Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by DrSergiooW (25-09-2016 19:08:24) Run:1
Running from C:\Users\DrSergiooW\Desktop
Loaded Profiles: DrSergiooW (Available Profiles: DrSergiooW)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start 
CreateRestorePoint: 
CloseProcesses: 
RemoveProxy: 


HKLM-x32\...\Run: [Yahoo Messenger] => [X] 
HKLM-x32\...\Run: [Baidu PC Faster 4.0.0.0] => "C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe" -auto -start 
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2872320 2010-11-21] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2872320 2010-11-21] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\Policies\Explorer: [TaskbarNoThumbnail] 0 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {03a49a7e-71c1-11e6-8e88-50e5491abf23} - "H:\WD Drive Unlock.exe" autoplay=true 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {2bb7d15a-750a-11e6-857c-50e5491abf23} - H:\RNDISInst.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {2e160d8c-4b3d-11e6-b9b2-50e5491abf23} - G:\HTC_Sync_Manager_PC.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {65c8e530-5e3b-11e6-8317-50e5491abf23} - H:\AutoRun.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {65c8e56b-5e3b-11e6-8317-50e5491abf23} - H:\AutoRun.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {7cfc3ddf-227e-11e6-b3c7-50e5491abf23} - G:\HTC_Sync_Manager_PC.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {7cfc3df0-227e-11e6-b3c7-50e5491abf23} - G:\HTC_Sync_Manager_PC.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {8756be83-6955-11e6-8b09-50e5491abf23} - H:\HTC_Sync_Manager_PC.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {9bc12f06-5a1b-11e6-9819-50e5491abf23} - H:\autorun.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {a43a4b64-19f0-11e6-8a20-d30da075ac53} - J:\SISetup.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {a9d17d06-1e97-11e6-9a47-50e5491abf23} - G:\VZW_Software_upgrade_assistant.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {a9d17d1b-1e97-11e6-9a47-50e5491abf23} - G:\VZW_Software_upgrade_assistant.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {cb0d8ce1-62ed-11e6-8ef7-50e5491abf23} - H:\AutoRun.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\MountPoints2: {dcc501dd-2ce2-11e6-a780-50e5491abf23} - G:\ETS_Setup.exe 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2872320 2010-11-21] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2872320 2010-11-21] (Microsoft Corporation) <==== ATTENTION 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch 
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) 
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) 
Toolbar: HKU\S-1-5-21-2269977139-798740666-968023483-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) 

FF ProfilePath: C:\Users\DrSergiooW\AppData\Roaming\Mozilla\Firefox\Profiles\6er5boox.default
S2 PCFasterSvc_{PCFaster_5.1.0.0}; C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [X] 

R1 BprotectEx; C:\Windows\System32\drivers\BprotectEx.sys [93512 2016-05-30] (Baidu, Inc.) 
S3 Baidu PC Faster FileShredder; \??\C:\Program Files (x86)\PC Faster\5.1.0.0\FileKill_x64.sys [X] 
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\SDSDefs\20160710.019\ENG64.SYS [X] 
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\SDSDefs\20160710.019\EX64.SYS [X] 
S3 VGPU; System32\drivers\rdvgkmd.sys [X] 
2016-09-24 14:03 - 2016-05-26 17:51 - 00000000 ____D C:\Users\DrSergiooW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster 
2016-09-24 14:03 - 2016-05-26 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster

Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.) 
Task: {B397DB31-4F12-4166-9D00-BF5C6F6062D4} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe 
Task: {C7041376-FACA-4FD9-9C24-2601C0BFEB70} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe 






CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp: 
Reboot:
end
*****************

