|
21-02-10, 21:49
|
#1 |
|
Tomb Raider
Join Date: Nov 2006
Posts: 10,078
|
Need help to get rid of several viruses!
Here's the diagnose report:
------------------------------------------------------ Diagnostic tool developed for www.tombraiderforums.com ------------------------------------------------------ Version : 3.12 Author : Simulation Select All (Ctrl A) then Copy (Ctrl C) and paste (Ctrl V) the text in Notepad into a reply on the forum. Operating System Code:
Windows 64bit build 7600 COMMAND.COM COMMAND.COM has NOT been installed Autoexec.NT Autoexec.NT is NOT installed Config.NT Config.NT is NOT installed Programs Currently Running Image Name PID Session Name Session# Mem Usage ========================= ====== ================ ======== ============ System Idle Process 0 Services 0 24 K System 4 Services 0 13ÿ336 K smss.exe 328 Services 0 956 K csrss.exe 476 Services 0 3ÿ824 K wininit.exe 544 Services 0 3ÿ628 K csrss.exe 564 Console 1 8ÿ128 K services.exe 600 Services 0 8ÿ356 K lsass.exe 616 Services 0 10ÿ672 K lsm.exe 624 Services 0 3ÿ628 K svchost.exe 740 Services 0 7ÿ940 K nvvsvc.exe 796 Services 0 3ÿ488 K svchost.exe 848 Services 0 7ÿ388 K svchost.exe 908 Services 0 26ÿ984 K svchost.exe 940 Services 0 126ÿ320 K svchost.exe 980 Services 0 36ÿ540 K winlogon.exe 124 Console 1 5ÿ252 K audiodg.exe 300 Services 0 22ÿ960 K svchost.exe 864 Services 0 14ÿ644 K svchost.exe 1108 Services 0 31ÿ028 K spoolsv.exe 1364 Services 0 8ÿ960 K svchost.exe 1392 Services 0 13ÿ424 K nvvsvc.exe 1472 Console 1 5ÿ952 K mDNSResponder.exe 1520 Services 0 4ÿ596 K svchost.exe 1580 Services 0 14ÿ820 K PnkBstrA.exe 1732 Services 0 3ÿ564 K nvSCPAPISvr.exe 1780 Services 0 4ÿ144 K IAANTmon.exe 1824 Services 0 5ÿ420 K taskhost.exe 2476 Console 1 8ÿ944 K pluginwin.exe 2540 Console 1 28ÿ372 K dwm.exe 2556 Console 1 32ÿ600 K explorer.exe 2584 Console 1 23ÿ516 K WmiPrvSE.exe 2976 Services 0 13ÿ908 K IAAnotif.exe 2580 Console 1 5ÿ560 K vsnp2std.exe 1304 Console 1 5ÿ704 K LCDMon.exe 2656 Console 1 18ÿ724 K LGDCore.exe 2740 Console 1 21ÿ044 K uTorrent.exe 2632 Console 1 15ÿ552 K msnmsgr.exe 1316 Console 1 109ÿ676 K Skype.exe 2760 Console 1 32ÿ492 K est2.exe 3156 Console 1 3ÿ432 K SetPoint.exe 3188 Console 1 13ÿ008 K jusched.exe 3300 Console 1 7ÿ532 K LCDCountdown.exe 3432 Console 1 9ÿ808 K LCDClock.exe 3456 Console 1 12ÿ328 K LCDPictureViewer.exe 3464 Console 1 9ÿ404 K LCDYT.exe 3476 Console 1 16ÿ768 K LCDMedia.exe 3488 Console 1 14ÿ236 K LCDRSS.exe 3496 Console 1 15ÿ296 K LCDPop3.exe 3508 Console 1 8ÿ756 K LCDMovieViewer.exe 3520 Console 1 24ÿ276 K firefox.exe 3972 Console 1 128 K SetPoint32.exe 2788 Console 1 3ÿ972 K KHALMNPR.exe 3240 Console 1 8ÿ528 K SearchIndexer.exe 1308 Services 0 26ÿ628 K wmpnetwk.exe 4164 Services 0 9ÿ580 K svchost.exe 4460 Services 0 13ÿ532 K wlcomm.exe 4616 Console 1 29ÿ844 K firefox.exe 4732 Console 1 240ÿ188 K spotify.exe 3548 Console 1 23ÿ308 K est2.exe 2392 Console 1 104 K est2.exe 4780 Console 1 104 K svchost.exe 608 Services 0 30ÿ108 K kbd.exe 4384 Console 1 9ÿ988 K taskhost.exe 1192 Services 0 17ÿ140 K wmplayer.exe 748 Console 1 32ÿ864 K svchost.exe 6128 Services 0 4ÿ872 K avp.exe 5520 Console 1 36ÿ952 K avp.exe 5652 Services 0 42ÿ336 K taskhost.exe 2856 Console 1 13ÿ404 K firefox.exe 6028 Console 1 5ÿ984 K wisptis.exe 4276 Console 1 9ÿ156 K SearchProtocolHost.exe 1032 Services 0 8ÿ088 K SearchFilterHost.exe 3264 Services 0 5ÿ468 K diagnose.exe 4116 Console 1 10ÿ364 K nsF08D.tmp 3788 Console 1 5ÿ084 K conhost.exe 5224 Console 1 6ÿ532 K cmd.exe 2504 Console 1 5ÿ404 K tasklist.exe 4776 Console 1 8ÿ360 K Code:
Event Log from 08:00am on the 20/02/2010 Code:
Tomb Raider - Chronicles Installed Installed in C:\Program Files (x86)\Core Design\Tomb Raider Chronicles Compatibility Layer Disabled PCTomb5.exe File Size = 1282096 bytes - Unknown version (295324641349702656) Code:
------------------
System Information
------------------
Time of this report: 2/21/2010, 23:45:30
Machine name: MADS-PC
Operating System: Windows 7 Ultimate 64-bit (6.1, Build 7600) (7600.win7_rtm.090713-1255)
Language: Norwegian (Bokmål) (Regional Setting: Norwegian (Bokmål))
System Manufacturer: HP-Pavilion
System Model: NC222AA-UUW m9555sc
BIOS: BIOS Date: 12/16/08 15:33:21 Ver: 5.35
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz (4 CPUs), ~2.3GHz
Memory: 4096MB RAM
Available OS Memory: 4096MB RAM
Page File: 2247MB used, 5941MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 11
DX Setup Parameters: Not found
User DPI Setting: Using System DPI
System DPI Setting: 96 DPI (100 percent)
DWM DPI Scaling: Disabled
DxDiag Version: 6.01.7600.16385 32bit Unicode
------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Sound Tab 3: No problems found.
Input Tab: No problems found.
--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)
---------------
Display Devices
---------------
Card name: NVIDIA GeForce 9800 GT
Manufacturer: NVIDIA
Chip type: GeForce 9800 GT
DAC type: Integrated RAMDAC
Device Key: Enum\PCI\VEN_10DE&DEV_0601&SUBSYS_90171B0A&REV_A2
Display Memory: 2799 MB
Dedicated Memory: 1007 MB
Shared Memory: 1791 MB
Current Mode: 1920 x 1080 (32 bit) (59Hz)
Monitor Name: Generic PnP Monitor
Monitor Model: BenQ G2411HD
Monitor Id: BNQ7825
Native Mode: 1920 x 1080(p) (60.000Hz)
Output Type: DVI
Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
Driver File Version: 8.15.0011.8627 (English)
Driver Version: 8.15.11.8627
DDI Version: 10
Driver Model: WDDM 1.1
Driver Attributes: Final Retail
Driver Date/Size: 6/26/2009 14:01:00, 9476608 bytes
WHQL Logo'd: n/a
WHQL Date Stamp: n/a
Device Identifier: {D7B71E3E-4541-11CF-0959-1CB002C2C535}
Vendor ID: 0x10DE
Device ID: 0x0601
SubSys ID: 0x90171B0A
Revision ID: 0x00A2
Driver Strong Name: oem6.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section003:8.15.11.8627:pci\ven_10de&dev_0601&subsys_90171b0a
Rank Of Driver: 00E60001
Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
D3D9 Overlay: Supported
DXVA-HD: Supported
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
-------------
Sound Devices
-------------
Description: Speakers (Realtek High Definition Audio)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_103C2A6F&REV_1001
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5882 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 6/26/2009 16:52:00, 1790752 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Description: Realtek Digital Output (Realtek High Definition Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_103C2A6F&REV_1001
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5882 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 6/26/2009 16:52:00, 1790752 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Description: Realtek HDMI Output (Realtek High Definition Audio)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0888&SUBSYS_103C2A6F&REV_1001
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5882 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 6/26/2009 16:52:00, 1790752 bytes
Other Files:
Driver Provider: Realtek Semiconductor Corp.
