Farbar Service Scanner Version: 22-07-2012 Ran by Bukowscy (administrator) on 24-07-2012 at 12:44:20 Running from "C:\Documents and Settings\Bukowscy\Pulpit" Microsoft Windows XP Dodatek Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= sharedaccess Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist. Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist. Unable to retrieve ServiceDll of sharedaccess. The value does not exist. winmgmt Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Firewall Disabled Policy: ================== ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist. ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall value. The value does not exist. System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. winmgmt Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open winmgmt registry key. The service key does not exist. Windows Update: ============ wuauserv Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. BITS Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7 C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit C:\WINDOWS\system32\dnsrslvr.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0045568 ____A (Microsoft Corporation) 4F7E82841ED3CF026BD8D5CE7C7379DB C:\WINDOWS\system32\ipnathlp.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0330752 ____A (Microsoft Corporation) DA5C015911F68F22ED821E9EE49AB233 C:\WINDOWS\system32\netman.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E C:\WINDOWS\system32\wbem\WMIsvc.dll [2007-10-17 21:28] - [2008-04-15 14:00] - 0145408 ___AC (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\srsvc.dll [2007-10-17 21:29] - [2008-04-15 14:00] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148 C:\WINDOWS\system32\Drivers\sr.sys [2007-10-17 21:29] - [2008-04-15 14:00] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002 C:\WINDOWS\system32\wscsvc.dll [2009-03-25 18:40] - [2008-04-15 14:00] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D C:\WINDOWS\system32\wbem\WMIsvc.dll [2007-10-17 21:28] - [2008-04-15 14:00] - 0145408 ___AC (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\wuauserv.dll [2007-10-17 21:29] - [2008-04-15 14:00] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD C:\WINDOWS\system32\qmgr.dll [2007-10-17 21:29] - [2008-04-15 14:00] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F C:\WINDOWS\system32\es.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0246272 ____A (Microsoft Corporation) BE1B1412A3D488C50B8F67F792196108 C:\WINDOWS\system32\cryptsvc.dll [2009-03-25 18:39] - [2008-04-15 14:00] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9 C:\WINDOWS\system32\svchost.exe [2009-03-25 18:40] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE C:\WINDOWS\system32\rpcss.dll [2009-03-25 18:40] - [2008-04-15 14:00] - 0399360 ____A (Microsoft Corporation) 02396DAB9DD407B06539981F477F3FEC C:\WINDOWS\system32\services.exe [2009-03-25 18:40] - [2008-04-15 14:00] - 0109056 ____A (Microsoft Corporation) 3E3AE424E27C4CEFE4CAB368C7B570EA Extra List: ======= epfwtdir(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 0x09000000050000000100000002000000030000000400000006000000070000000800000009000000 IpSec Tag value is correct. **** End of log ****