Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016 Ran by Safe (2016-05-13 17:40:53) Run:3 Running from C:\Users\Safe\Desktop Loaded Profiles: Safe (Available Profiles: deckx & Safe) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll No File BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat => No File CHR HomePage: Default -> mail.ru/cnt/20595300?rciguc__PARAM__ CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/search?q={searchTerms}&fr=chxtn9.0.1__PARAM__ CHR DefaultSearchKeyword: Default -> mail.ru CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms} S2 MPCProtectService; "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" [X] R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-29] (DotC United Inc) C:\Windows\System32\DRIVERS\MPCKpt.sys S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] C:\Program Files (x86)\MPC Cleaner C:\Program Files (x86)\Tencent Hosts: EmptyTemp: end ***************** Error: (0) Failed to create a restore point. Processes closed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon => key could not remove. Access Denied. HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key could not remove. Access Denied. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} => key could not remove. Access Denied. HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} => key could not remove. Access Denied. Chrome HomePage => removed successfully Chrome DefaultSearchURL => removed successfully Chrome DefaultSearchKeyword => removed successfully Chrome DefaultSuggestURL => removed successfully MPCProtectService => service could not remove MPCKpt => Unable to stop service. MPCKpt => service could not remove Could not move "C:\Windows\System32\DRIVERS\MPCKpt.sys" => Scheduled to move on reboot. MSICDSetup => service could not remove NTIOLib_1_0_C => service could not remove VGPU => service could not remove xhunter1 => service could not remove "C:\Program Files (x86)\MPC Cleaner" => not found. "C:\Program Files (x86)\Tencent" => not found. "C:\Windows\System32\Drivers\etc\hosts" => Could not move. Could not restore Hosts. EmptyTemp: => 552.9 MB temporary data Removed.