Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2013
Ran by Danny at 2013-09-21 16:47:47 Run:1
Running from C:\Users\Danny\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{874a5589-1488-2c18-7512-653219bcfd28}\ \...\???\{874a5589-1488-2c18-7512-653219bcfd28}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
C:\Program Files (x86)\Google\Desktop
C:\Users\Danny\AppData\Local\Google\Desktop
C:\Users\Danny\AppData\Roaming\_MDLogs
C:\Windows\system32\%APPDATA%
DeleteJunctionsInDirectory: C:\Program Files\Windows Defender
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [] - [x]
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]
*****************

*etadpug => Service deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update* => Value deleted successfully.

"C:\Program Files (x86)\Google\Desktop" directory move:

Could not move "C:\Program Files (x86)\Google\Desktop" directory. => Scheduled to move on reboot.

C:\Users\Danny\AppData\Local\Google\Desktop => Moved successfully.
C:\Users\Danny\AppData\Roaming\_MDLogs => Moved successfully.
C:\Windows\system32\%APPDATA% => Moved successfully.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\en-US" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableChangePassword => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Key not found.
PCDSRVC{F36B3A4C-F95654BD-06000000}_0 => Service deleted successfully.

=========== Result of Scheduled Files to move ===========

C:\Program Files (x86)\Google\Desktop => Moved successfully.

==== End of Fixlog ====