E-Peek v 1.0.5.6 © Emphyrio/Onsia Patrick 2013-2014 Downloaded @ [url=http://www.antimalwarehelp.be/EDev/Tools/E-Peek/EPeekDL.html]E Dev[/url] Run at ma 24 nov 2014 11:29 . Windows 8.1 Professional (32 bits) C:\Windows [NTFS - Fixed] Default Browser: Google Chrome Boot mode: Normal boot User logged in: Georges . Java x86: 1.8 . AV : Panda Cloud Antivirus [Updated - Not Running] AV : Windows Defender [Updated - Not Running] AS : Windows Defender [Updated - Not Running] AS : Panda Cloud Antivirus [Updated - Not Running] FW : FW : Panda Cloud Firewall [Updated - Not Running] . ==================== Files and Folders history ================================= Folders Created Last 7 days : 24/11/2014 ##### r-h-s-d+a- C:\Program Files\E Dev 20/11/2014 ##### r-h+s+d+a- C:\Users\Georges\AppData\Local\EmieBrowserModeList 18/11/2014 ##### r-h-s-d+a- C:\Users\Georges\AppData\Roaming\Softland 18/11/2014 ##### r-h-s-d+a- C:\Program Files\Softland Files Modified Last 7 days : 23/11/2014 00021605 r-h-s-d-a+ C:\Windows\system32\lvcoinst.log Files Created Last 7 days : 19/11/2014 00806400 r-h-s-d-a+ C:\Windows\system32\kerberos.dll 19/11/2014 00208896 r-h-s-d-a+ C:\Windows\system32\pku2u.dll 18/11/2014 00024384 r-h-s-d-a+ C:\Windows\system32\dopdfmn7.dll 18/11/2014 00021312 r-h-s-d-a+ C:\Windows\system32\dopdfmi7.dll 18/11/2014 00007549 r-h-s-d-a+ C:\Windows\system32\dopdf7.ctm ==================== RUNNING PROCESSES ========================================= [hpwuschd2] -Georges- C:\Program Files\HP\HP Software Update\hpwuschd2.exe - (Hewlett-Packard) [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation) ==================== IE PAGES ================================================== IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Start Page = hxxp://google.be/ IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\system32\blank.htm IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 IE02 - HKCU\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank IE04 - HKCU\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [Bing] @ URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE05 - HKCU\..\URLSearchHooks @ {CFBFAE00-17A6-11D0-99CB-00C04FD64497} = C:\Windows\System32\ieframe.dll IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Start Page = about:blank IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Local Page = C:\Windows\System32\blank.htm IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Page_URL = about:blank IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Default_Search_URL = hxxp://www.google.com IE08 - HKLM\Software\Microsoft\Internet Explorer\Main @ Search Page = hxxp://www.google.com IE10 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes @ DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE10 - HKLM\..\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ DisplayName: [@ieframe.dll,-12512] @ URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE12 - HKLM\..\Toolbar{553891B7-A0D5-4526-BE18-D3CE461D6310} @ Default = C:\Program Files\Classic Shell\ClassicExplorer32.dll ==================== Auto Load ================================================= AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Userinit = C:\Windows\system32\userinit.exe, AL00 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon @ Shell = explorer.exe ==================== Firefox =================================================== FF - ProfilePath - C:\Users\Georges\AppData\Roaming\Mozilla\firefox\Profiles\dudytl6v.default FF - Ext: [Default 32.0.3 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True FF - Ext: [Freemake Video Downloader Plugin 1.0.0 ] - extension - fmdownloader@gmail.com visible: True active: False FF - Ext: [Freemake Youtube Download Button 1.0.0 ] - extension - ytfmdownloader@gmail.com visible: True active: False FF - PlugIn: [Google Earth Plug-in] - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll FF - PlugIn: [Java™ Deployment Toolkit] - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll FF - PlugIn: [Oracle® Java™ Plug-In] - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll FF - PlugIn: [Ag Player] - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll FF - PlugIn: [Office Authorization] - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL FF - PlugIn: [Microsoft SharePoint Plug-in for Firefox] - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL FF - PlugIn: [Google Update] - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll FF - PlugIn: [Google Update] - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll FF - prefs.js: user_pref("browser.startup.homepage", "hxxps://www.google.be/?gws_rd=ssl"); ==================== Google Chrome ============================================= GC - Prefpath: C:\Users\Georges\AppData\Local\Google\Chrome\User Data\Default\Preferences GC - Profile Name: Eerste gebruiker GC - Homepage: GC - Default Search Provider: = Known Disabled Extensions = ==================== Windows Host File ========================================= ==================== BHO ======================================================= BHO - [ExplorerBHO Class] - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} @ Default = C:\Program Files\Classic Shell\ClassicExplorer32.dll BHO - [Java(tm) Plug-In SSV Helper] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} @ Default = C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll BHO - [Skype Click to Call for Internet Explorer] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} @ Default = C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO - [Office Document Cache Handler] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} @ Default = C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL BHO - [Java(tm) Plug-In 2 SSV Helper] - {DBC80044-A445-435b-BC74-9C25C1C588A9} @ Default = C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll BHO - [ClassicIEBHO Class] - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} @ Default = C:\Program Files\Classic Shell\ClassicIEDLL_32.dll ==================== Auto Start Programs ======================================= ASP01 - HKLM\..\Run @ Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" ASP01 - HKLM\..\Run @ Classic Start Menu = "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun ASP01 - HKLM\..\Run @ HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe ASP01 - HKLM\..\Run @ Logitech Download Assistant = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch ASP01 - HKLM\..\Run @ LogitechCommunicationsManager = "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" ASP01 - HKLM\..\Run @ LogitechQuickCamRibbon = "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide ASP01 - HKLM\..\Run @ LVCOMSX = "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" ASP01 - HKLM\..\Run @ PSUAMain = "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray ASP01 - HKLM\..\Run @ StartCCC = "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun ASP01 - HKLM\..\Run @ SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" ASP04 - HKCU\..\Run @ CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR ASP04 - HKCU\..\Run @ MyDriveConnect.exe = "C:\Program Files\MyDrive Connect\MyDriveConnect.exe" ASP04 - HKCU\..\Run @ Skype = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun ASP - Startup - C:\Users\Georges\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ASP - CommonStartup - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVMOBiLiArtworkManager.lnk ==================== Extra Items IE ============================================ EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics EI03 - Adv Opt - HKLM\..