HW Accel Level: Basic
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
---------------------
Sound Capture Devices
---------------------
Description: Microphone (Realtek High Definition Audio)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5882 (English)
Driver Attributes: Final Retail
Date and Size: 6/26/2009 16:52:00, 1790752 bytes
Cap Flags: 0x0
Format Flags: 0x0
Description: DigitalIn (Realtek High Definition Audio)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: RTKVHD64.sys
Driver Version: 6.00.0001.5882 (English)
Driver Attributes: Final Retail
Date and Size: 6/26/2009 16:52:00, 1790752 bytes
Cap Flags: 0x0
Format Flags: 0x0
-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: Microsoft eHome Infrared Transceiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x045E, 0x006D
FF Driver: n/a
Device Name: Microsoft eHome Infrared Transceiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x045E, 0x006D
FF Driver: n/a
Device Name: Microsoft eHome Infrared Transceiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x045E, 0x006D
FF Driver: n/a
Device Name: Microsoft eHome Infrared Transceiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x045E, 0x006D
FF Driver: n/a
Device Name: G19 Gaming Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC228
FF Driver: n/a
Device Name: G19 Gaming Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC228
FF Driver: n/a
Device Name: G19 Gaming Keyboard (Macro interface)
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC229
FF Driver: n/a
Poll w/ Interrupt: No
-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x2937
| Matching Device ID: usb\root_hub
| Service: usbhub
----------------
Gameport Devices
----------------
------------
PS/2 Devices
------------
+ Microsoft eHome Remote Control Keyboard keys
| Matching Device ID: hid\irdevicev2&col05
| Service: kbdhid
|
+ Microsoft eHome MCIR Keyboard
| Matching Device ID: hid\irdevicev2&col06
| Service: kbdhid
|
+ Microsoft eHome MCIR 109 Keyboard
| Matching Device ID: hid\irdevicev2&col07
| Service: kbdhid
|
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC228
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
|
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC229
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ HID-compliant mouse
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
|
+ Logitech HID-compliant G3/MX518 Optical Mouse
| Vendor/Product ID: 0x046D, 0xC051
| Matching Device ID: hid\vid_046d&pid_c051
| Upper Filters: LMouFilt
| Lower Filters: LHidFilt
| Service: mouhid
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 261.4 GB
Total Space: 451.7 GB
File System: NTFS
Model: WDC WD10EACS-65D6B0
Drive: D:
Free Space: 422.4 GB
Total Space: 502.2 GB
File System: NTFS
Model: WDC WD10EACS-65D6B0
Drive: E:
Model: HL-DT-ST BDDVDRW GBC-H20L
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (Norwegian (Bokmål)), , 0 bytes
--------------
System Devices
--------------
Name: Intel(R) G33/G31/P35/P31 Express Chipset PCI Express Root Port - 29C1
Device ID: PCI\VEN_8086&DEV_29C1&SUBSYS_00008086&REV_02\3&11583659&0&08
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2939
Device ID: PCI\VEN_8086&DEV_2939&SUBSYS_2A6F103C&REV_02\3&11583659&0&EB
Driver: n/a
Name: Intel(R) ICH8R/ICH9R/ICH10R/DO/PCH SATA RAID Controller
Device ID: PCI\VEN_8086&DEV_2822&SUBSYS_2A6F103C&REV_02\3&11583659&0&FA
Driver: n/a
Name: Intel(R) G33/G31/P35/P31 Express Chipset Processor to I/O Controller - 29C0
Device ID: PCI\VEN_8086&DEV_29C0&SUBSYS_2A6F103C&REV_02\3&11583659&0&00
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2938
Device ID: PCI\VEN_8086&DEV_2938&SUBSYS_2A6F103C&REV_02\3&11583659&0&D1
Driver: n/a
Name: Intel(R) 82801 PCI Bridge - 244E
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_2A6F103C&REV_92\3&11583659&0&F0
Driver: n/a
Name: Intel(R) ICH9 Family PCI Express Root Port 3 - 2944
Device ID: PCI\VEN_8086&DEV_2944&SUBSYS_2A6F103C&REV_02\3&11583659&0&E2
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2937
Device ID: PCI\VEN_8086&DEV_2937&SUBSYS_2A6F103C&REV_02\3&11583659&0&D0
Driver: n/a
Name: 802.11n Wireless PCI Express Card LAN Adapter
Device ID: PCI\VEN_1814&DEV_0781&SUBSYS_760011AD&REV_00\4&37C315F9&0&00E1
Driver: n/a
Name: Intel(R) ICH9 Family PCI Express Root Port 2 - 2942
Device ID: PCI\VEN_8086&DEV_2942&SUBSYS_2A6F103C&REV_02\3&11583659&0&E1
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2936
Device ID: PCI\VEN_8086&DEV_2936&SUBSYS_2A6F103C&REV_02\3&11583659&0&EA
Driver: n/a
Name: LSI 1394 OHCI Compliant Host Controller
Device ID: PCI\VEN_11C1&DEV_5811&SUBSYS_2A6F103C&REV_70\4&3B75382B&0&28F0
Driver: n/a
Name: Intel(R) ICH9 Family PCI Express Root Port 1 - 2940
Device ID: PCI\VEN_8086&DEV_2940&SUBSYS_2A6F103C&REV_02\3&11583659&0&E0
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2935
Device ID: PCI\VEN_8086&DEV_2935&SUBSYS_2A6F103C&REV_02\3&11583659&0&E9
Driver: n/a
Name: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A6F103C&REV_02\4&5D52B92&0&00E2
Driver: n/a
Name: High Definition Audio Controller
Device ID: PCI\VEN_8086&DEV_293E&SUBSYS_2A6F103C&REV_02\3&11583659&0&D8
Driver: n/a
Name: Intel(R) ICH9 Family USB Universal Host Controller - 2934
Device ID: PCI\VEN_8086&DEV_2934&SUBSYS_2A6F103C&REV_02\3&11583659&0&E8
Driver: n/a
Name: NVIDIA GeForce 9800 GT
Device ID: PCI\VEN_10DE&DEV_0601&SUBSYS_90171B0A&REV_A2\4&13D7CD30&0&0008
Driver: n/a
Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293C
Device ID: PCI\VEN_8086&DEV_293C&SUBSYS_2A6F103C&REV_02\3&11583659&0&D7
Driver: n/a
Name: Intel(R) ICH9 Family SMBus Controller - 2930
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_2A6F103C&REV_02\3&11583659&0&FB
Driver: n/a
Name: Intel(R) ICH9 Family USB2 Enhanced Host Controller - 293A
Device ID: PCI\VEN_8086&DEV_293A&SUBSYS_2A6F103C&REV_02\3&11583659&0&EF
Driver: n/a
Name: Intel(R) ICH9R LPC Interface Controller - 2916
Device ID: PCI\VEN_8086&DEV_2916&SUBSYS_2A6F103C&REV_02\3&11583659&0&F8
Driver: n/a
------------------
DirectShow Filters
------------------
DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7600.16385
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7600.16385
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7600.16385
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7600.16385
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7600.16385
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
Pinnacle Real Media Renderer 2,0x00000000,0,0,,
ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.00.0007.3123
CoreVorbis Audio Decoder,0x00800000,1,1,CoreVorbis.ax,1.01.0000.0079
ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.00.0007.3123
ffdshow Audio Decoder,0x3fffffff,1,1,ffdshow.ax,1.00.0007.3123
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7600.16385
MPC - Mpeg Source (Gabest),0x00400000,0,0,MpegSplitter.ax,1.03.1333.0000
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7600.16490
Pinnacle MPEG Layer-1/2 Audio Decoder,0x00000000,0,0,,
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7600.16385
Pinnacle(dicas) H263 Video Encoder,0x00000000,0,0,,
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7600.16385
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7600.16490
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7600.16490
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7600.16385
Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
MONOGRAM AMR Splitter,0x00600000,1,1,mmamr.ax,1.00.0001.0000
Pinnacle(dicas) MPEG-4 Video Decoder,0x00000000,0,0,,
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7600.16385
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7600.16385
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
Pinnacle(dicas) MPEG-4 Audio Decoder,0x00000000,0,0,,
DivX for Blizzard Decoder Filter,0x00800000,1,1,blizzard.ax,5.00.0002.0000
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7600.16490
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7600.16385
MPC - MP4 Source,0x00600000,0,0,MP4Splitter.ax,1.03.1333.0000
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7600.16385
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7600.16385
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
MPC - FLV Splitter (Gabest),0x00600000,1,1,FLVSplitter.ax,1.03.1333.0000
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7600.16490
WavPack Audio Decoder,0x00600000,1,1,WavPackDSDecoder.ax,1.01.0000.0484
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7600.16385
MONOGRAM AMR Decoder,0x00600000,1,1,mmamr.ax,1.00.0001.0000
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7600.16490
MONOGRAM Musepack Decoder,0x00600000,1,1,mmmpcdec.ax,0.09.0002.0000
Haali Media Splitter,0x00800001,0,1,splitter.ax,1.09.0042.0001
Haali Media Splitter (AR),0x00400000,1,1,splitter.ax,1.09.0042.0001
Pinnacle(dicas) MPEG-4 File Reader,0x00000000,0,0,,
PICVideo M-JPEG 3 DirectShow Decompressor,0x00800001,1,1,pvmjpg30.dll,3.00.0000.0012
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7600.16385
Pinnacle MCE Multiplexer,0x00000000,0,0,,
MPC - MP4 Splitter,0x00600000,1,1,MP4Splitter.ax,1.03.1333.0000
File Source (Monkey Audio),0x00400000,0,1,MonkeySource.ax,
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7600.16490
madFlac Decoder,0x00600000,1,1,madFlac.ax,1.08.0000.0000
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7600.16385
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7600.16385
