FSS new

1. Farbar Service Scanner Version: 13-09-2013
2. Ran by user (administrator) on 24-09-2013 at 09:19:22
3. Running from "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J8XN5C7Q"
4. Microsoft Windows 8 (X64)
5. Boot Mode: Normal
6. ****************************************************************
7.  
8. Internet Services:
9. ============
10.  
11. Connection Status:
12. ==============
13. Localhost is accessible.
14. LAN connected.
15. Google IP is accessible.
16. Google.com is accessible.
17. Yahoo.com is accessible.
18.  
19.  
20. Windows Firewall:
21. =============
22. MpsSvc Service is not running. Checking service configuration:
23. The start type of MpsSvc service is OK.
24. The ImagePath of MpsSvc service is OK.
25. The ServiceDll of MpsSvc service is OK.
26.  
27. bfe Service is not running. Checking service configuration:
28. The start type of bfe service is OK.
29. The ImagePath of bfe service is OK.
30. The ServiceDll of bfe service is OK.
31.  
32.  
33. Firewall Disabled Policy:
34. ==================
35.  
36.  
37. System Restore:
38. ============
39.  
40. System Restore Disabled Policy:
41. ========================
42.  
43.  
44. Action Center:
45. ============
46.  
47.  
48. Windows Update:
49. ============
50. wuauserv Service is not running. Checking service configuration:
51. The start type of wuauserv service is set to Demand. The default start type is Auto.
52. The ImagePath of wuauserv service is OK.
53. The ServiceDll of wuauserv service is OK.
54.  
55.  
56. Windows Autoupdate Disabled Policy:
57. ============================
58.  
59.  
60. Windows Defender:
61. ==============
62. WinDefend Service is not running. Checking service configuration:
63. The start type of WinDefend service is set to Demand. The default start type is Auto.
64. The ImagePath of WinDefend service is OK.
65.  
66.  
67. Windows Defender Disabled Policy:
68. ==========================
69. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
70. "DisableAntiSpyware"=DWORD:1
71.  
72.  
73. Other Services:
74. ==============
75.  
76.  
77. File Check:
78. ========
79. C:\Windows\System32\nsisvc.dll => MD5 is legit
80. C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
81. C:\Windows\System32\dhcpcore.dll => MD5 is legit
82. C:\Windows\System32\drivers\afd.sys => MD5 is legit
83. C:\Windows\System32\drivers\tdx.sys => MD5 is legit
84. C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
85. C:\Windows\System32\dnsrslvr.dll => MD5 is legit
86. C:\Windows\System32\mpssvc.dll => MD5 is legit
87. C:\Windows\System32\bfe.dll
88. [2013-09-23 22:23] - [2013-06-10 20:15] - 0723968 ____A (Microsoft Corporation) 73133A0C0CA63817BFF2CB9DE65B64E7
89.  
90. C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
91. C:\Windows\System32\SDRSVC.dll => MD5 is legit
92. C:\Windows\System32\vssvc.exe => MD5 is legit
93. C:\Windows\System32\wscsvc.dll => MD5 is legit
94. C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
95. C:\Windows\System32\wuaueng.dll
96. [2013-09-23 22:26] - [2013-08-16 06:21] - 3275776 ____A (Microsoft Corporation) 9DEC60D4783377097014DFCCA31E69F8
97.  
98. C:\Windows\System32\qmgr.dll => MD5 is legit
99. C:\Windows\System32\es.dll => MD5 is legit
100. C:\Windows\System32\cryptsvc.dll => MD5 is legit
101. C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
102. C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
103. C:\Windows\System32\ipnathlp.dll => MD5 is legit
104. C:\Windows\System32\iphlpsvc.dll => MD5 is legit
105. C:\Windows\System32\svchost.exe => MD5 is legit
106. C:\Windows\System32\rpcss.dll => MD5 is legit
107.  
108.  
109. **** End of log ****