Farbar Service Scanner Version: 07-10-2012 Ran by Andrzej (administrator) on 18-10-2012 at 19:30:24 Running from "C:\Documents and Settings\Andrzej\Pulpit" Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration: The start type of BITS service is set to Demand. The default start type is Auto. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\WINNT\system32\dhcpcsvc.dll [2004-08-04 02:43] - [2008-04-14 22:50] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7 C:\WINNT\system32\Drivers\afd.sys => MD5 is legit C:\WINNT\system32\Drivers\netbt.sys => MD5 is legit C:\WINNT\system32\Drivers\tcpip.sys => MD5 is legit C:\WINNT\system32\Drivers\ipsec.sys => MD5 is legit C:\WINNT\system32\dnsrslvr.dll [2004-08-04 02:43] - [2009-04-20 19:19] - 0045568 ____A (Microsoft Corporation) 082BE13166A3354F25F78E0B2601012B C:\WINNT\system32\ipnathlp.dll [2004-08-04 02:44] - [2008-04-14 22:50] - 0330752 ____A (Microsoft Corporation) DA5C015911F68F22ED821E9EE49AB233 C:\WINNT\system32\netman.dll [2006-05-13 16:26] - [2008-04-14 22:50] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E C:\WINNT\system32\wbem\WMIsvc.dll [2012-03-27 12:32] - [2008-04-14 22:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINNT\system32\srsvc.dll [2012-03-27 12:34] - [2008-04-14 22:50] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148 C:\WINNT\system32\Drivers\sr.sys [2012-03-27 12:34] - [2008-04-14 22:04] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002 C:\WINNT\system32\wscsvc.dll [2004-08-04 02:44] - [2008-04-14 22:51] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D C:\WINNT\system32\wbem\WMIsvc.dll [2012-03-27 12:32] - [2008-04-14 22:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINNT\system32\wuauserv.dll [2012-03-27 12:34] - [2008-04-14 22:51] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD C:\WINNT\system32\qmgr.dll [2012-03-27 12:34] - [2008-04-14 22:50] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F C:\WINNT\system32\es.dll [2006-05-13 16:25] - [2008-07-07 22:29] - 0253952 ____A (Microsoft Corporation) 6AFF804839C85859E0247164FBE5F5BB C:\WINNT\system32\cryptsvc.dll [2004-08-04 02:43] - [2008-04-14 22:50] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9 C:\WINNT\system32\svchost.exe [2004-08-04 02:44] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE C:\WINNT\system32\rpcss.dll [2006-05-13 16:25] - [2009-02-09 12:53] - 0401408 ____A (Microsoft Corporation) A37311D9D628C1042A2836731787F0F3 C:\WINNT\system32\services.exe [2004-08-04 02:44] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02A467E27AF55F7064C5B251E587315F Extra List: ======= AegisP(10) Gpc(3) IPSec(5) NetBT(6) PSched(7) s24trans(9) Tcpip(4) 0x0A0000000500000001000000020000000300000004000000060000000700000008000000090000000A000000 IpSec Tag value is correct. **** End of log ****