Farbar Service Scanner Version: 26-07-2012 Ran by Iza (administrator) on 27-07-2012 at 17:53:56 Running from "D:\U\wirus\2" Microsoft Windows XP Home Edition Dodatek Service Pack 3 (X86) Boot Mode: Minimal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is set to Disabled. The default start type is Auto. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Dhcp Service is not running. Checking service configuration: The start type of Dhcp service is OK. The ImagePath of Dhcp service is OK. The ServiceDll of Dhcp service is OK. afd Service is not running. Checking service configuration: The start type of afd service is OK. The ImagePath of afd service is OK. NetBt Service is not running. Checking service configuration: The start type of NetBt service is OK. The ImagePath of NetBt service is OK. Tcpip Service is not running. Checking service configuration: The start type of Tcpip service is OK. The ImagePath of Tcpip service is OK. IpSec Service is not running. Checking service configuration: The start type of IpSec service is OK. The ImagePath of IpSec service is OK. Connection Status: ============== Attempt to access Local Host IP returned error: Localhost is blocked: Other errors LAN connected. Attempt to access Google IP returned error: Other errors Attempt to access Google.com returned error: Other errors Attempt to access Yahoo IP returned error: Other errors Attempt to access Yahoo.com returned error: Other errors Windows Firewall: ============= sharedaccess Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist. Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist. netman Service is not running. Checking service configuration: The start type of netman service is OK. The ImagePath of netman service is OK. The ServiceDll of netman service is OK. Firewall Disabled Policy: ================== ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist. ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist. System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Windows Update: ============ wuauserv Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. BITS Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. EventSystem Service is not running. Checking service configuration: The start type of EventSystem service is OK. The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs". The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll". Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll [2008-08-28 21:05] - [2008-04-15 14:00] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7 C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit C:\WINDOWS\system32\dnsrslvr.dll [2008-08-28 21:05] - [2009-04-20 19:19] - 0045568 ____A (Microsoft Corporation) 082BE13166A3354F25F78E0B2601012B C:\WINDOWS\system32\ipnathlp.dll [2008-08-28 21:05] - [2008-04-15 14:00] - 0330752 ____A (Microsoft Corporation) DA5C015911F68F22ED821E9EE49AB233 C:\WINDOWS\system32\netman.dll [2008-08-28 21:05] - [2008-04-15 14:00] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E C:\WINDOWS\system32\wbem\WMIsvc.dll [2008-08-28 14:31] - [2008-04-15 14:00] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\srsvc.dll [2008-08-28 14:33] - [2008-04-15 14:00] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148 C:\WINDOWS\system32\Drivers\sr.sys [2008-08-28 14:33] - [2008-04-15 14:00] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002 C:\WINDOWS\system32\wscsvc.dll [2008-08-28 21:05] - [2008-04-15 14:00] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D C:\WINDOWS\system32\wbem\WMIsvc.dll [2008-08-28 14:31] - [2008-04-15 14:00] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\wuauserv.dll [2008-08-28 14:33] - [2008-04-15 14:00] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD C:\WINDOWS\system32\qmgr.dll [2008-08-28 14:33] - [2008-04-15 14:00] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F C:\WINDOWS\system32\es.dll [2008-08-28 21:05] - [2008-07-07 22:29] - 0253952 ____A (Microsoft Corporation) 6AFF804839C85859E0247164FBE5F5BB C:\WINDOWS\system32\cryptsvc.dll [2008-08-28 21:05] - [2008-04-15 14:00] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9 C:\WINDOWS\system32\svchost.exe [2008-08-28 21:05] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE C:\WINDOWS\system32\rpcss.dll [2008-08-28 21:05] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) A37311D9D628C1042A2836731787F0F3 C:\WINDOWS\system32\services.exe [2008-08-28 21:05] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02A467E27AF55F7064C5B251E587315F Extra List: ======= Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) 0x0700000004000000010000000200000003000000050000000600000007000000 IpSec Tag value is correct. **** End of log ****