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7600.16490
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7600.16490
Haali Video Renderer,0x00200000,1,0,dxr.dll,
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7600.16385
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7600.16385
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7600.16385
File writer,0x00200000,1,0,qcap.dll,6.06.7600.16385
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7600.16385
Pinnacle MPEG Layer-2 Audio Encoder,0x00000000,0,0,,
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7600.16385
Pinnacle MPEG Adjust,0x00000000,0,0,,
Haali Simple Media Splitter,0x00200000,0,1,splitter.ax,1.09.0042.0001
DirectVobSub,0x00200000,2,1,vsfilter.dll,2.39.0005.0003
DirectVobSub (auto-loading version),0x00800002,2,1,vsfilter.dll,2.39.0005.0003
MONOGRAM AMR Encoder,0x00600000,1,1,mmamr.ax,1.00.0001.0000
WAV Dest,0x00000000,0,0,,
Pinnacle MP3 Encoder,0x00000000,0,0,,
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7600.16385
PICVideo M-JPEG 3 DirectShow Compressor,0x00100000,1,1,pvmjpg30.dll,3.00.0000.0012
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7600.16385
Haali Matroska Muxer,0x00200000,1,0,splitter.ax,1.09.0042.0001
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7600.16490
DivX Video Decoder 0004,0x00800000,1,1,DivXDec.ax,8.01.0000.0012
MONOGRAM AMR Mux,0x00600000,1,1,mmamr.ax,1.00.0001.0000
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
DC-Bass Source,0x00400000,0,1,DCBassSource.ax,1.02.0000.0000
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7600.16385
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7600.16385
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7600.16385
Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.00.0007.3123
Pinnacle MPEG 2 Decoder,0x00000000,0,0,,
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7600.16385
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7600.16385
VP7 Decompressor,0x00800000,1,1,vp7dec.ax,7.00.0010.0000
MONOGRAM Musepack Splitter,0x00600000,1,1,mmmpcdmx.ax,0.04.0000.0000
madFlac Source,0x00600000,0,1,madFlac.ax,1.08.0000.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7600.16385
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7600.16385
MPC - FLV Source (Gabest),0x00600000,0,0,FLVSplitter.ax,1.03.1333.0000
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7600.16385
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7600.16385
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7600.16385
Pinnacle MPEG 2 Splicer,0x00000000,0,0,,
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7600.16490
MPC - MPEG4 Video Splitter,0x00600000,1,1,MP4Splitter.ax,1.03.1333.0000
Pinnacle MPEG Demuxer,0x00000000,0,0,,
Pinnacle MPEG 2/AVC Multiplexer,0x00000000,0,0,,
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7600.16490
WavPack Audio Splitter,0x00600000,1,1,WavPackDSSplitter.ax,1.01.0000.0323
ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.00.0007.3123
MPC - Mpeg Splitter (Gabest),0x00400001,1,1,MpegSplitter.ax,1.03.1333.0000
Pinnacle(dicas) AMR Audio Decoder,0x00000000,0,0,,
Pinnacle MPEG 2 Encoder,0x00000000,0,0,,
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7600.16385
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7600.16385
MPC - MPEG4 Video Source,0x00600000,0,0,MP4Splitter.ax,1.03.1333.0000
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7600.16490
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7600.16490
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7600.16490
Haali Video Sink,0x00200000,1,0,splitter.ax,1.09.0042.0001
AC3File,0x00600000,0,1,ac3file.ax,
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7600.16385
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7600.16385
Pinnacle(dicas) AMR Audio Encoder,0x00000000,0,0,,
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7600.16385
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7600.16490
Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003
WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Pinnacle MPEG4 Filters:
Pinnacle(dicas) AMR Audio Decoder,0x00000000,0,0,,
Pinnacle(dicas) AMR Audio Encoder,0x00000000,0,0,,
Pinnacle(dicas) H263 Video Encoder,0x00000000,0,0,,
Pinnacle(dicas) MPEG-4 Audio Decoder,0x00000000,0,0,,
Pinnacle(dicas) MPEG-4 File Reader,0x00000000,0,0,,
Pinnacle(dicas) MPEG-4 Video Decoder,0x00000000,0,0,,
Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7600.16385
ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.00.0007.3123
Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7600.16490
PICVideo M-JPEG 3 DirectShow Compressor,0x00100000,1,1,pvmjpg30.dll,3.00.0000.0012
Pinnacle MPEG 2 Encoder,0x00000000,0,0,,
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.06.7600.16385
ffdshow Video Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Fraps Video Decompressor,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel Indeo® Video 4.5,0x00200000,1,1,qcap.dll,6.06.7600.16385
Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7600.16385
Xvid MPEG-4 Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Helix YV12 YUV Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
Pinnacle MP3 Encoder,0x00000000,0,0,,
Pinnacle MPEG Layer-2 Audio Encoder,0x00000000,0,0,,
IAC2,0x00200000,1,1,quartz.dll,6.06.7600.16490
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
PCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7600.16490
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
AC-3 ACM Codec,0x00200000,1,1,quartz.dll,6.06.7600.16490
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7600.16490
Audio Capture Sources:
Microphone (Realtek High Defini,0x00200000,0,0,qcap.dll,6.06.7600.16385
DigitalIn (Realtek High Definit,0x00200000,0,0,qcap.dll,6.06.7600.16385
PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7600.16385
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16385
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16385
Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7600.16490
Pinnacle Auxiliary Filters:
Pinnacle MP3 Encoder,0x00000000,0,0,,
Pinnacle MPEG Demuxer,0x00000000,0,0,,
Pinnacle Real Media Renderer 2,0x00000000,0,0,,
WDM Streaming Capture Devices:
Realtek HD Digital input,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
,0x00000000,0,0,,
,0x00000000,0,0,,
,0x00000000,0,0,,
USB2.0 PC Camera (SN9C202),0x00200000,0,2,ksproxy.ax,6.01.7600.16385
WDM Streaming Rendering Devices:
Realtek HD Audio front output,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HD Audio rear output,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HDA HDMI Out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Realtek HDA SPDIF Out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7600.16385
Video Capture Sources:
USB2.0 PC Camera (SN9C202),0x00200000,0,2,ksproxy.ax,6.01.7600.16385
Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7600.16385
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7600.16385
BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7600.16385
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7600.16385
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7600.16385
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7600.16385
WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
Pinnacle MPEG2 Filters:
Pinnacle MCE Multiplexer,0x00000000,0,0,,
Pinnacle MPEG 2 Decoder,0x00000000,0,0,,
Pinnacle MPEG 2 Encoder,0x00000000,0,0,,
Pinnacle MPEG 2 Splicer,0x00000000,0,0,,
Pinnacle MPEG 2/AVC Multiplexer,0x00000000,0,0,,
Pinnacle MPEG Adjust,0x00000000,0,0,,
Pinnacle MPEG Layer-1/2 Audio Decoder,0x00000000,0,0,,
Pinnacle MPEG Layer-2 Audio Encoder,0x00000000,0,0,,
Audio Renderers:
Speakers (Realtek High Definiti,0x00200000,1,0,quartz.dll,6.06.7600.16490
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Realtek HDMI Output (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,quartz.dll,6.06.7600.16490
Realtek Digital Output (Realtek,0x00200000,1,0,quartz.dll,6.06.7600.16490
Realtek HDMI Output (Realtek Hi,0x00200000,1,0,quartz.dll,6.06.7600.16490
---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
Quality Flags: 2576
Enabled:
Force throttling
Allow half deinterlace
Allow scaling
Decode Power Usage: 100
Balanced Flags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 50
PowerFlags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 0
Thanks in advance. |
|
|
|
21-02-10, 21:54
|
#2 |
|
Tomb Raider
Join Date: Aug 2009
Location: I have no location.
Posts: 17,264
|
Sorry, but what are these viruses doing, exactly?
__________________
World domination is such an ugly phrase. I prefer to call it world optimization. |
|
|
|
|
21-02-10, 21:57
|
#3 |
|
Tomb Raider
Join Date: Nov 2006
Posts: 10,078
|
These viruses spam all my msn contacts, and i have Kaspersky which found 10 viruses/malware in total. And i have no idea how to be rid of them.
|
|
|
|
|
21-02-10, 23:24
|
#4 |
|
Tomb Raider
Join Date: Dec 2007
Location: Armenia
Posts: 15,844
|
how did you exactly get those viruses in your computer Mads
use Spybot. one of the best in detecting malware http://www.safer-networking.org/index2.html it may be possible for you to run AR Diag and post the report as well
__________________
❒Single ❒Taken ☑Tekken |
|
|
|
|
21-02-10, 23:53
|
#5 |
|
Tomb Raider
Join Date: Nov 2006
Posts: 10,078
|
There, i've downloaded Spybot now and it's running a scan, thanks.
