Farbar Service Scanner Version: 19-09-2012 Ran by Pawel (administrator) on 28-09-2012 at 00:09:21 Running from "C:\Users\Pawel\Downloads" Microsoft Windows 7 Home Premium (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Attempt to access Local Host IP returned error: Localhost is blocked: Destination is offline LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is set to Disabled. The default start type is Auto. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is set to Disabled. The default start type is Auto. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv: "C:\Windows\system32\wuaueng.dll". Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Disabled. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcore.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys [2012-05-11 14:58] - [2012-03-30 12:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED C:\Windows\system32\dnsrslvr.dll [2011-04-13 22:09] - [2011-03-03 07:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9 C:\Windows\system32\mpssvc.dll [2009-07-14 01:53] - [2009-07-14 03:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E C:\Windows\system32\bfe.dll [2009-07-14 01:54] - [2009-07-14 03:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11 C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll [2009-07-14 01:23] - [2009-07-14 03:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446 C:\Windows\system32\vssvc.exe [2009-07-14 01:24] - [2009-07-14 03:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C C:\Windows\system32\wscsvc.dll [2011-02-09 11:42] - [2010-12-21 07:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll [2009-07-14 01:30] - [2009-07-14 03:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4 C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll [2012-06-13 15:32] - [2012-04-24 06:47] - 0139264 ____A (Microsoft Corporation) 520A108A2657F4BCA7FCED9CA7D885DE C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\ipnathlp.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log ****