Farbar Service Scanner Version: 13-09-2013 Ran by Tadek (administrator) on 19-10-2013 at 17:45:40 Running from "F:\vir" Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= sharedaccess Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist. Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist. Unable to retrieve ServiceDll of sharedaccess. The value does not exist. Checking LEGACY_sharedaccess: ATTENTION!=====> Unable to open LEGACY_sharedaccess\0000 registry key. The key does not exist. Firewall Disabled Policy: ================== "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist. System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is set to Disabled. The default start type is Auto. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll". Windows Autoupdate Disabled Policy: ============================ Other Services: ============== Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist. Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist. Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist. Checking Start type of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist. Checking ImagePath of PolicyAgent: ATTENTION!=====> Unable to open PolicyAgent registry key. The service key does not exist. Checking Start type of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. Checking ImagePath of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist. File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll [2004-08-04 01:43] - [2008-04-14 22:50] - 0126464 ____A (Microsoft Corporation) 6B4AFE7C676CFF3EFF2DC06A4EE945F7 C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit C:\WINDOWS\system32\dnsrslvr.dll [2004-08-04 01:43] - [2008-04-14 22:50] - 0045568 ____A (Microsoft Corporation) 4F7E82841ED3CF026BD8D5CE7C7379DB C:\WINDOWS\system32\ipnathlp.dll [2004-08-04 01:44] - [2008-04-14 22:50] - 0330752 ____A (Microsoft Corporation) DA5C015911F68F22ED821E9EE49AB233 C:\WINDOWS\system32\netman.dll [2004-08-04 01:44] - [2008-04-14 22:50] - 0198144 ____A (Microsoft Corporation) 4FE97D0B1B182DF2A9BDD4C02155EF5E C:\WINDOWS\system32\wbem\WMIsvc.dll [2009-03-31 21:20] - [2008-04-14 22:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\srsvc.dll [2009-03-31 21:21] - [2008-04-14 22:50] - 0171520 ____A (Microsoft Corporation) 316D0E66074AE4CDE641C50D3A1C5148 C:\WINDOWS\system32\Drivers\sr.sys [2009-03-31 21:21] - [2008-04-14 22:04] - 0073472 ____A (Microsoft Corporation) EB032822BE406EF220D546DDFFCF0002 C:\WINDOWS\system32\wscsvc.dll [2004-08-04 01:44] - [2008-04-14 22:51] - 0080896 ____A (Microsoft Corporation) B6669F49D42E09BC0F9889FAA0F3336D C:\WINDOWS\system32\wbem\WMIsvc.dll [2009-03-31 21:20] - [2008-04-14 22:51] - 0145408 ____A (Microsoft Corporation) 70C22297534A88B0AD0568900AB5A6D9 C:\WINDOWS\system32\wuauserv.dll [2009-03-31 21:22] - [2008-04-14 22:51] - 0006656 ____A (Microsoft Corporation) 04550D5EB7EE82C115DB547C01DF09FD C:\WINDOWS\system32\qmgr.dll [2009-03-31 21:22] - [2008-04-14 22:50] - 0409088 ____A (Microsoft Corporation) 78200FAA6FD9C69394134C238C87FB7F C:\WINDOWS\system32\es.dll [2004-08-04 01:43] - [2008-07-07 22:29] - 0253952 ____A (Microsoft Corporation) 6AFF804839C85859E0247164FBE5F5BB C:\WINDOWS\system32\cryptsvc.dll [2004-08-04 01:43] - [2008-04-14 22:50] - 0062464 ____A (Microsoft Corporation) 6B105FE95F2E9F0B6346044BA59D41C9 C:\WINDOWS\system32\svchost.exe [2004-08-04 01:44] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607D35D92528E2DF386F19A960D23CE C:\WINDOWS\system32\rpcss.dll [2004-08-04 01:44] - [2008-04-14 22:50] - 0399360 ____A (Microsoft Corporation) 02396DAB9DD407B06539981F477F3FEC C:\WINDOWS\system32\services.exe [2004-08-04 01:44] - [2008-04-14 22:51] - 0109056 ____A (Microsoft Corporation) 3E3AE424E27C4CEFE4CAB368C7B570EA Extra List: ======= Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4) 0x0700000005000000010000000200000003000000040000000600000007000000 IpSec Tag value is correct. **** End of log ****