 And here's the ARDiag: Copy the following text and paste it to your report AS IS!!! --------------------------------------------------------------- AutoRuns Diagnostics for TRF v 0.5 Developed by EscondeR --------------------------------------------------------------- Code:
Program: "Auto Check Utility" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute Entry name: autocheck autochk * Program path & name: "c:\windows\system32\autochk.exe" Enabled: [V] Program: "Manages audio devices for the Windows Audio service. If this service is stopped Publisher: audio devices and effects will not function properly. If this service is disabled any services that explicitly depend on it will fail to start" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AudioEndpointBuilder Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\audiosrv.dll" Enabled: [V] Program: "Manages audio for Windows-based programs. If this service is stopped Publisher: audio devices and effects will not function properly. If this service is disabled any services that explicitly depend on it will fail to start" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AudioSrv Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\audiosrv.dll" Enabled: [V] Program: "Provides computer protection against viruses Publisher: dangerous software network attacks internet fraud and spam." Entry path: HKLM\System\CurrentControlSet\Services Entry name: AVP Program path & name: "(Not verified) Kaspersky Lab""c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\avp.exe" Enabled: [V] Program: "The Base Filtering Engine (BFE) is a service that manages firewall and Internet Protocol security (IPsec) policies and implements user mode filtering. Stopping or disabling the BFE service will significantly reduce the security of the system. It will also result in unpredictable behavior in IPsec management and firewall applications." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: BFE Program path & name: "c:\windows\system32\bfe.dll" Enabled: [V] Program: "Transfers files in the background using idle network bandwidth. If the service is disabled Publisher: then any applications that depend on BITS such as Windows Update or MSN Explorer will be unable to automatically download programs and other information." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BITS Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\qmgr.dll" Enabled: [V] Program: "##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##" Publisher: "(Not verified) Apple Computer Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Bonjour Service Program path & name: "c:\program files (x86)\bonjour\mdnsresponder.exe" Enabled: [V] Program: "Provides four management services: Catalog Database Service Publisher: which confirms the signatures of Windows files and allows new programs to be installed; Protected Root Service which adds and removes Trusted Root Certification Authority certificates from this computer; Automatic Root Certificate Update Service which retrieves root certificates from Windows Update and enable scenarios such as SSL; and Key Service which helps enroll this computer for certificates. If this service is stopped these management services will not function properly. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: CryptSvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\cryptsvc.dll" Enabled: [V] Program: "The Offline Files service performs maintenance activities on the Offline Files cache Publisher: responds to user logon and logoff events implements the internals of the public API and dispatches interesting events to those interested in Offline Files activities and changes in cache state." Entry path: HKLM\System\CurrentControlSet\Services Entry name: CscService Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\cscsvc.dll" Enabled: [V] Program: "The DCOMLAUNCH service launches COM and DCOM servers in response to object activation requests. If this service is stopped or disabled Publisher: programs using COM or DCOM will not function properly. It is strongly recommended that you have the DCOMLAUNCH service running." Entry path: HKLM\System\CurrentControlSet\Services Entry name: DcomLaunch Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\rpcss.dll" Enabled: [V] Program: "Registers and updates IP addresses and DNS records for this computer. If this service is stopped Publisher: this computer will not receive dynamic IP addresses and DNS updates. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Dhcp Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\dhcpcore.dll" Enabled: [V] Program: "The DNS Client service (dnscache) caches Domain Name System (DNS) names and registers the full computer name for this computer. If the service is stopped Publisher: DNS names will continue to be resolved. However the results of DNS name queries will not be cached and the computer's name will not be registered. If the service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Dnscache Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\dnsrslvr.dll" Enabled: [V] Program: "The Diagnostic Policy Service enables problem detection Publisher: troubleshooting and resolution for Windows components. If this service is stopped diagnostics will no longer function." Entry path: HKLM\System\CurrentControlSet\Services Entry name: DPS Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\dps.dll" Enabled: [V] Program: "This service manages events and event logs. It supports logging events Publisher: querying events subscribing to events archiving event logs and managing event metadata. It can display events in both XML and plain text format. Stopping this service may compromise security and reliability of the system." Entry path: HKLM\System\CurrentControlSet\Services Entry name: eventlog Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wevtsvc.dll" Enabled: [V] Program: "Supports System Event Notification Service (SENS) Publisher: which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: EventSystem Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\es.dll" Enabled: [V] Program: "Publishes this computer and resources attached to this computer so they can be discovered over the network. If this service is stopped Publisher: network resources will no longer be published and they will not be discovered by other computers on the network." Entry path: HKLM\System\CurrentControlSet\Services Entry name: FDResPub Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\fdrespub.dll" Enabled: [V] Program: "The service is responsible for applying settings configured by administrators for the computer and users through the Group Policy component. If the service is stopped or disabled Publisher: the settings will not be applied and applications and components will not be manageable through Group Policy. Any components or applications that depend on the Group Policy component might not be functional if the service is stopped or disabled." Entry path: HKLM\System\CurrentControlSet\Services Entry name: gpsvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\gpsvc.dll" Enabled: [V] Program: "Holder Google-programvaren oppdatert. Hvis denne tjenesten deaktiveres eller stoppes Publisher: vil ikke Google-programvaren holdes oppdatert. Dette kan føre til at sikkerhetstrusler som oppstår ikke kan utbedres og at enkelte funksjoner ikke vil fungere. Denne tjenesten avinstallerer seg selv når den ikke blir brukt av en Google-programvare." Entry path: HKLM\System\CurrentControlSet\Services Entry name: gupdate Program path & name: "(Not verified) Google Inc.""c:\program files (x86)\google\update\googleupdate.exe" Enabled: [V] Program: "RAID Monitor" Publisher: "(Not verified) Intel Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: IAANTMON Program path & name: "c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe" Enabled: [V] Program: "The IKEEXT service hosts the Internet Key Exchange (IKE) and Authenticated Internet Protocol (AuthIP) keying modules. These keying modules are used for authentication and key exchange in Internet Protocol security (IPsec). Stopping or disabling the IKEEXT service will disable IKE and AuthIP key exchange with peer computers. IPsec is typically configured to use IKE or AuthIP; therefore Publisher: stopping or disabling the IKEEXT service might result in an IPsec failure and might compromise the security of the system. It is strongly recommended that you have the IKEEXT service running." Entry path: HKLM\System\CurrentControlSet\Services Entry name: IKEEXT Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\ikeext.dll" Enabled: [V] Program: "Provides tunnel connectivity using IPv6 transition technologies (6to4 Publisher: ISATAP Port Proxy and Teredo) and IP-HTTPS. If this service is stopped the computer will not have the enhanced connectivity benefits that these technologies offer." Entry path: HKLM\System\CurrentControlSet\Services Entry name: iphlpsvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\iphlpsvc.dll" Enabled: [V] Program: "Supports file Publisher: print and named-pipe sharing over the network for this computer. If this service is stopped these functions will be unavailable. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: LanmanServer Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\srvsvc.dll" Enabled: [V] Program: "Creates and maintains client network connections to remote servers using the SMB protocol. If this service is stopped Publisher: these connections will be unavailable. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: LanmanWorkstation Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wkssvc.dll" Enabled: [V] Program: "Provides support for the NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution for clients on the network Publisher: therefore enabling users to share files print and log on to the network. If this service is stopped these functions might be unavailable. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: lmhosts Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\lmhsvc.dll" Enabled: [V] Program: "Enables relative prioritization of work based on system-wide task priorities. This is intended mainly for multimedia applications. If this service is stopped Publisher: individual tasks resort to their default priority." Entry path: HKLM\System\CurrentControlSet\Services Entry name: MMCSS Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\mmcss.dll" Enabled: [V] Program: "Windows Firewall helps protect your computer by preventing unauthorized users from gaining access to your computer through the Internet or a network." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: MpsSvc Program path & name: "c:\windows\system32\mpssvc.dll" Enabled: [V] Program: "Collects and stores configuration information for the network and notifies programs when this information is modified. If this service is stopped Publisher: configuration information might be unavailable. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: NlaSvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\nlasvc.dll" Enabled: [V] Program: "This service delivers network notifications (e.g. interface addition/deleting etc) to user mode clients. Stopping this service will cause loss of network connectivity. If this service is disabled Publisher: any other services that explicitly depend on this service will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: nsi Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\nsisvc.dll" Enabled: [V] Program: "Provides system and desktop level support to the NVIDIA display driver" Publisher: "(Not verified) NVIDIA Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: nvsvc Program path & name: "c:\windows\system32\nvvsvc.exe" Enabled: [V] Program: "This service provides support for the Program Compatibility Assistant (PCA). PCA monitors programs installed and run by the user and detects known compatibility problems. If this service is stopped Publisher: PCA will not function properly." Entry path: HKLM\System\CurrentControlSet\Services Entry name: PcaSvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\pcasvc.dll" Enabled: [V] Program: "Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: PlugPlay Program path & name: "c:\windows\system32\umpnpmgr.dll" Enabled: [V] Program: "PunkBuster Service Component [v1032] http://www.evenbalance.com" Publisher: N/A Entry path: HKLM\System\CurrentControlSet\Services Entry name: PnkBstrA Program path & name: c:\windows\system32\pnkbstra.exe" Enabled: [V] Program: "Manages power policy and power policy notification delivery." