Farbar Service Scanner Version: 26-07-2015 Ran by Admin (administrator) on 17-08-2015 at 12:47:02 Running from "C:\Users\Admin\Desktop" Microsoft Windows 7 Professional Service Pack 1 (X64) Boot Mode: Network **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ SDRSVC Service is not running. Checking service configuration: The start type of SDRSVC service is OK. The ImagePath of SDRSVC service is OK. The ServiceDll of SDRSVC service is OK. VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. BITS Service is not running. Checking service configuration: The start type of BITS service is OK. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. EventSystem Service is not running. Checking service configuration: The start type of EventSystem service is OK. The ImagePath of EventSystem service is OK. The ServiceDll of EventSystem service is OK. cryptsvc Service is not running. Checking service configuration: The start type of cryptsvc service is set to Demand. The default start type is Auto. The ImagePath of cryptsvc service is OK. The ServiceDll of cryptsvc: "%SystemRoot%\system32\cryptsvc.dll". Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Windows Defender Disabled Policy: ========================== Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2014-07-09 08:53] - [2014-05-30 08:45] - 0497152 ____A (Microsoft Corporation) FA886682CFC5D36718D3E436AACF10B9 C:\Windows\System32\drivers\tdx.sys [2014-12-10 09:52] - [2014-11-11 03:46] - 0119296 ____A (Microsoft Corporation) 70988118145F5F10EF24720B97F35F65 C:\Windows\System32\Drivers\tcpip.sys [2014-06-11 14:57] - [2014-04-05 04:47] - 1903552 ____A (Microsoft Corporation) 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll [2015-07-17 12:59] - [2015-07-09 19:58] - 2603008 ____A (Microsoft Corporation) AA3E844A2595B1AA5825C70CA50D963E C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2015-07-17 12:58] - [2015-04-27 21:23] - 0188416 ____A (Microsoft Corporation) 7BC3E861F7E8EB543A630090FAE779E0 C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****