Error: (0) Failed to create a restore point.
Processes closed successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Yahoo Messenger => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Baidu PC Faster 4.0.0.0 => value removed successfully
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-21-2269977139-798740666-968023483-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully
HKU\S-1-5-21-2269977139-798740666-968023483-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoThumbnail => value removed successfully
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{03a49a7e-71c1-11e6-8e88-50e5491abf23}" => key removed successfully
HKCR\CLSID\{03a49a7e-71c1-11e6-8e88-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bb7d15a-750a-11e6-857c-50e5491abf23}" => key removed successfully
HKCR\CLSID\{2bb7d15a-750a-11e6-857c-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e160d8c-4b3d-11e6-b9b2-50e5491abf23}" => key removed successfully
HKCR\CLSID\{2e160d8c-4b3d-11e6-b9b2-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65c8e530-5e3b-11e6-8317-50e5491abf23}" => key removed successfully
HKCR\CLSID\{65c8e530-5e3b-11e6-8317-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65c8e56b-5e3b-11e6-8317-50e5491abf23}" => key removed successfully
HKCR\CLSID\{65c8e56b-5e3b-11e6-8317-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cfc3ddf-227e-11e6-b3c7-50e5491abf23}" => key removed successfully
HKCR\CLSID\{7cfc3ddf-227e-11e6-b3c7-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7cfc3df0-227e-11e6-b3c7-50e5491abf23}" => key removed successfully
HKCR\CLSID\{7cfc3df0-227e-11e6-b3c7-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8756be83-6955-11e6-8b09-50e5491abf23}" => key removed successfully
HKCR\CLSID\{8756be83-6955-11e6-8b09-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9bc12f06-5a1b-11e6-9819-50e5491abf23}" => key removed successfully
HKCR\CLSID\{9bc12f06-5a1b-11e6-9819-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a43a4b64-19f0-11e6-8a20-d30da075ac53}" => key removed successfully
HKCR\CLSID\{a43a4b64-19f0-11e6-8a20-d30da075ac53} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9d17d06-1e97-11e6-9a47-50e5491abf23}" => key removed successfully
HKCR\CLSID\{a9d17d06-1e97-11e6-9a47-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a9d17d1b-1e97-11e6-9a47-50e5491abf23}" => key removed successfully
HKCR\CLSID\{a9d17d1b-1e97-11e6-9a47-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb0d8ce1-62ed-11e6-8ef7-50e5491abf23}" => key removed successfully
HKCR\CLSID\{cb0d8ce1-62ed-11e6-8ef7-50e5491abf23} => key not found. 
"HKU\S-1-5-21-2269977139-798740666-968023483-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcc501dd-2ce2-11e6-a780-50e5491abf23}" => key removed successfully
HKCR\CLSID\{dcc501dd-2ce2-11e6-a780-50e5491abf23} => key not found. 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key could not remove. Access Denied.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\Wow6432Node\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 
HKU\S-1-5-21-2269977139-798740666-968023483-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key could not remove. Access Denied.
FF ProfilePath: C:\Users\DrSergiooW\AppData\Roaming\Mozilla\Firefox\Profiles\6er5boox.default => FRST is scripted not to move this directory.
PCFasterSvc_{PCFaster_5.1.0.0} => service removed successfully
BprotectEx => Unable to stop service.
BprotectEx => service removed successfully
Baidu PC Faster FileShredder => service removed successfully
NAVENG => service could not remove
NAVEX15 => service could not remove
VGPU => service removed successfully
C:\Users\DrSergiooW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster => moved successfully
Baidu PC Faster (HKLM-x32\...\Baidu PC Faster 5.1.0.0) (Version: 5.1.3.126764 - Baidu, Inc.) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B397DB31-4F12-4166-9D00-BF5C6F6062D4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B397DB31-4F12-4166-9D00-BF5C6F6062D4}" => key removed successfully
C:\Windows\System32\Tasks\Baidu PC Faster Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7041376-FACA-4FD9-9C24-2601C0BFEB70}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7041376-FACA-4FD9-9C24-2601C0BFEB70}" => key removed successfully
C:\Windows\System32\Tasks\Baidu PC Faster Service => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Service" => key removed successfully

========= netsh winsock reset all =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84780184 B
Java, Flash, Steam htmlcache => 525 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 11088446 B
Firefox => 7959457 B
Opera => 10062608 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65954 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 0 B
DrSergiooW => 45614932 B

RecycleBin => 0 B
EmptyTemp: => 160.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:08:54 ====