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Power Program path & name: "c:\windows\system32\umpo.dll" Enabled: [V] Program: "This service is responsible for loading and unloading user profiles. If this service is stopped or disabled Publisher: users will no longer be able to successfully logon or logoff applications may have problems getting to users' data and components registered to receive profile event notifications will not receive them." Entry path: HKLM\System\CurrentControlSet\Services Entry name: ProfSvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\profsvc.dll" Enabled: [V] Program: "Resolves RPC interfaces identifiers to transport endpoints. If this service is stopped or disabled Publisher: programs using Remote Procedure Call (RPC) services will not function properly." Entry path: HKLM\System\CurrentControlSet\Services Entry name: RpcEptMapper Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\rpcepmap.dll" Enabled: [V] Program: "The RPCSS service is the Service Control Manager for COM and DCOM servers. It performs object activations requests Publisher: object exporter resolutions and distributed garbage collection for COM and DCOM servers. If this service is stopped or disabled programs using COM or DCOM will not function properly. It is strongly recommended that you have the RPCSS service running" Entry path: HKLM\System\CurrentControlSet\Services Entry name: RpcSs Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\rpcss.dll" Enabled: [V] Program: "The startup of this service signals other services that the Security Accounts Manager (SAM) is ready to accept requests. Disabling this service will prevent other services in the system from being notified when the SAM is ready Publisher: which may in turn cause those services to fail to start correctly. This service should not be disabled." Entry path: HKLM\System\CurrentControlSet\Services Entry name: SamSs Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\lsass.exe" Enabled: [V] Program: "Spybot-S&D Security Center integration" Publisher: "(Not verified) Safer Networking Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: SBSDWSCService Program path & name: "c:\program files (x86)\spybot - search & destroy\sdwinsec.exe" Enabled: [V] Program: "Enables a user to configure and schedule automated tasks on this computer. The service also hosts multiple Windows system-critical tasks. If this service is stopped or disabled Publisher: these tasks will not be run at their scheduled times. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Schedule Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\schedsvc.dll" Enabled: [V] Program: "Monitors system events and notifies subscribers to COM+ Event System of these events." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: SENS Program path & name: "c:\windows\system32\sens.dll" Enabled: [V] Program: "Provides notifications for AutoPlay hardware events." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: ShellHWDetection Program path & name: "c:\windows\system32\shsvcs.dll" Enabled: [V] Program: "Loads files to memory for later printing" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Spooler Program path & name: "c:\windows\system32\spoolsv.exe" Enabled: [V] Program: "Enables the download Publisher: installation and enforcement of digital licenses for Windows and Windows applications. If the service is disabled the operating system and licensed applications may run in a notification mode. It is strongly recommended that you not disable the Software Protection service." Entry path: HKLM\System\CurrentControlSet\Services Entry name: sppsvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\sppsvc.exe" Enabled: [V] Program: "Provides system support for NVIDIA Stereoscopic 3D driver" Publisher: "(Not verified) NVIDIA Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Stereo Service Program path & name: "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe" Enabled: [V] Program: "Maintains and improves system performance over time." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: SysMain Program path & name: "c:\windows\system32\sysmain.dll" Enabled: [V] Program: "Provides user experience theme management." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Themes Program path & name: "c:\windows\system32\themeservice.dll" Enabled: [V] Program: "Maintains links between NTFS files within a computer or across computers in a network." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: TrkWks Program path & name: "c:\windows\system32\trkwks.dll" Enabled: [V] Program: "Provides Desktop Window Manager startup and maintenance services" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: UxSms Program path & name: "c:\windows\system32\uxsms.dll" Enabled: [V] Program: "Protection against spyware and potentially unwanted software" Publisher: N/A Entry path: HKLM\System\CurrentControlSet\Services Entry name: WinDefend Program path & name: File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll" Enabled: [V] Program: "Provides a common interface and object model to access management information about operating system Publisher: devices applications and services. If this service is stopped most Windows-based software will not function properly. If this service is disabled any services that explicitly depend on it will fail to start." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Winmgmt Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wbem\wmisvc.dll" Enabled: [V] Program: "The WLANSVC service provides the logic required to configure Publisher: discover connect to and disconnect from a wireless local area network (WLAN) as defined by IEEE 802.11 standards. It also contains the logic to turn your computer into a software access point so that other devices or computers can connect to your computer wirelessly using a WLAN adapter that can support this. Stopping or disabling the WLANSVC service will make all WLAN adapters on your computer inaccessible from the Windows networking UI. It is strongly recommended that you have the WLANSVC service running if your computer has a WLAN adapter." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Wlansvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wlansvc.dll" Enabled: [V] Program: "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" Publisher: N/A Entry path: HKLM\System\CurrentControlSet\Services Entry name: WMPNetworkSvc Program path & name: File not found: C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" Enabled: [V] Program: "The WSCSVC (Windows Security Center) service monitors and reports security health settings on the computer. The health settings include firewall (on/off) Publisher: antivirus (on/off/out of date) antispyware (on/off/out of date) Windows Update (automatically/manually download and install updates) User Account Control (on/off) and Internet settings (recommended/not recommended). The service provides COM APIs for independent software vendors to register and record the state of their products to the Security Center service. The Action Center (AC) UI uses the service to provide systray alerts and a graphical view of the security health states in the AC control panel. Network Access Protection (NAP) uses the service to report the security health states of clients to the NAP Network Policy Server to make network quarantine decisions. The service also has a public API that allows external consumers to programmatically retrieve the aggregated security health state of the system." Entry path: HKLM\System\CurrentControlSet\Services Entry name: wscsvc Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wscsvc.dll" Enabled: [V] Program: "Provides content indexing Publisher: property caching and search results for files e-mail and other content." Entry path: HKLM\System\CurrentControlSet\Services Entry name: WSearch Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\searchindexer.exe" Enabled: [V] Program: "Enables the detection Publisher: download and installation of updates for Windows and other programs. If this service is disabled users of this computer will not be able to use Windows Update or its automatic updating feature and programs will not be able to use the Windows Update Agent (WUA) API." Entry path: HKLM\System\CurrentControlSet\Services Entry name: wuauserv Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\wuaueng.dll" Enabled: [V] Program: "Manages user-mode driver host processes." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: wudfsvc Program path & name: "c:\windows\system32\wudfsvc.dll" Enabled: [V] Program: "1394 OpenHCI Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: 1394ohci Program path & name: "c:\windows\system32\drivers\1394ohci.sys" Enabled: [V] Program: "ACPI Driver for NT" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: ACPI Program path & name: "c:\windows\system32\drivers\acpi.sys" Enabled: [V] Program: "ACPI Power Metering Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AcpiPmi Program path & name: "c:\windows\system32\drivers\acpipmi.sys" Enabled: [V] Program: "Adaptec Windows SAS/SATA Storport Driver" Publisher: "(Not verified) Adaptec Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: adp94xx Program path & name: "c:\windows\system32\drivers\adp94xx.sys" Enabled: [V] Program: "Adaptec Windows SATA Storport Driver" Publisher: "(Not verified) Adaptec Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: adpahci Program path & name: "c:\windows\system32\drivers\adpahci.sys" Enabled: [V] Program: "Adaptec StorPort Ultra320 SCSI Driver (X64)" Publisher: "(Not verified) Adaptec Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: adpu320 Program path & name: "c:\windows\system32\drivers\adpu320.sys" Enabled: [V] Program: "@%systemroot%\system32\drivers\afd.sys Publisher: -1000" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AFD Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\afd.sys" Enabled: [V] Program: "440 NT AGP Filter" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: agp440 Program path & name: "c:\windows\system32\drivers\agp440.sys" Enabled: [V] Program: "ALi mini IDE Driver" Publisher: "(Not verified) Acer Laboratories Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: aliide Program path & name: "c:\windows\system32\drivers\aliide.sys" Enabled: [V] Program: "AMD IDE Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: amdide Program path & name: "c:\windows\system32\drivers\amdide.sys" Enabled: [V] Program: "Processor Device Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AmdK8 Program path & name: "c:\windows\system32\drivers\amdk8.sys" Enabled: [V] Program: "Processor Device Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AmdPPM Program path & name: "c:\windows\system32\drivers\amdppm.sys" Enabled: [V] Program: "AHCI 1.2 Device Driver" Publisher: "(Not verified) Advanced Micro Devices" Entry path: HKLM\System\CurrentControlSet\Services Entry name: amdsata Program path & name: "c:\windows\system32\drivers\amdsata.sys" Enabled: [V] Program: "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" Publisher: "(Not verified) AMD Technologies Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: amdsbs Program path & name: "c:\windows\system32\drivers\amdsbs.sys" Enabled: [V] Program: "Storage Filter Driver" Publisher: "(Not verified) Advanced Micro Devices" Entry path: HKLM\System\CurrentControlSet\Services Entry name: amdxata Program path & name: "c:\windows\system32\drivers\amdxata.sys" Enabled: [V] Program: "@%systemroot%\system32\appidsvc.dll Publisher: -103" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AppID Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\appid.sys" Enabled: [V] Program: "Adaptec RAID Storport Driver" Publisher: "(Not verified) Adaptec Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: arc Program path & name: "c:\windows\system32\drivers\arc.sys" Enabled: [V] Program: "Adaptec SAS RAID WS03 Driver" Publisher: "(Not verified) Adaptec Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: arcsas Program path & name: "c:\windows\system32\drivers\arcsas.sys" Enabled: [V] Program: "@%systemroot%\system32\rascfg.dll Publisher: -32000" Entry path: HKLM\System\CurrentControlSet\Services Entry name: AsyncMac Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\asyncmac.sys" Enabled: [V] Program: "ATAPI IDE Miniport Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: atapi Program path & name: "c:\windows\system32\drivers\atapi.sys" Enabled: [V] Program: "Broadcom NetXtreme II GigE VBD" Publisher: "(Not verified) Broadcom Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: b06bdrv Program path & name: "c:\windows\system32\drivers\bxvbda.sys" Enabled: [V] Program: "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." Publisher: "(Not verified) Broadcom Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: b57nd60a Program path & name: "c:\windows\system32\drivers\b57nd60a.sys" Enabled: [V] Program: "BLB Drive Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: blbdrive Program path & name: "c:\windows\system32\drivers\blbdrive.sys" Enabled: [V] Program: "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BrFiltLo Program path & name: "c:\windows\system32\drivers\brfiltlo.sys" Enabled: [V] Program: "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BrFiltUp Program path & name: "c:\windows\system32\drivers\brfiltup.sys" Enabled: [V] Program: "Brotehr Serial I/F Driver (WDM)" Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: Brserid Program path & name: "c:\windows\system32\drivers\brserid.sys" Enabled: [V] Program: "Brother Serial driver (WDM version)" Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BrSerWdm Program path & name: "c:\windows\system32\drivers\brserwdm.sys" Enabled: [V] Program: "Brother USB MDM Driver " Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BrUsbMdm Program path & name: "c:\windows\system32\drivers\brusbmdm.sys" Enabled: [V] Program: "Brother USB Serial Driver" Publisher: "(Not verified) Brother Industries Ltd." Entry path: HKLM\System\CurrentControlSet\Services Entry name: BrUsbSer Program path & name: "c:\windows\system32\drivers\brusbser.sys" Enabled: [V] Program: "Bluetooth Communications Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: BTHMODEM Program path & name: "c:\windows\system32\drivers\bthmodem.sys" Enabled: [V] Program: "SCSI CD-ROM Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: cdrom Program path & name: "c:\windows\system32\drivers\cdrom.sys" Enabled: [V] Program: "Consumer IR Class Driver for eHome" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: circlass Program path & name: "c:\windows\system32\drivers\circlass.sys" Enabled: [V] Program: "@%SystemRoot%\system32\clfs.sys Publisher: -101" Entry path: HKLM\System\CurrentControlSet\Services Entry name: CLFS Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\clfs.sys" Enabled: [V] Program: "Control Method Battery Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: CmBatt Program path & name: "c:\windows\system32\drivers\cmbatt.sys" Enabled: [V] Program: "CMD PCI IDE Bus Driver" Publisher: "(Not verified) CMD Technology Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: cmdide Program path & name: "c:\windows\system32\drivers\cmdide.sys" Enabled: [V] Program: "Kernel Cryptography Publisher: Next Generation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: CNG Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\cng.sys" Enabled: [V] Program: "Composite Battery Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Compbatt Program path & name: "c:\windows\system32\drivers\compbatt.sys" Enabled: [V] Program: "Multi-Transport Composite Bus Enumerator" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: CompositeBus Program path & name: "c:\windows\system32\drivers\compositebus.sys" Enabled: [V] Program: "@%systemroot%\system32\cscsvc.dll Publisher: -203" Entry path: HKLM\System\CurrentControlSet\Services Entry name: CSC Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\csc.sys" Enabled: [V] Program: "@%systemroot%\system32\drivers\discache.sys Publisher: -101" Entry path: HKLM\System\CurrentControlSet\Services Entry name: discache Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\discache.sys" Enabled: [V] Program: "PnP Disk Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: Disk Program path & name: "c:\windows\system32\drivers\disk.sys" Enabled: [V] Program: "Microsoft Trusted Audio Drivers" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: drmkaud Program path & name: "c:\windows\system32\drivers\drmkaud.sys" Enabled: [V] Program: "Controls the underlying video driver stacks to provide fully-featured display capabilities." Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: DXGKrnl Program path & name: "c:\windows\system32\drivers\dxgkrnl.sys" Enabled: [V] Program: "Broadcom NetXtreme II 10 GigE VBD" Publisher: "(Not verified) Broadcom Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: ebdrv Program path & name: "c:\windows\system32\drivers\evbda.sys" Enabled: [V] Program: "Storport Miniport Driver for LightPulse HBAs" Publisher: "(Not verified) Emulex" Entry path: HKLM\System\CurrentControlSet\Services Entry name: elxstor Program path & name: "c:\windows\system32\drivers\elxstor.sys" Enabled: [V] Program: "Error Device Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: ErrDev Program path & name: "c:\windows\system32\drivers\errdev.sys" Enabled: [V] Program: "Floppy Disk Controller Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: fdc Program path & name: "c:\windows\system32\drivers\fdc.sys" Enabled: [V] Program: "Floppy Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: flpydisk Program path & name: "c:\windows\system32\drivers\flpydisk.sys" Enabled: [V] Program: "@%SystemRoot%\system32\drivers\fvevol.sys Publisher: -100" Entry path: HKLM\System\CurrentControlSet\Services Entry name: fvevol Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\fvevol.sys" Enabled: [V] Program: "MS Generic AGPv3.0 Filter for K8/9 Processor Platforms" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: gagp30kx Program path & name: "c:\windows\system32\drivers\gagp30kx.sys" Enabled: [V] Program: "Hauppauge WinTV 885 Consumer IR Driver for eHome" Publisher: "(Not verified) Hauppauge Computer Works Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: hcw85cir Program path & name: "c:\windows\system32\drivers\hcw85cir.sys" Enabled: [V] Program: "High Definition Audio Function Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HdAudAddService Program path & name: "c:\windows\system32\drivers\hdaudio.sys" Enabled: [V] Program: "High Definition Audio Bus Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HDAudBus Program path & name: "c:\windows\system32\drivers\hdaudbus.sys" Enabled: [V] Program: "Hid Battery Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HidBatt Program path & name: "c:\windows\system32\drivers\hidbatt.sys" Enabled: [V] Program: "Bluetooth Miniport Driver for HID Devices" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HidBth Program path & name: "c:\windows\system32\drivers\hidbth.sys" Enabled: [V] Program: "Infrared Miniport Driver for Input Devices" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HidIr Program path & name: "c:\windows\system32\drivers\hidir.sys" Enabled: [V] Program: "USB Miniport Driver for Input Devices" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HidUsb Program path & name: "c:\windows\system32\drivers\hidusb.sys" Enabled: [V] Program: "Smart Array SAS/SATA Controller Media Driver" Publisher: "(Not verified) Hewlett-Packard Company" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HpSAMD Program path & name: "c:\windows\system32\drivers\hpsamd.sys" Enabled: [V] Program: "@%SystemRoot%\system32\drivers\http.sys Publisher: -2" Entry path: HKLM\System\CurrentControlSet\Services Entry name: HTTP Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\http.sys" Enabled: [V] Program: "@%systemroot%\system32\drivers\hwpolicy.sys Publisher: -102" Entry path: HKLM\System\CurrentControlSet\Services Entry name: hwpolicy Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\hwpolicy.sys" Enabled: [V] Program: "i8042 Port Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: i8042prt Program path & name: "c:\windows\system32\drivers\i8042prt.sys" Enabled: [V] Program: "Intel Matrix Storage Manager driver - x64" Publisher: "(Not verified) Intel Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: iaStor Program path & name: "c:\windows\system32\drivers\iastor.sys" Enabled: [V] Program: "Intel Matrix Storage Manager driver - x64" Publisher: "(Not verified) Intel Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: iaStorV Program path & name: "c:\windows\system32\drivers\iastorv.sys" Enabled: [V] Program: "Intel/ICP Raid Storport Driver" Publisher: "(Not verified) Intel Corp./ICP vortex GmbH" Entry path: HKLM\System\CurrentControlSet\Services Entry name: iirsp Program path & name: "c:\windows\system32\drivers\iirsp.sys" Enabled: [V] Program: "Realtek(r) High Definition Audio Function Driver" Publisher: "(Not verified) Realtek Semiconductor Corp." Entry path: HKLM\System\CurrentControlSet\Services Entry name: IntcAzAudAddService Program path & name: "c:\windows\system32\drivers\rtkvhd64.sys" Enabled: [V] Program: "Intel PCI IDE Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: intelide Program path & name: "c:\windows\system32\drivers\intelide.sys" Enabled: [V] Program: "Processor Device Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: intelppm Program path & name: "c:\windows\system32\drivers\intelppm.sys" Enabled: [V] Program: "@%systemroot%\system32\rascfg.dll Publisher: -32013" Entry path: HKLM\System\CurrentControlSet\Services Entry name: IpFilterDriver Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\ipfltdrv.sys" Enabled: [V] Program: "WMI IPMI DRIVER" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: IPMIDRV Program path & name: "c:\windows\system32\drivers\ipmidrv.sys" Enabled: [V] Program: "IP Network Address Translator" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: IPNAT Program path & name: "c:\windows\system32\drivers\ipnat.sys" Enabled: [V] Program: "@%SystemRoot%\system32\drivers\irenum.sys Publisher: -101" Entry path: HKLM\System\CurrentControlSet\Services Entry name: IRENUM Program path & name: "(Not verified) Microsoft Corporation""c:\windows\system32\drivers\irenum.sys" Enabled: [V] Program: "PNP ISA Bus Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: isapnp Program path & name: "c:\windows\system32\drivers\isapnp.sys" Enabled: [V] Program: "Microsoft iSCSI Initiator Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: iScsiPrt Program path & name: "c:\windows\system32\drivers\msiscsi.sys" Enabled: [V] Program: "Keyboard Class Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: kbdclass Program path & name: "c:\windows\system32\drivers\kbdclass.sys" Enabled: [V] Program: "HID Keyboard Filter Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: kbdhid Program path & name: "c:\windows\system32\drivers\kbdhid.sys" Enabled: [V] Program: "Kaspersky Unified Driver" Publisher: "(Not verified) Kaspersky Lab" Entry path: HKLM\System\CurrentControlSet\Services Entry name: kl1 Program path & name: "c:\windows\system32\drivers\kl1.sys" Enabled: [V] Program: "Kaspersky Lab Boot Guard" Publisher: "(Not verified) Kaspersky Lab" Entry path: HKLM\System\CurrentControlSet\Services Entry name: KLBG Program path & name: "c:\windows\system32\drivers\klbg.sys" Enabled: [V] Program: "Kaspersky Anti-Virus NDIS 6 Filter" Publisher: "(Not verified) Kaspersky Lab" Entry path: HKLM\System\CurrentControlSet\Services Entry name: KLIM6 Program path & name: "c:\windows\system32\drivers\klim6.sys" Enabled: [V] Program: "Kaspersky Lab Mouse Class Filter" Publisher: "(Not verified) Kaspersky Lab" Entry path: HKLM\System\CurrentControlSet\Services Entry name: klmouflt Program path & name: "c:\windows\system32\drivers\klmouflt.sys" Enabled: [V] Program: "Kernel Security Support Provider Interface" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: KSecDD Program path & name: "c:\windows\system32\drivers\ksecdd.sys" Enabled: [V] Program: "Kernel Security Support Provider Interface Packages" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: KSecPkg Program path & name: "c:\windows\system32\drivers\ksecpkg.sys" Enabled: [V] Program: "Kernel Streaming WOW Thunk Service" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: ksthunk Program path & name: "c:\windows\system32\drivers\ksthunk.sys" Enabled: [V] Program: "Logitech PS/2 Mouse Filter Driver." Publisher: "(Not verified) Logitech Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: L8042mou Program path & name: "c:\windows\system32\drivers\l8042mou.sys" Enabled: [V] Program: "LGPBTDD Driver" Publisher: "(Not verified) Logitech Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: LGPBTDD Program path & name: "c:\windows\system32\drivers\lgpbtdd.sys" Enabled: [V] Program: "Logitech HID Filter Driver." Publisher: "(Not verified) Logitech Inc." Entry path: HKLM\System\CurrentControlSet\Services Entry name: LHidFilt Program path & name: "c:\windows\system32\drivers\lhidfilt.sys" Enabled: [V] Program: "Link-Layer Topology Mapper I/O Driver" Publisher: "(Not verified) Microsoft Corporation" Entry path: HKLM\System\CurrentControlSet\Services Entry name: lltdio Program path & name: "c:\windows\system32\drivers\lltdio.sys" Enabled: [V] |
|
|
|
|
21-02-10, 23:53
|
#6 |
|
Tomb Raider
Join Date: Nov 2006
Posts: 10,078
|
And here's part 2, it was apparently too long for one post.
