Farbar Service Scanner Version: 31-05-2013 01 Ran by asd (administrator) on 08-06-2013 at 17:33:54 Running from "D:\" Microsoft Windows XP Dodatek Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= sharedaccess Service is not running. Checking service configuration: The start type of sharedaccess service is set to Disabled. The default start type is Auto. The ImagePath of sharedaccess service is OK. The ServiceDll of sharedaccess service is OK. Firewall Disabled Policy: ================== System Restore: ============ Srservice Service is not running. Checking service configuration: The start type of Srservice service is OK. The ImagePath of Srservice service is OK. The ServiceDll of Srservice: "C:\WINDOWS\System32\srsvc.dll". sr Service is not running. Checking service configuration: The start type of sr service is set to Disabled. The default start type is Boot. The ImagePath of sr: "\SystemRoot\System32\DRIVERS\sr.sys". System Restore Disabled Policy: ======================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR"=DWORD:1 Security Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is set to Disabled. The default start type is Auto. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is set to Disabled. The default start type is Auto. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv: "C:\WINDOWS\System32\wuauserv.dll". BITS Service is not running. Checking service configuration: The start type of BITS service is set to Disabled. The default start type is Auto. The ImagePath of BITS service is OK. The ServiceDll of BITS: "C:\WINDOWS\System32\qmgr.dll". Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll [2002-09-29 00:00] - [2004-08-04 00:43] - 0110592 ____A (Microsoft Corporation) 94B49F2D487A7D4A79B3E96B6D5685B0 C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys [2002-09-29 00:00] - [2004-08-03 23:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B C:\WINDOWS\system32\Drivers\tcpip.sys [2002-09-29 00:00] - [2004-08-03 23:14] - 0359040 ____A (Microsoft Corporation) 9F4B36614A0FC234525BA224957DE55C C:\WINDOWS\system32\Drivers\ipsec.sys [2002-09-29 00:00] - [2004-08-03 23:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1 C:\WINDOWS\system32\dnsrslvr.dll [2002-09-29 00:00] - [2004-08-04 00:43] - 0045568 ____A (Microsoft Corporation) F61C204EBCAA1D6B5FB5DFE7034741F3 C:\WINDOWS\system32\ipnathlp.dll [2002-09-29 00:00] - [2004-08-04 00:44] - 0331264 ____A (Microsoft Corporation) DDC87ADF808D192A5212CC8A1E7F8E87 C:\WINDOWS\system32\netman.dll [2002-09-29 00:00] - [2004-08-04 00:44] - 0198144 ____A (Microsoft Corporation) 3E7B6583269BC118720D0020B03CC71E C:\WINDOWS\system32\wbem\WMIsvc.dll [2013-06-05 23:41] - [2004-08-04 00:44] - 0145408 ____A (Microsoft Corporation) 482435B2A2DE8E06C83C3B1EB3237C2C C:\WINDOWS\system32\srsvc.dll [2013-06-05 23:43] - [2004-08-04 00:44] - 0171008 ____A (Microsoft Corporation) F309D9894FCA821E3C2F557A8032D47A C:\WINDOWS\system32\Drivers\sr.sys [2013-06-05 23:43] - [2004-08-04 00:39] - 0073472 ____A (Microsoft Corporation) 6145CA23BCCDA679A772EC0AF42D6EB5 C:\WINDOWS\system32\wscsvc.dll [2013-06-05 23:58] - [2004-08-04 00:44] - 0081408 ____N (Microsoft Corporation) 390D0951271908C46EECF89893876424 C:\WINDOWS\system32\wbem\WMIsvc.dll [2013-06-05 23:41] - [2004-08-04 00:44] - 0145408 ____A (Microsoft Corporation) 482435B2A2DE8E06C83C3B1EB3237C2C C:\WINDOWS\system32\wuauserv.dll [2013-06-05 23:41] - [2004-08-04 00:44] - 0006656 ____A (Microsoft Corporation) 40C600488FF127953AA2F1835E5FD433 C:\WINDOWS\system32\qmgr.dll [2013-06-05 23:43] - [2004-08-04 00:44] - 0382464 ____A (Microsoft Corporation) A6BFD910074B02C8794FC65F39CC6B28 C:\WINDOWS\system32\es.dll [2002-09-29 00:00] - [2004-08-04 00:43] - 0243200 ____A (Microsoft Corporation) DC54CC79E1FAEFA480A8117C9BF105E1 C:\WINDOWS\system32\cryptsvc.dll [2002-09-29 00:00] - [2004-08-04 00:43] - 0060416 ____A (Microsoft Corporation) 91723CD7C96C5854149F9CAE820A90DD C:\WINDOWS\system32\svchost.exe [2002-09-29 00:00] - [2004-08-04 00:44] - 0014336 ____A (Microsoft Corporation) BA98327E90022DBD6EE76490E0622E2E C:\WINDOWS\system32\rpcss.dll [2002-09-29 00:00] - [2004-08-04 00:44] - 0395776 ____A (Microsoft Corporation) 346E5B19FC986FE7185A0C2C43593722 C:\WINDOWS\system32\services.exe [2002-09-29 00:00] - [2004-08-04 00:44] - 0108544 ____A (Microsoft Corporation) 3DA8D964D2CC12EF8E8C342471A37917 Extra List: ======= Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 0x0700000005000000010000000200000003000000040000000600000007000000 IpSec Tag value is correct. **** End of log ****