1Okay, so I ran the scan and had the log, but since I couldn't figure out how to temporarily disable MBAM for the second step I uninstalled it, and re installed it after the scan. But I couldn't find the log. Sorry
2 C:\MGtools\Process.exe Win32/PrcView application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application
C:\Program Files (x86)\PDFCreator\message.exe a variant of Win32/InstallCore.A application
C:\Users\FamilyRoom\AppData\Local\Temp\Av-test.txt Eicar test file
C:\Users\FamilyRoom\AppData\Local\Temp\107918886.Uninstall\uninstaller.exe a variant of Win32/InstallCore.AZ application
C:\Users\FamilyRoom\AppData\Local\Temp\A73D43CB-BAB0-7891-A145-B03AFD61ECA0\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.F application
C:\Users\FamilyRoom\AppData\Local\Temp\A73D43CB-BAB0-7891-A145-B03AFD61ECA0\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application
C:\Users\FamilyRoom\Documents\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\FamilyRoom\Documents\Teen SS\SmitfraudFix\Process.exe Win32/PrcView application
C:\Users\FamilyRoom\Documents\Teen SS\SmitfraudFix\restart.exe Win32/Shutdown.NAA application
C:\Users\FamilyRoom\Downloads\ARO2012_tbt.exe a variant of Win32/Bundled.Toolbar.Ask.D application
C:\Users\FamilyRoom\Downloads\asc-setup.exe a variant of Win32/ELEX application
3 Farbar Service Scanner Version: 13-09-2013
Ran by FamilyRoom (administrator) on 19-09-2013 at 07:29:33
Running from "C:\Users\FamilyRoom\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.
Firewall Disabled Policy:
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
Checking Start type iphlpsvc: ATTENTION!=====> Unable to retrieve start type of iphlpsvc. The value does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to retrieve ImagePath of iphlpsvc. The value does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
4 Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64
Internet Explorer 10
``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java 6 Update 25
Java 7 Update 17
Java version out of Date! Adobe Reader 9
Adobe Reader out of Date! Google Chrome 29.0.1547.62
Google Chrome 29.0.1547.66
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````