\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility EI03 - Adv Opt - HKLM\..\AdvancedOptions\BROWSE @ Text = Browsing EI03 - Adv Opt - HKLM\..\AdvancedOptions\CRYPTO @ Text = Security EI03 - Adv Opt - HKLM\..\AdvancedOptions\HTTP @ Text = HTTP settings EI03 - Adv Opt - HKLM\..\AdvancedOptions\INTERNATIONAL @ Text = International EI03 - Adv Opt - HKLM\..\AdvancedOptions\MULTIMEDIA @ Text = Multimedia EI04 - App Ext - HKCU\..\Approved Extensions @ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll EI04 - App Ext - HKCU\..\Approved Extensions @ {DBC80044-A445-435B-BC74-9C25C1C588A9} = C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll ==================== Internet Default Prefix =================================== IDP00 - Default - HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix @ Default = http:// IDP01 - WWW - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes @ WWW = http:// ==================== Default Settings IE - DSIE ================================ DSIE - ieuinit.inf: START_PAGE= "http://go.microsoft.com/fwlink/p/?LinkId DSIE - ieuinit.inf: SEARCH_PAGE_URL= "http://go.microsoft.com/fwlink/?LinkId ==================== Trusted Zones - TZ ======================================== TZ00 - HKCU - Domains: samsungsetup.com ==================== Downloaded Program Files - DPF ============================ DPF - HKLM - {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} @ CODEBASE = hxxps://enter.ing.net/SNX/CSHELL/extender.cab ==================== Protocol Hijackers - PH =================================== PH00 - Handler:skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} @ = Unknown # C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll # MD5 [c89f814492178585da89f452ce19b720] PH01 - Filter:text/xml - {807573E5-5146-11D5-A672-00B0D022E945} @ = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown ==================== ShellServiceObjectDelayLoad - SSODL ======================= SSODL - WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} @ = ==================== Extra items - EXT (Torpig/ConduitSearch) ================== EXT01 - HKCU\SOFTWARE\AppDataLow\Software\CheckPoint EXT01 - HKCU\SOFTWARE\AppDataLow\Software\JavaSoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\Microsoft EXT01 - HKCU\SOFTWARE\AppDataLow\Software\ThinPrint EXT02 - HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ {217FC9C0-3AEA-1069-A2DB-08002B30309D}= C:\Windows\system32\shell32.dll EXT02 - HKCR\Directory\shellex\CopyHookHandlers\Sharing @ {40dd6e20-7c17-11ce-a804-00aa003ca9f6}= C:\Windows\system32\ntshrui.dll ==================== DRIVERS and SERVICES ====================================== *** Win32OwnProcess *** SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files\common files\adobe\arm\1.0\armsvc.exe SERV - R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe SERV - R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe SERV - R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe SERV - R2 - [Freemake Improver] - Freemake Improver - c:\programdata\freemake\freemakeutilsservice\freemakeutilsservice.exe SERV - R2 - [LVPrcSrv] - Process Monitor - c:\program files\common files\logitech\lvmvfm\lvprcsrv.exe SERV - R2 - [NanoServiceMain] - Panda Cloud Antivirus Service - c:\program files\panda security\panda cloud antivirus\psanhost.exe SERV - R2 - [PandaAgent] - Panda Devices Agent - c:\program files\panda security\panda devices agent\agentsvc.exe SERV - R2 - [PSUAService] - Panda Product Service - c:\program files\panda security\panda cloud antivirus\psuaservice.exe SERV - R2 - [tvMobiliService] - tvMobiliService - c:\program files\tvmobili\bin\tvmobiliservice.exe SERV - R2 - [VMUSBArbService] - VMware USB Arbitration Service - c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe SERV - R2 - [vmware-view-usbd] - VMware View USB - c:\program files\vmware\vmware horizon view client\bin\vmware-view-usbd.exe SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files\google\update\googleupdate.exe SERV - S2 - [SkypeUpdate] - Skype Updater - c:\program files\skype\updater\updater.exe SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files\google\update\googleupdate.exe SERV - S3 - [IDriverT] - InstallDriver Table Manager - c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files\mozilla maintenance service\maintenanceservice.exe SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe SERV - S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe SERV - S3 - [ose] - Office Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe SERV - S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe SERV - Sx - [APNMCP] - Ask-updateservice - C:\Windows\system32\Drivers\APNMCP.sys [x] *** Win32ShareProcess *** SERV - R2 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe *** Others *** SERV - R2 - [cpextender] - Check Point SSL Network Extender - c:\program files\checkpoint\ssl network extender\slimsvc.exe SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe SERV - R2 - [wsnm] - VMware View Client - c:\program files\vmware\vmware horizon view client\wsnm.exe SERV - S2 - [LVSrvLauncher] - LVSrvLauncher - c:\program files\common files\logitech\srvlnch\srvlnch.exe SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe *** File System Driver *** DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys DRV - R0 - [Mup] - MUP - C:\Windows\system32\Drivers\Mup.sys DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys *** Kernel Driver *** DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys DRV - R0 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\Windows\system32\Drivers\intelpep.sys DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys DRV - R0 - [pdc] - PDC - C:\Windows\system32\Drivers\pdc.sys DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\Windows\system32\Drivers\spaceport.sys DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys DRV - R0 - [uagp35] - Microsoft AGPv3.5 Filter - C:\Windows\system32\Drivers\uagp35.sys DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys DRV - R0 - [viaide] - viaide - C:\Windows\system32\Drivers\viaide.sys DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys ==================== SvcHost - White Listed ==================================== HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@AppReadiness AppReadiness = ServiceDll = C:\Windows\system32\AppReadiness.dll [0016bf6ccfcbee39188861476b700d8b] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@AxInstSVGroup AxInstSV = ServiceDll = C:\Windows\System32\AxInstSV.dll [e8eb0d954f852612b5558a2fa48141ef] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@DcomLaunch Power = ServiceDll = C:\Windows\system32\umpo.dll [a35df6d1c00783cefa0adc975b09be7e] BrokerInfrastructure = ServiceDll = C:\Windows\System32\bisrv.dll [0693fae9b475e1c079c6eeb52c0ac986] LSM = ServiceDll = C:\Windows\System32\lsm.dll [1d5999e703faa551dff0e4e7f6aa2150] PlugPlay = ServiceDll = C:\Windows\system32\umpnpmgr.dll [7f4b79568dd6bec3ecc80c2ae93dc749] DcomLaunch = ServiceDll = C:\Windows\system32\rpcss.dll [05c0337538beecc04fc695808eff201c] DeviceInstall = ServiceDll = C:\Windows\system32\umpnpmgr.dll [7f4b79568dd6bec3ecc80c2ae93dc749] SystemEventsBroker = ServiceDll = C:\Windows\System32\SystemEventsBrokerServer.dll [2dafc7a0d89c3ec5b0163cfd2a115778] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@defragsvc defragsvc = ServiceDll = C:\Windows\System32\defragsvc.dll [0557be4f764b2aa6041c26711d595126] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@hpdevmgmt hpqcxs08 = ServiceDll = C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [930370725fa0fe272346583a7a7d6bdb] hpqddsvc = ServiceDll = C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [ee281dd6843f3f697c1ad7933eeb1e9b] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@HPZ12 Pml Driver HPZ12 = ServiceDll = C:\Windows\system32\HPZipm12.dll [65bc271f337637731d3c71455ae1f476] Net Driver HPZ12 = ServiceDll = C:\Windows\system32\HPZinw12.dll [a081cb6fb9a12668f233eb5414be3a0e] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@ICService vmicheartbeat = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] vmicrdv = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@imgsvc StiSvc = ServiceDll = C:\Windows\System32\wiaservc.dll [ae30dd60d851221bc26a4d6848ad78cc] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalService nsi = ServiceDll = C:\Windows\system32\nsisvc.dll [4763a0ec9b205b32e1194024e50f0c32] WdiServiceHost = ServiceDll = C:\Windows\system32\wdi.dll [dacd90541cbf7de095801b05abb4f355] w32time = ServiceDll = C:\Windows\system32\w32time.dll [6300eda4700c9beea42867d4f0a1f9e5] EventSystem = ServiceDll = C:\Windows\system32\es.dll [bc4e13afee0b35d87ce8f49ef5df5634] WinHttpAutoProxySvc = ServiceDll = C:\Windows\system32\winhttp.dll [984b3226c7a4cfc9fe91d7baca133d8d] SstpSvc = ServiceDll = C:\Windows\system32\sstpsvc.dll [60f21b841226bf06ea420a5322a4279e] netprofm = ServiceDll = C:\Windows\System32\netprofmsvc.dll [9c005769c00f380dbeb33c0164bbb7f8] lltdsvc = ServiceDll = C:\Windows\System32\lltdsvc.dll [e7857cca67a54e265533ef68c7b90a0c] THREADORDER = ServiceDll = C:\Windows\system32\mmcss.dll [01946468ea6196f9c54a245354c1240a] FontCache = ServiceDll = C:\Windows\system32\FntCache.dll [ed4ba3b6cd98646f392858c8110307ff] fdphost = ServiceDll = C:\Windows\system32\fdPHost.dll [d6aedd0e959ac11665beaba0ec470a2b] bthserv = ServiceDll = C:\Windows\system32\bthserv.dll [d0ad9879cc58abb122ec0bf0f7b3925c] workfolderssvc = ServiceDll = C:\Windows\system32\workfolderssvc.dll [1f49d5eb713119cdc0249287a4223b67] WebClient = ServiceDll = C:\Windows\System32\webclnt.dll [42a350b81e0e9a427d7366e1e8bfbadc] RemoteRegistry = ServiceDll = C:\Windows\system32\regsvc.dll [148ca6950c5f9385b67f18c0584376b3] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceAndNoImpersonation TimeBroker = ServiceDll = C:\Windows\System32\TimeBrokerServer.dll [63b6ff7650ad844484624541772cceba] SSDPSRV = ServiceDll = C:\Windows\System32\ssdpsrv.dll [6cbf9eba48e820cc19742919b2faf67b] upnphost = ServiceDll = C:\Windows\System32\upnphost.dll [b9ddaea3770b3752b6aa7191b5aa16aa] SCardSvr = ServiceDll = C:\Windows\System32\SCardSvr.dll [54f017e5c8b7b5ddea1878f4a0cf3b9c] BthHFSrv = [54f017e5c8b7b5ddea1878f4a0cf3b9c] QWAVE = ServiceDll = C:\Windows\system32\qwave.dll [bc63cb1761aec25186c4e707c4a23ed4] fdrespub = ServiceDll = C:\Windows\system32\fdrespub.dll [a04078c96edf2d475b76b23d35967344] wcncsvc = ServiceDll = C:\Windows\System32\wcncsvc.dll [531a627d02caec304b30a1ebde99dade] SensrSvc = ServiceDll = C:\Windows\system32\sensrsvc.dll [f9a0314ed1fb0318c417299841d8a235] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceNetworkRestricted DHCP = ServiceDll = C:\Windows\system32\dhcpcore.dll [e28501e3a241ddc5dc65382e55661b1d] eventlog = ServiceDll = C:\Windows\System32\wevtsvc.dll [172723b5032a72f4416861a3ef0cd957] AudioSrv = ServiceDll = C:\Windows\System32\Audiosrv.dll [652b38b656f0c91e0160af96039e38fc] wscsvc = ServiceDll = C:\Windows\System32\wscsvc.dll [7a0cfacfdf18c5a44d05f91656ab2c70] LmHosts = ServiceDll = C:\Windows\System32\lmhsvc.dll [a44270027ba1c8983ccc414183ad5726] AppIDSvc = ServiceDll = C:\Windows\System32\appidsvc.dll [74a94e7ce70daabd1929f605392f3632] homegroupprovider = ServiceDll = C:\Windows\system32\provsvc.dll [4fc945e08af63491afcc902c99046735] wcmsvc = ServiceDll = C:\Windows\System32\wcmsvc.dll [30dbf746d895bc3a6ec4cf55b81a8a81] WPCSvc = ServiceDll = C:\Windows\System32\wpcsvc.dll [d7c14b416fc4f76a596a01a76fc5f873] vmictimesync = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServiceNoNetwork DPS = ServiceDll = C:\Windows\system32\dps.dll [f57ecb784590b2c7a974ee22ea16be5f] PLA = ServiceDll = C:\Windows\system32\pla.dll [685a51594574da70a4305c7ade6f9649] BFE = ServiceDll = C:\Windows\System32\bfe.dll [b865a96b787a813f5d66665b2b62ab11] mpssvc = ServiceDll = C:\Windows\system32\mpssvc.dll [c67f755d89ae52c7f2249ace98416265] NcdAutoSetup = ServiceDll = C:\Windows\System32\NcdAutoSetup.dll [10a61ccf540d1e2260d3ae76377810f5] WwanSvc = ServiceDll = C:\Windows\System32\wwansvc.dll [0d3c738ec8ff12c8b69925229949ed05] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalServicePeerNet PNRPSvc = ServiceDll = C:\Windows\system32\pnrpsvc.dll [51b0ba395ee58b2088f03162b3d3208c] p2pimsvc = ServiceDll = C:\Windows\system32\pnrpsvc.dll [51b0ba395ee58b2088f03162b3d3208c] p2psvc = ServiceDll = C:\Windows\system32\p2psvc.dll [2f3fd70dbd4ca80c20e0354e1b71fcf2] PnrpAutoReg = ServiceDll = C:\Windows\system32\pnrpauto.dll [7a232cd15e6df06044c8782fc6532b58] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@LocalSystemNetworkRestricted WdiSystemHost = ServiceDll = C:\Windows\system32\wdi.dll [dacd90541cbf7de095801b05abb4f355] ScDeviceEnum = ServiceDll = C:\Windows\System32\ScDeviceEnum.dll [bc673c31f2665788938f85073bebedea] WiaRpc = ServiceDll = C:\Windows\System32\wiarpc.dll [5876a572a52fa14cee2f11d7a71aba2d] trkwks = ServiceDll = C:\Windows\System32\trkwks.dll [aeb123a17be77809c23da9422505a356] AudioEndpointBuilder = ServiceDll = C:\Windows\System32\AudioEndpointBuilder.dll [54678389cb17820f846b9fd35a6bd913] WUDFSvc = ServiceDll = C:\Windows\System32\WUDFSvc.dll [fb61ae2377dbf6855018204ebdf288fc] hidserv = ServiceDll = C:\Windows\system32\hidserv.dll [06692feb8ebc5ad53ac6c610bc72f1c6] dot3svc = ServiceDll = C:\Windows\System32\dot3svc.dll [eb46660185b04e24a66344699b5a3866] StorSvc = ServiceDll = C:\Windows\system32\storsvc.dll [01dc138af03b0df86044d29ba6fa20c8] sysmain = ServiceDll = C:\Windows\system32\sysmain.dll [a08aeda37f3bc5a7e72c2d7732c26fc0] irmon = [a08aeda37f3bc5a7e72c2d7732c26fc0] svsvc = ServiceDll = C:\Windows\system32\svsvc.dll [77bbd7d3f9229a4fa1f4b61d12a06762] NcbService = ServiceDll = C:\Windows\System32\ncbservice.dll [f81a77cf6b0c9513ac20a24dd2997e26] TabletInputService = ServiceDll = C:\Windows\System32\TabSvc.dll [89baff8f0d332009a95ea5f217c57de1] vmickvpexchange = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] vmicshutdown = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] vmicvss = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] vmicguestinterface = ServiceDll = C:\Windows\System32\ICSvc.dll [0ca4644517eec9ba9414a1b518dfed8f] WPDBusEnum = ServiceDll = C:\Windows\system32\wpdbusenum.dll [3e00a0fc658e640f86fb93ab34d5f611] homegrouplistener = ServiceDll = C:\Windows\system32\ListSvc.dll [d331e843f66501f57978f85fe695ceee] wlansvc = ServiceDll = C:\Windows\System32\wlansvc.dll [14534ecc5b54ac6762a659c27d949e90] DeviceAssociationService = ServiceDll = C:\Windows\system32\das.dll [cb7581e95d45b89503d6290277b3aeba] PcaSvc = ServiceDll = C:\Windows\System32\pcasvc.dll [81f10577dbe53f1f6990280d1926dac9] fhsvc = ServiceDll = C:\Windows\system32\fhsvc.dll [472a9ffb696fd557828debd606fbd819] Netman = ServiceDll = C:\Windows\System32\netman.dll [b587d8bbd8fb55fea7c6cce86d98dda7] CscService = ServiceDll = C:\Windows\System32\cscsvc.dll [4192b0b338b00b6e36a942287d68cf1e] UmRdpService = ServiceDll = C:\Windows\System32\umrdp.dll [6843992f07de867b29277b422f08a72b] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@netsvcs AeLookupSvc = ServiceDll = C:\Windows\System32\aelupsvc.dll [38ed16bd714bd8ab7a1d78568e2c5b22] CertPropSvc = ServiceDll = C:\Windows\System32\certprop.dll [8ea77992faceb94182b9610fa4a06a68] SCPolicySvc = ServiceDll = C:\Windows\System32\certprop.dll [8ea77992faceb94182b9610fa4a06a68] lanmanserver = ServiceDll = C:\Windows\system32\srvsvc.dll [154876704dc6fb548e441403cfc0fc31] gpsvc = ServiceDll = C:\Windows\System32\gpsvc.dll [5bc3330ff8373962ce005942ddc2aec5] IKEEXT = ServiceDll = C:\Windows\System32\ikeext.dll [36a36f1059d559f9d64660f6845fdd63] iphlpsvc = ServiceDll = C:\Windows\System32\iphlpsvc.dll [a61dd1f02de668a6713822942b876d4c] seclogon = ServiceDll = C:\Windows\system32\seclogon.dll [8b3c0bdaf6cae7dc52b38054bc2d3add] AppInfo = ServiceDll = C:\Windows\System32\appinfo.dll [9d5e46cd2bc57be26f9a1e58f61d5d3e] msiscsi = ServiceDll = C:\Windows\system32\iscsiexe.dll [a876a975baf66a8d209240f43ac07a07] EapHost = ServiceDll = C:\Windows\System32\eapsvc.dll [bc17cf644ad174f7558d1dcb7d1d488e] schedule = ServiceDll = C:\Windows\system32\schedsvc.dll [aecdd11299c9814382a259e18385c927] winmgmt = ServiceDll = C:\Windows\system32\wbem\WMIsvc.dll [d08485faea1c3505a22fb5c1ebebc062] MMCSS = ServiceDll = C:\Windows\system32\mmcss.dll [01946468ea6196f9c54a245354c1240a] browser = ServiceDll = C:\Windows\System32\browser.dll [2eadb0e147f439fdef21e3153d0eb3ff] ProfSvc = ServiceDll = C:\Windows\system32\profsvc.dll [77da1e59a8970d2b63a662983b5fe257] SessionEnv = ServiceDll = C:\Windows\system32\sessenv.dll [adc071e4f65bac3aef4807b23438472a] wercplsupport = ServiceDll = C:\Windows\System32\wercplsupport.dll [b83ac02f1ff0137ab3cb2b5b1ac801da] hkmsvc = ServiceDll = C:\Windows\system32\kmsvc.dll [622b08bd041de4b0b8f34d4f0f5a018c] Themes = ServiceDll = C:\Windows\system32\themeservice.dll [97ddfc419054d0b0d6c5ae698f840307] wlidsvc = ServiceDll = C:\Windows\system32\wlidsvc.dll [8885b2e1a62ec9c6ba7c6cdeebf0c6e4] lfsvc = ServiceDll = C:\Windows\System32\GeofenceMonitorService.dll [a54eb398bc2d792a0c603a97f7975fd8] BDESVC = ServiceDll = C:\Windows\System32\bdesvc.dll [bb66d3f11b9d1a71c14aa9175ba308e1] DsmSvc = ServiceDll = C:\Windows\System32\DeviceSetupManager.dll [57b0e7924571afc1f4617749d17c7bff] NcaSvc = ServiceDll = C:\Windows\System32\ncasvc.dll [54c905054922b43a91521d075e34024b] FastUserSwitchingCompatibility = [54c905054922b43a91521d075e34024b] Ias = [54c905054922b43a91521d075e34024b] Irmon = [54c905054922b43a91521d075e34024b] Nla = [54c905054922b43a91521d075e34024b] Ntmssvc = [54c905054922b43a91521d075e34024b] NWCWorkstation = [54c905054922b43a91521d075e34024b] Nwsapagent = [54c905054922b43a91521d075e34024b] Rasauto = ServiceDll = C:\Windows\System32\rasauto.dll [13867ec172cda1e4278ef98f3822b5e1] Rasman = ServiceDll = C:\Windows\System32\rasmans.dll [80812558cf8e87f248b9ba0c4825945b] Remoteaccess = ServiceDll = C:\Windows\System32\mprdim.dll [fe591904131230c3fb98e9f97aaabe4a] SENS = ServiceDll = C:\Windows\System32\sens.dll [68e8c6017442c4d2fb20032239878b4c] Sharedaccess = ServiceDll = C:\Windows\System32\ipnathlp.dll [f17175cd44231011ec33f3f62f8a9314] SRService = [f17175cd44231011ec33f3f62f8a9314] Tapisrv = ServiceDll = C:\Windows\System32\tapisrv.dll [4fcdfa214133956b0da8358d366f536b] Wmi = [4fcdfa214133956b0da8358d366f536b] WmdmPmSp = [4fcdfa214133956b0da8358d366f536b] wuauserv = ServiceDll = C:\Windows\system32\wuaueng.dll [47e74ce99df6d91e455d8bf3c4558fa9] BITS = ServiceDll = C:\Windows\System32\qmgr.dll [cf61a9210872d1c98fa82593a5a3efa1] ShellHWDetection = ServiceDll = C:\Windows\System32\shsvcs.dll [ebe31f23bf3ef06ee08ce4ac4f26dc80] LogonHours = [ebe31f23bf3ef06ee08ce4ac4f26dc80] PCAudit = [ebe31f23bf3ef06ee08ce4ac4f26dc80] helpsvc = [ebe31f23bf3ef06ee08ce4ac4f26dc80] uploadmgr = [ebe31f23bf3ef06ee08ce4ac4f26dc80] AppMgmt = ServiceDll = C:\Windows\System32\appmgmts.dll [d45b9e7a13866aeef0aad9e60a24c604] MsKeyboardFilter = ServiceDll = C:\Windows\System32\KeyboardFilterSvc.dll [02238d563edb7dfe17bf8ae12d9f3d30] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@NetworkService CryptSvc = ServiceDll = C:\Windows\system32\cryptsvc.dll [1d0ef66a01276c2562a84e4c23c19f61] nlasvc = ServiceDll = C:\Windows\System32\nlasvc.dll [6df13740f8e98ad840b13d056ca86511] lanmanworkstation = ServiceDll = C:\Windows\System32\wkssvc.dll [b230ee02279bbd757637b3cae1cf660b] NapAgent = ServiceDll = C:\Windows\system32\qagentRT.dll [e5b61db218e01a850c7a92616e97f5eb] WinRM = ServiceDll = C:\Windows\system32\WsmSvc.dll [c1ad30d5e28b4291d4a16bc6944abc0c] WECSVC = ServiceDll = C:\Windows\system32\wecsvc.dll [03ea9e300dcdf78e8a92625f0ba1ccb2] DNSCache = ServiceDll = C:\Windows\System32\dnsrslvr.dll [a47341d3c4d2fb3984bdcaf00ae4a6c7] Tapisrv = ServiceDll = C:\Windows\System32\tapisrv.dll [4fcdfa214133956b0da8358d366f536b] DHCP = ServiceDll = C:\Windows\system32\dhcpcore.dll [e28501e3a241ddc5dc65382e55661b1d] TermService = ServiceDll = C:\Windows\System32\termsrv.dll [434b8a6c6fa9c38c3dc49edda3bf3ec8] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@NetworkServiceAndNoImpersonation KtmRm = ServiceDll = C:\Windows\system32\msdtckrm.dll [ec89e8c1334d257c27197a52099fa960] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@NetworkServiceNetworkRestricted PolicyAgent = ServiceDll = C:\Windows\System32\ipsecsvc.dll [cabcc1083ec2bd8503385080f02c1901] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@PeerDist PeerDistSvc = ServiceDll = C:\Windows\system32\peerdistsvc.dll [dcb79c8d79d46bf6e9b46ed7ce388d93] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@print PrintNotify = ServiceDll = C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll [7b90821b8384201c706a19abe901b72d] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@regsvc RemoteRegistry = ServiceDll = C:\Windows\system32\regsvc.dll [148ca6950c5f9385b67f18c0584376b3] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@RPCSS RpcEptMapper = ServiceDll = C:\Windows\System32\RpcEpMap.dll [67138062ced5a0e30dc42ebc087ea76c] RpcSs = ServiceDll = C:\Windows\system32\rpcss.dll [05c0337538beecc04fc695808eff201c] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@smphost smphost = ServiceDll = C:\Windows\System32\smphost.dll [980d0cbae757eeb1c9b21deb4fa3b5f8] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@swprv swprv = ServiceDll = C:\Windows\System32\swprv.dll [756e1472cb3be829a8555869469074de] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@termsvcs TermService = ServiceDll = C:\Windows\System32\termsrv.dll [434b8a6c6fa9c38c3dc49edda3bf3ec8] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@WbioSvcGroup WbioSrvc = ServiceDll = C:\Windows\System32\wbiosrvc.dll [ce81100317c426f778651fd1d5c16492] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@wcssvc WcsPlugInService = ServiceDll = C:\Windows\System32\WcsPlugInService.dll [69059cd0abd70c3884117652e3b70431] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@WepHostSvcGroup WepHostSvc = ServiceDll = C:\Windows\system32\wephostsvc.dll [e4016fa4757738263bd714190fb26ba6] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@WerSvcGroup wersvc = ServiceDll = C:\Windows\System32\WerSvc.dll [7ec47083e7470a4bc538fa1ebe60bf58] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost@wsappx AppXSvc = ServiceDll = C:\Windows\system32\appxdeploymentserver.dll [d07789299da4d79b123336534e960f62] WSService = ServiceDll = C:\Windows\System32\WSService.dll [2535ee24cc1bb639a7639b4ca5bde7c5] ==================== SigCheck x86 Fast ========================================= Fast Scan All ok ==================== Job tasks ================================================= There are no .job files found. ==================== End scanning at ma 24 nov 2014 11:52 (22 Min 29 Sec ) =====