 Code:
Program:
"Logitech Mouse Filter Driver."
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LMouFilt
Program path & name:
"c:\windows\system32\drivers\lmoufilt.sys"
Enabled: [V]
Program:
"Logitech Filter Driver for Mouse Class."
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LMouKE
Program path & name:
"c:\windows\system32\drivers\lmouke.sys"
Enabled: [V]
Program:
"LSI Fusion-MPT FC Driver (StorPort)"
Publisher:
"(Not verified) LSI Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LSI_FC
Program path & name:
"c:\windows\system32\drivers\lsi_fc.sys"
Enabled: [V]
Program:
"LSI Fusion-MPT SAS Driver (StorPort)"
Publisher:
"(Not verified) LSI Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LSI_SAS
Program path & name:
"c:\windows\system32\drivers\lsi_sas.sys"
Enabled: [V]
Program:
"LSI SAS Gen2 Driver (StorPort)"
Publisher:
"(Not verified) LSI Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LSI_SAS2
Program path & name:
"c:\windows\system32\drivers\lsi_sas2.sys"
Enabled: [V]
Program:
"LSI Fusion-MPT SCSI Driver (StorPort)"
Publisher:
"(Not verified) LSI Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LSI_SCSI
Program path & name:
"c:\windows\system32\drivers\lsi_scsi.sys"
Enabled: [V]
Program:
"Logitech USB Filter Driver."
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
LUsbFilt
Program path & name:
"c:\windows\system32\drivers\lusbfilt.sys"
Enabled: [V]
Program:
"Pinnacle Marvin Discrete Bus Enumerator"
Publisher:
"(Not verified) Pinnacle Systems GmbH"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MarvinBus
Program path & name:
"c:\windows\system32\drivers\marvinbus64.sys"
Enabled: [V]
Program:
"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"
Publisher:
"(Not verified) LSI Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
megasas
Program path & name:
"c:\windows\system32\drivers\megasas.sys"
Enabled: [V]
Program:
"LSI MegaRAID Software RAID Driver"
Publisher:
"(Not verified) LSI Corporation Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MegaSR
Program path & name:
"c:\windows\system32\drivers\megasr.sys"
Enabled: [V]
Program:
"Modem Device Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Modem
Program path & name:
"c:\windows\system32\drivers\modem.sys"
Enabled: [V]
Program:
"Monitor Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
monitor
Program path & name:
"c:\windows\system32\drivers\monitor.sys"
Enabled: [V]
Program:
"Mouse Class Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mouclass
Program path & name:
"c:\windows\system32\drivers\mouclass.sys"
Enabled: [V]
Program:
"HID Mouse Filter Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mouhid
Program path & name:
"c:\windows\system32\drivers\mouhid.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\mountmgr.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mountmgr
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\mountmgr.sys"
Enabled: [V]
Program:
"MultiPath Support Bus-Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mpio
Program path & name:
"c:\windows\system32\drivers\mpio.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\FirewallAPI.dll
Publisher:
-23093"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mpsdrv
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\mpsdrv.sys"
Enabled: [V]
Program:
"MS AHCI 1.0 Standard Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
msahci
Program path & name:
"c:\windows\system32\drivers\msahci.sys"
Enabled: [V]
Program:
"Microsoft Device Specific Module"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
msdsm
Program path & name:
"c:\windows\system32\drivers\msdsm.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\mshidkmdf.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mshidkmdf
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\mshidkmdf.sys"
Enabled: [V]
Program:
"ISA Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
msisadrv
Program path & name:
"c:\windows\system32\drivers\msisadrv.sys"
Enabled: [V]
Program:
"MS KS Server"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MSKSSRV
Program path & name:
"c:\windows\system32\drivers\mskssrv.sys"
Enabled: [V]
Program:
"MS Proxy Clock"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MSPCLOCK
Program path & name:
"c:\windows\system32\drivers\mspclock.sys"
Enabled: [V]
Program:
"MS Proxy Quality Manager"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MSPQM
Program path & name:
"c:\windows\system32\drivers\mspqm.sys"
Enabled: [V]
Program:
"System Management BIOS Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
mssmbios
Program path & name:
"c:\windows\system32\drivers\mssmbios.sys"
Enabled: [V]
Program:
"WDM Tee/Communication Transform Filter "
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MSTEE
Program path & name:
"c:\windows\system32\drivers\mstee.sys"
Enabled: [V]
Program:
"Microsoft Multi-Touch HID Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
MTConfig
Program path & name:
"c:\windows\system32\drivers\mtconfig.sys"
Enabled: [V]
Program:
"NativeWiFi Miniport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NativeWifiP
Program path & name:
"c:\windows\system32\drivers\nwifi.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\ndis.sys
Publisher:
-201"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NDIS
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\ndis.sys"
Enabled: [V]
Program:
"NDIS Capture LightWeight Filter"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NdisCap
Program path & name:
"c:\windows\system32\drivers\ndiscap.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32001"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NdisTapi
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\ndistapi.sys"
Enabled: [V]
Program:
"NDIS User mode I/O driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Ndisuio
Program path & name:
"c:\windows\system32\drivers\ndisuio.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32002"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NdisWan
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\ndiswan.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\netbt.sys
Publisher:
-1"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
NetBT
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\netbt.sys"
Enabled: [V]
Program:
"Ralink 802.11 Wireless Adapter Driver"
Publisher:
"(Not verified) Ralink Technology Corp."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
netr28x
Program path & name:
"c:\windows\system32\drivers\netr28x.sys"
Enabled: [V]
Program:
"IBM ServeRAID Controller Driver"
Publisher:
"(Not verified) IBM Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nfrd960
Program path & name:
"c:\windows\system32\drivers\nfrd960.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\nsiproxy.sys
Publisher:
-1"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nsiproxy
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\nsiproxy.sys"
Enabled: [V]
Program:
"NVIDIA Windows Kernel Mode Driver
Publisher:
Version 186.27 "
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nvlddmkm
Program path & name:
"(Not verified) NVIDIA Corporation""c:\windows\system32\drivers\nvlddmkm.sys"
Enabled: [V]
Program:
"NVIDIA® nForce(TM) RAID Driver"
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nvraid
Program path & name:
"c:\windows\system32\drivers\nvraid.sys"
Enabled: [V]
Program:
"NVIDIA® nForce(TM) Sata Performance Driver"
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nvstor
Program path & name:
"c:\windows\system32\drivers\nvstor.sys"
Enabled: [V]
Program:
"NForce NT AGP Filter"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
nv_agp
Program path & name:
"c:\windows\system32\drivers\nv_agp.sys"
Enabled: [V]
Program:
"1394 OpenHCI Port Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ohci1394
Program path & name:
"c:\windows\system32\drivers\ohci1394.sys"
Enabled: [V]
Program:
"Parallel Port Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Parport
Program path & name:
"c:\windows\system32\drivers\parport.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\partmgr.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
partmgr
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\partmgr.sys"
Enabled: [V]
Program:
"NT Plug and Play PCI Enumerator"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pci
Program path & name:
"c:\windows\system32\drivers\pci.sys"
Enabled: [V]
Program:
"Generic PCI IDE Bus Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pciide
Program path & name:
"c:\windows\system32\drivers\pciide.sys"
Enabled: [V]
Program:
"PCMCIA Bus Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pcmcia
Program path & name:
"c:\windows\system32\drivers\pcmcia.sys"
Enabled: [V]
Program:
"Performance Counters for Windows Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
pcw
Program path & name:
"c:\windows\system32\drivers\pcw.sys"
Enabled: [V]
Program:
"Protected Environment Authentication and Authorization Export Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PEAUTH
Program path & name:
"c:\windows\system32\drivers\peauth.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32006"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
PptpMiniport
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\raspptp.sys"
Enabled: [V]
Program:
"Processor Device Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Processor
Program path & name:
"c:\windows\system32\drivers\processr.sys"
Enabled: [V]
Program:
"@%SystemRoot%\System32\drivers\pacer.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Psched
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\pacer.sys"
Enabled: [V]
Program:
"QLogic Fibre Channel Stor Miniport Driver"
Publisher:
"(Not verified) QLogic Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ql2300
Program path & name:
"c:\windows\system32\drivers\ql2300.sys"
Enabled: [V]
Program:
"QLogic iSCSI Storport Miniport Driver"
Publisher:
"(Not verified) QLogic Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
ql40xx
Program path & name:
"c:\windows\system32\drivers\ql40xx.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\qwavedrv.sys
Publisher:
-2"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
QWAVEdrv
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\qwavedrv.sys"
Enabled: [V]
Program:
"Remote Access Auto Connection Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RasAcd
Program path & name:
"c:\windows\system32\drivers\rasacd.sys"
Enabled: [V]
Program:
"WAN Miniport (IKEv2)"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RasAgileVpn
Program path & name:
"c:\windows\system32\drivers\agilevpn.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32005"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Rasl2tp
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\rasl2tp.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32007"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RasPppoe
