JordanR

OK there is the scan details. Oh and I mentioned the event viewer because it showed all the logs of the explorer.exe application error and where it was originating from. Oha and to add my task bar is no longer in working condition and I have to use task manager to do things and also since explorer.exe is effected anything that uses it won't stay opend FRST_02-09-2014_10-27-55.txt Addition_02-09-2014_10-41-12.txt

Also would it be a good idea if i include my Event Viewer logs in here?

Ok well talk to you soon

Ok and i'm sorry if i'm wasting your time with this pirated stuff and not knowing all else I can do to get further help. I have tried multiple things but nothing and I have been trying to use skype so I could see my sick reletive before they pasted today but no prevail.

I have been listening to you this entire time. I don't know all the folders where .torrent is coming up so I mainly deleted the torrented downloads. I might need assistance with further removing P2P programs or anything affiliated with it. But with my knowledge all related content should be gone.

If I have to I will go deeper into this and delete any torrent related content.

I have removed utorrent from my laptop and when I did a search fr it in the files and it still shows uTorrent startup when I removed the program and then started the scan FRST.txt Addition.txt

Now once I removed uTorrent the taskbar now flcikers and I get a continues warning of explorer.exe application error

Ok the software is unstalled what now

Do I have to remove the software and re do a scan agian?

Here is the Scan Malwarebytes Anti-Malware Scan.txt

I kept getting a error when trying to post this log so i just attached it FRST_01-09-2014_16-02-27.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02 Ran by Jordan at 2014-09-01 15:54:30 Running from C:\Users\Jordan\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32081 - BitTorrent Inc.) Abacus UAV Predator for FSX (HKLM-x32\...\{5F1B0E61-396D-4E09-AC6B-04BD33284D3E}) (Version: 1.00.0000 - Abacus Software) Aerosoft's - F-16 Fighting Falcon (HKLM-x32\...\{A663BED9-978C-4A04-82A3-3029245055BE}) (Version: 1.00 - Aerosoft) Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Captain Sim C-130 All-in-One (HKLM-x32\...\{D872B593-5F17-4507-92A6-5F3C9655AF2A}) (Version: 1.1 - The Silverwingz) CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform) CF-105 for FSX/Accel (HKLM-x32\...\CF-105 for FSX/Accel) (Version: - ) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.2.0.0226 - Disc Soft Ltd) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP) Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.1.2.1 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{D9D0E75C-F791-402A-98E2-A2F43E7B0CE3}) (Version: 1.1.1054.0 - Dell Inc.) Diagnostics (HKLM-x32\...\Software Update11.041.44) (Version: 11.041.44 - Double Opt Media) DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden Flight Simulator X (HKLM-x32\...\RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - ) Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) iExplorer 3.3.2.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC) iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - ) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) Intel® Trusted Execution Engine (Version: 1.1.1.1 - Intel Corporation) Hidden Intel® Trusted Execution Engine Driver (Version: 1.0.0.1064 - Intel Corporation) Hidden iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Just Flight Constellation Professional (HKLM-x32\...\{070B2AFF-E7F2-4085-83CD-5ED64A4C9CE5}) (Version: 1.00.000 - ) JustFlight F-117 Nighthawk for FS9 and FSX (HKCU\...\JustFlight F-117 Nighthawk for FS9 and FSX) (Version: - ) Kasumi Rebirth [uNCEN], âåðñèÿ 3.2.5 (HKLM-x32\...\{CCBB5E45-88C1-4721-98B2-7866422B05F2}_is1) (Version: 3.2.5 - ) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.988 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Microsoft Flight Simulator X (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden Microsoft Flight Simulator X Service Pack 1 (x32 Version: 10.0.61355.0 - Microsoft Game Studios) Hidden Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{A9729B90-D37B-4A69-B66A-7436AC1F7274}) (Version: 10.0.61637.0 - Microsoft Game Studios) Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell) My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.005 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.) Stardock DeskScapes 8 (HKLM-x32\...\Stardock DeskScapes 8) (Version: 8.00 - Stardock Software, Inc.) There (HKLM-x32\...\There) (Version: - ) TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software) TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden Turbo Booster for uTorrent (HKLM-x32\...\Turbo Booster for uTorrent) (Version: 4.7.0.0 - DownloadBoosters LLC) uTorrent Turbo Accelerator (HKLM-x32\...\uTorrent Turbo Accelerator) (Version: 3.8.0.0 - WebSpeeders LLC) Virtavia B-1B Lancer (HKLM-x32\...\{C82EB055-445B-47CF-B76B-2FED0D4A7329}) (Version: 1.0.0 - Virtavia Pty Ltd) Virtavia F-22A Raptor FSX & P3D (HKLM\...\{CBFE9686-0EA2-4887-B97E-767B8AD25136}) (Version: 1 - Virtavia) VRS F/A-18E Superbug X (HKLM-x32\...\{0F1F6144-F13A-433D-B66E-129C5E8D504B}_is1) (Version: 1.0.5.1 - Vertical Reality Simulations) Windows 8 Codec Pack 2.0.1 (HKLM-x32\...\Windows 8 - Codec Pack) (Version: 2.0.1 - Windows 8 Codec Pack) WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH) Xtreme Prototypes X-15-2-3 VC for Flight Simulator (HKLM-x32\...\Xtreme Prototypes X-15-2-3 VC for Flight Simulator1.1) (Version: 1.1 - Xtreme Prototypes, Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-935466673-1756691942-2068257437-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B161361-13A5-40F1-A08F-0DF87E173947} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0F6B994B-F36C-4AEE-977F-7A08E14655AB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {21199D4C-F9E7-4A63-8AFD-C469861365D8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation) Task: {379F4D38-B6FE-4D2C-89E2-795AF33111F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3F1A154D-1834-4801-B395-1BF9D8DD8727} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-31] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {59E743E4-AA13-4140-B155-E2655E974068} - \AmiUpdXp No Task File <==== ATTENTION Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6BDD40C1-B248-40AB-9AEA-BEF3C2FFE1DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {8FC4429E-91CC-47DA-9677-7562E780D5A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.) Task: {94D1C73E-845E-4CB9-9FA1-170EEFDFC19C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.) Task: {98292BAF-42C3-4FC1-9056-7EB1EE3B3C57} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A458EA11-E66F-40E7-812E-304AFE9BD64B} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] () Task: {AA8010E3-2462-47B9-AB42-8CC9BBFD4BBC} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-02-19] (Aviata Inc) Task: {B5D7E445-C4AD-4F8D-9E83-7D613AE6D6EA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software) Task: {BC85E1B7-52D5-4AF3-BBD2-B06349C715D9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-19] (Synaptics Incorporated) Task: {CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D0BA805A-E7F2-4AFB-80E7-E17F98C33F14} - System32\Tasks\PocketCloudUpdater => C:\Program Task: {D352DA66-6B83-46D8-9915-8E7B856C5978} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {D828BC49-B57F-4951-9AF2-7C677582CC5E} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {D91856EA-A2C7-48C5-81B5-B44C466C5B43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DB6EFCBC-BE82-4EB2-A0F5-878DBAD8CB84} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] () Task: {E41BF617-1199-4A17-B822-3B87322B25DA} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {FDE1EBEC-EFDB-4FDE-A254-F1166DEBEC71} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2014-04-14 12:41 - 2014-04-14 12:41 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll 2014-08-12 14:34 - 2014-08-06 20:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Jordan\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\33558019.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\33558019.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "TrayMenu.lnk" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "FAStartup" HKLM\...\StartupApproved\Run32: => "FATrayAlert" HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D35563CBE1D1A1436A67A5E5C259B9F5" HKCU\...\StartupApproved\Run: => "iCloudServices" HKCU\...\StartupApproved\Run: => "ApplePhotoStreams" HKCU\...\StartupApproved\Run: => "Diagnostics" HKCU\...\StartupApproved\Run: => "uTorrent" HKCU\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent" HKCU\...\StartupApproved\Run: => "YfddPack" HKCU\...\StartupApproved\Run: => "UZDmedia" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/01/2014 03:54:55 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (09/01/2014 03:54:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ] Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8727797 Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8727797 Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5438 Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5438 Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2014 00:56:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4313 Error: (09/01/2014 00:56:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4313 System errors: ============= Error: (09/01/2014 02:48:40 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {209500FC-6B45-4693-8871-6296C4843751} Error: (09/01/2014 02:43:31 AM) (Source: DCOM) (EventID: 10010) (User: JORDANSPC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (09/01/2014 02:43:31 AM) (Source: DCOM) (EventID: 10010) (User: JORDANSPC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (09/01/2014 02:41:20 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 2:39:55 AM on ‎9/‎1/‎2014 was unexpected. Error: (08/31/2014 10:30:27 PM) (Source: DCOM) (EventID: 10010) (User: JORDANSPC) Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca Error: (08/31/2014 10:27:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Network Inspection Service service failed to start due to the following error: %%577 Error: (08/31/2014 10:27:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: %%577 Error: (08/31/2014 10:15:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: %%1056 Error: (08/31/2014 10:15:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Network Inspection Service service failed to start due to the following error: %%577 Error: (08/31/2014 10:15:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: %%577 Microsoft Office Sessions: ========================= Error: (09/01/2014 03:54:55 PM) (Source: VSS) (EventID: 12292) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (09/01/2014 03:54:55 PM) (Source: VSS) (EventID: 13) (User: ) Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 8727797 Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 8727797 Error: (09/01/2014 03:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5438 Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5438 Error: (09/01/2014 00:56:15 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (09/01/2014 00:56:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4313 Error: (09/01/2014 00:56:14 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4313 CodeIntegrity Errors: =================================== Date: 2014-08-31 22:27:41.283 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-31 22:27:41.053 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-31 22:15:13.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-08-31 22:15:12.871 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-31 18:52:45.345 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-31 18:52:44.943 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-08-31 18:52:44.754 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Celeron® CPU N2830 @ 2.16GHz Percentage of memory in use: 61% Total physical RAM: 3979.2 MB Available physical RAM: 1522.04 MB Total Pagefile: 4875.2 MB Available Pagefile: 2080.96 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:455.22 GB) (Free:263.56 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 917E9FD1) Partition: GPT Partition Type. ==================== End Of Log ============================

I have downloaded countless virus and malware programs trying to solve my problem. Malwarebytes has helped massively it got rid of a werfault.exe and constant dllhost.exe error messages and removed so much infected files from my laptop but it hasn't fixed one problem and that's my taskbar keeps restarting. I have searched for hours trying to find a solution but no help. Also to add my system restore is affected and I get a error message when opening it. I am on windows 8 and I have no restore point or anything. sfc/scannow finds a error but can not fix it I also keep receiving a notification from C:\Windows\explorer.exe from Malwarebytes

I also keep receiving a notification from C:\Windows\explorer.exe from Malwarebytes

I have downloaded countless virus and malware programs trying to solve my problem. Malwarebytes has helped massively it got rid of a werfault.exe and constant dllhost.exe error messages and removed so much infected files from my laptop but it hasn't fixed one problem and that's my taskbar keeps restarting. I have searched for hours trying to find a solution but no help. Also to add my system restore is affected and I get a error message when opening it. I am on windows 8 and I have no restore point or anything. sfc/scannow finds a error but can not fix it