804DF41D9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{882D04AF-C293-432A-A82C-08C804DF41D9}" => key removed successfully
C:\WINDOWS\System32\Tasks\{3210778E-5496-4C77-A527-F3271C956218} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3210778E-5496-4C77-A527-F3271C956218}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D5EE1DC-9316-45A3-B827-3BCBD0D7FF7B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D5EE1DC-9316-45A3-B827-3BCBD0D7FF7B}" => key removed successfully
C:\WINDOWS\System32\Tasks\{682D6941-A475-423A-93C2-5474B3F39685} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{682D6941-A475-423A-93C2-5474B3F39685}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D59C3ED1-688E-4E7A-9AD0-63F099B6325B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D59C3ED1-688E-4E7A-9AD0-63F099B6325B}" => key removed successfully
C:\WINDOWS\System32\Tasks\{8EB10212-CDB5-4C54-B0D9-CFF150C2548B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8EB10212-CDB5-4C54-B0D9-CFF150C2548B}" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DC57B63-5F82-4C4B-B21F-B4ED8AE30B8F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C755D83-ECBD-4C97-BAE6-1AF8B2AC4F18} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1084A64-360F-4130-BFE7-0A86997D1B85} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E3BA463-E4AE-404A-956C-B3C7E4402131} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8239AE58-5A7A-4CE7-B5D5-E7CFC5F180F0}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F460941F-59B9-4E74-850D-7EEDCC4BDA00}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7559F51F-A7C6-485A-AD7C-E56F25DE4756}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{289FE499-7570-4B89-8501-4E8BDDC532EF}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2A4F61AC-AC2F-4DAA-B1AA-E3C2C6AEF524}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3787462F-FB42-4515-91C3-F11FBE6B6EFF}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4724D3AE-6D7A-46AF-AC63-BA10519530B3}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AF668C6A-9A95-453C-98EF-0DDB3CD4E34B}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{700C3F65-997C-414F-9222-0876ECFEEA09}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41AE2CEA-842D-4D9F-8B00-36B97F187635}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe => value removed successfully
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value removed successfully
"avgrssta.dll" => Value data removed successfully.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"C:\Users\Adams\Desktop\MCPR.exe" => File/Folder not found.
"C:\Users\Adams\Desktop\avg_remover_stf_x64_2015_5501.exe" => File/Folder not found.
C:\Users\Test Virus Account => moved successfully
C:\Users\Adams\Desktop\iExplore.exe => moved successfully
C:\WINDOWS\MEMORY.DMP => moved successfully
C:\WINDOWS\system32\%APPDATA% => moved successfully
C:\Users\Adams\AppData\Roaming\tor => moved successfully
C:\WINDOWS\system32\CFG3967552228 => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy => moved successfully
C:\Program Files (x86)\AVG => moved successfully

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1025616775-32965946-2427245248-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

EmptyTemp: => 116 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 12:23:47 ====