Farbar Service Scanner Version: 13-09-2013 Ran by Administrator (administrator) on 02-10-2013 at 13:27:58 Running from "G:\docs\download" Microsoft(R) Windows(R) Server 2003, Enterprise Edition Dodatek Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is set to Demand. The default start type is Auto. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Nsi Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open Nsi registry key. The service key does not exist. nsiproxy Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open nsiproxy registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open nsiproxy registry key. The service key does not exist. Checking LEGACY_nsiproxy: ATTENTION!=====> Unable to open LEGACY_nsiproxy\0000 registry key. The key does not exist. tdx Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open tdx registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open tdx registry key. The service key does not exist. Checking LEGACY_tdx: ATTENTION!=====> Unable to open LEGACY_tdx\0000 registry key. The key does not exist. Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= mpsdrv Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open mpsdrv registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open mpsdrv registry key. The service key does not exist. Checking LEGACY_mpsdrv: ATTENTION!=====> Unable to open LEGACY_mpsdrv\0000 registry key. The key does not exist. MpsSvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. bfe Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] "EnableFirewall"=DWORD:0 "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist. System Restore: ============ SDRSVC Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open SDRSVC registry key. The service key does not exist. System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is set to Disabled. The default start type is Auto. Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of wscsvc. The value does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Windows Update: ============ wuauserv Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist. BITS Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist. EventSystem Service is not running. Checking service configuration: The start type of EventSystem service is set to Disabled. The default start type is Auto. The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs". The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll". Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Other Services: ============== Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist. Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist. Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist. Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist. Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist. Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Parameters\FirewallPolicy\FirewallRules" registry key. The key does not exist. Checking Start type PolicyAgent: ATTENTION!=====> Unable to retrieve start type of PolicyAgent. The value does not exist. Checking ImagePath of PolicyAgent: ATTENTION!=====> Unable to retrieve ImagePath of PolicyAgent. The value does not exist. Checking ServiceDll of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist. Checking Start type of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. Checking ImagePath of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. File Check: ======== ATTENTION!=====> C:\WINDOWS\system32\nsisvc.dll FILE IS MISSING AND SHOULD BE RESTORED. ATTENTION!=====> C:\WINDOWS\system32\Drivers\nsiproxy.sys FILE IS MISSING AND SHOULD BE RESTORED. C:\WINDOWS\system32\Drivers\afd.sys [2007-02-17 07:59] - [2007-02-17 07:59] - 0150528 ____A (Microsoft Corporation) E55AD49AD3DF929D9858DB4274784DC0 ATTENTION!=====> C:\WINDOWS\system32\Drivers\tdx.sys FILE IS MISSING AND SHOULD BE RESTORED. C:\WINDOWS\system32\Drivers\tcpip.sys [2007-02-17 08:07] - [2007-02-17 08:07] - 0383488 ____A (Microsoft Corporation) 76788FA017C0FD42E32D21555AB4FD89 C:\WINDOWS\system32\dnsrslvr.dll [2007-02-17 09:06] - [2007-02-17 09:06] - 0045568 ____A (Microsoft Corporation) C4A35A4F3E70081852DA10F9A3B67152 ATTENTION!=====> C:\WINDOWS\system32\mpssvc.dll FILE IS MISSING AND SHOULD BE RESTORED. ATTENTION!=====> C:\WINDOWS\system32\bfe.dll FILE IS MISSING AND SHOULD BE RESTORED. ATTENTION!=====> C:\WINDOWS\system32\Drivers\mpsdrv.sys FILE IS MISSING AND SHOULD BE RESTORED. ATTENTION!=====> C:\WINDOWS\system32\SDRSVC.dll FILE IS MISSING AND SHOULD BE RESTORED. C:\WINDOWS\system32\vssvc.exe [2007-02-17 08:35] - [2007-02-17 08:35] - 0839680 ____A (Microsoft Corporation) C0DB37E3C0D7F6EBDEEA35DC1C3CF760 ATTENTION!=====> C:\WINDOWS\system32\wscsvc.dll FILE IS MISSING AND SHOULD BE RESTORED. C:\WINDOWS\system32\wbem\WMIsvc.dll [2007-09-27 12:27] - [2007-02-17 08:49] - 0143872 ____A (Microsoft Corporation) CA8CF558CF51048F3CCD6778F83B77A0 C:\WINDOWS\system32\wuaueng.dll => MD5 is legit C:\WINDOWS\system32\qmgr.dll [2007-09-27 12:30] - [2007-02-17 08:53] - 0380928 ____A (Microsoft Corporation) 53E23A0E587D7869C5F539772620DC4B C:\WINDOWS\system32\es.dll [2007-02-17 08:01] - [2007-02-17 08:01] - 0238592 ____A (Microsoft Corporation) C60E370018F61C09044710BE8E3E0920 C:\WINDOWS\system32\cryptsvc.dll [2007-02-17 09:04] - [2007-02-17 09:04] - 0056320 ____A (Microsoft Corporation) 7DB5020817BAFAC898E28D7DADB1B56E ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED. C:\WINDOWS\system32\ipnathlp.dll [2007-02-17 08:57] - [2007-02-17 08:57] - 0343552 ____A (Microsoft Corporation) 04698E531DB8EF8A21979D8E054735A5 ATTENTION!=====> C:\WINDOWS\system32\iphlpsvc.dll FILE IS MISSING. C:\WINDOWS\system32\svchost.exe [2007-02-17 08:07] - [2007-02-17 08:07] - 0014848 ____A (Microsoft Corporation) 007E7B9113E6EAE9A886060D40B97C0B C:\WINDOWS\system32\rpcss.dll [2007-02-17 08:05] - [2007-02-17 08:05] - 0481792 ____A (Microsoft Corporation) 302E82D9EBE2081E28A0E3AB581A3C0C **** End of log ****