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\raspppoe.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\sstpsvc.dll
Publisher:
-202"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RasSstp
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\rassstp.sys"
Enabled: [V]
Program:
"Microsoft RDP Bus Device driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
rdpbus
Program path & name:
"c:\windows\system32\drivers\rdpbus.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\DRIVERS\RDPCDD.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RDPCDD
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\rdpcdd.sys"
Enabled: [V]
Program:
"Microsoft RDP Device redirector"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RDPDR
Program path & name:
"c:\windows\system32\drivers\rdpdr.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\drivers\RDPENCDD.sys
Publisher:
-100"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RDPENCDD
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\rdpencdd.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\drivers\RdpRefMp.sys
Publisher:
-100"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RDPREFMP
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\rdprefmp.sys"
Enabled: [V]
Program:
"ReadyBoost"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
rdyboost
Program path & name:
"c:\windows\system32\drivers\rdyboost.sys"
Enabled: [V]
Program:
"Link-Layer Topology Responder Driver for NDIS 6"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
rspndr
Program path & name:
"c:\windows\system32\drivers\rspndr.sys"
Enabled: [V]
Program:
"Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver "
Publisher:
"(Not verified) Realtek "
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
RTL8167
Program path & name:
"c:\windows\system32\drivers\rt64win7.sys"
Enabled: [V]
Program:
"Microsoft S3 Emulated Device Cap Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
s3cap
Program path & name:
"c:\windows\system32\drivers\vms3cap.sys"
Enabled: [V]
Program:
"SBP-2 Protocol Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sbp2port
Program path & name:
"c:\windows\system32\drivers\sbp2port.sys"
Enabled: [V]
Program:
"@%SystemRoot%\System32\drivers\scfilter.sys
Publisher:
-12"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
scfilter
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\scfilter.sys"
Enabled: [V]
Program:
"Serial Port Enumerator"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Serenum
Program path & name:
"c:\windows\system32\drivers\serenum.sys"
Enabled: [V]
Program:
"Serial Device Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Serial
Program path & name:
"c:\windows\system32\drivers\serial.sys"
Enabled: [V]
Program:
"Serial Mouse Filter Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sermouse
Program path & name:
"c:\windows\system32\drivers\sermouse.sys"
Enabled: [V]
Program:
"Small Form Factor Disk Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sffdisk
Program path & name:
"c:\windows\system32\drivers\sffdisk.sys"
Enabled: [V]
Program:
"Small Form Factor MMC Protocol Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sffp_mmc
Program path & name:
"c:\windows\system32\drivers\sffp_mmc.sys"
Enabled: [V]
Program:
"Small Form Factor SD Protocol Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sffp_sd
Program path & name:
"c:\windows\system32\drivers\sffp_sd.sys"
Enabled: [V]
Program:
"SCSI Floppy Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
sfloppy
Program path & name:
"c:\windows\system32\drivers\sfloppy.sys"
Enabled: [V]
Program:
"SiS RAID Stor Miniport Driver"
Publisher:
"(Not verified) Silicon Integrated Systems Corp."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SiSRaid2
Program path & name:
"c:\windows\system32\drivers\sisraid2.sys"
Enabled: [V]
Program:
"SiS AHCI Stor-Miniport Driver"
Publisher:
"(Not verified) Silicon Integrated Systems"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SiSRaid4
Program path & name:
"c:\windows\system32\drivers\sisraid4.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\tcpipcfg.dll
Publisher:
-50006"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Smb
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\smb.sys"
Enabled: [V]
Program:
"USB2.0 PC Camera driver"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
SNP2STD
Program path & name:
c:\windows\system32\drivers\snp2sxp.sys"
Enabled: [V]
Program:
"Promise SuperTrak EX Series Driver for Windows "
Publisher:
"(Not verified) Promise Technology"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
stexstor
Program path & name:
"c:\windows\system32\drivers\stexstor.sys"
Enabled: [V]
Program:
"Virtual Storage Filter Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
storflt
Program path & name:
"c:\windows\system32\drivers\vmstorfl.sys"
Enabled: [V]
Program:
"Storage VSC Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
storvsc
Program path & name:
"c:\windows\system32\drivers\storvsc.sys"
Enabled: [V]
Program:
"Plug and Play Software Device Enumerator"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
swenum
Program path & name:
"c:\windows\system32\drivers\swenum.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\tcpipcfg.dll
Publisher:
-50003"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Tcpip
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\tcpip.sys"
Enabled: [V]
Program:
"Microsoft IPv6 Protocol Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TCPIP6
Program path & name:
"c:\windows\system32\drivers\tcpip.sys"
Enabled: [V]
Program:
"Provides compatibility for legacy applications which interact with TCP/IP through the registry. If this service is stopped
Publisher:
certain applications may have impaired functionality."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
tcpipreg
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\tcpipreg.sys"
Enabled: [V]
Program:
"Named Pipe Transport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TDPIPE
Program path & name:
"c:\windows\system32\drivers\tdpipe.sys"
Enabled: [V]
Program:
"TCP Transport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TDTCP
Program path & name:
"c:\windows\system32\drivers\tdtcp.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\tcpipcfg.dll
Publisher:
-50004"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
tdx
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\tdx.sys"
Enabled: [V]
Program:
"Remote Desktop Server Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
TermDD
Program path & name:
"c:\windows\system32\drivers\termdd.sys"
Enabled: [V]
Program:
"@%SystemRoot%\System32\DRIVERS\tssecsrv.sys
Publisher:
-102"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
tssecsrv
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\tssecsrv.sys"
Enabled: [V]
Program:
"Microsoft Tunnel Interface Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
tunnel
Program path & name:
"c:\windows\system32\drivers\tunnel.sys"
Enabled: [V]
Program:
"MS AGPv3.5 Filter"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
uagp35
Program path & name:
"c:\windows\system32\drivers\uagp35.sys"
Enabled: [V]
Program:
"ULi AGPv3.0 Filter for K8/9 Processor Platforms"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
uliagpkx
Program path & name:
"c:\windows\system32\drivers\uliagpkx.sys"
Enabled: [V]
Program:
"User-Mode Bus Enumerator"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
umbus
Program path & name:
"c:\windows\system32\drivers\umbus.sys"
Enabled: [V]
Program:
"Generic pass-through driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
UmPass
Program path & name:
"c:\windows\system32\drivers\umpass.sys"
Enabled: [V]
Program:
"USB Audio Class Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbaudio
Program path & name:
"c:\windows\system32\drivers\usbaudio.sys"
Enabled: [V]
Program:
"USB Common Class Generic Parent Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbccgp
Program path & name:
"c:\windows\system32\drivers\usbccgp.sys"
Enabled: [V]
Program:
"USB Consumer IR Driver for eHome"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbcir
Program path & name:
"c:\windows\system32\drivers\usbcir.sys"
Enabled: [V]
Program:
"EHCI eUSB Miniport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbehci
Program path & name:
"c:\windows\system32\drivers\usbehci.sys"
Enabled: [V]
Program:
"Default Hub Driver for USB"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbhub
Program path & name:
"c:\windows\system32\drivers\usbhub.sys"
Enabled: [V]
Program:
"OHCI USB Miniport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbohci
Program path & name:
"c:\windows\system32\drivers\usbohci.sys"
Enabled: [V]
Program:
"USB Printer driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbprint
Program path & name:
"c:\windows\system32\drivers\usbprint.sys"
Enabled: [V]
Program:
"USB Mass Storage Class Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
USBSTOR
Program path & name:
"c:\windows\system32\drivers\usbstor.sys"
Enabled: [V]
Program:
"UHCI USB Miniport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
usbuhci
Program path & name:
"c:\windows\system32\drivers\usbuhci.sys"
Enabled: [V]
Program:
"Virtual Drive Root Enumerator"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vdrvroot
Program path & name:
"c:\windows\system32\drivers\vdrvroot.sys"
Enabled: [V]
Program:
"VGA/Super VGA Video Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vga
Program path & name:
"c:\windows\system32\drivers\vgapnp.sys"
Enabled: [V]
Program:
"VGA/Super VGA Video Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
VgaSave
Program path & name:
"c:\windows\system32\drivers\vga.sys"
Enabled: [V]
Program:
"VHD Miniport Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vhdmp
Program path & name:
"c:\windows\system32\drivers\vhdmp.sys"
Enabled: [V]
Program:
"VIA Generic PCI IDE Bus Driver"
Publisher:
"(Not verified) VIA Technologies Inc."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
viaide
Program path & name:
"c:\windows\system32\drivers\viaide.sys"
Enabled: [V]
Program:
"Virtual Machine Bus"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vmbus
Program path & name:
"c:\windows\system32\drivers\vmbus.sys"
Enabled: [V]
Program:
"Microsoft VMBus HID Miniport"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
VMBusHID
Program path & name:
"c:\windows\system32\drivers\vmbushid.sys"
Enabled: [V]
Program:
"Volume Manager Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
volmgr
Program path & name:
"c:\windows\system32\drivers\volmgr.sys"
Enabled: [V]
Program:
"@%SystemRoot%\system32\drivers\volmgrx.sys
Publisher:
-101"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
volmgrx
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\volmgrx.sys"
Enabled: [V]
Program:
"Volume Shadow Copy Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
volsnap
Program path & name:
"c:\windows\system32\drivers\volsnap.sys"
Enabled: [V]
Program:
"VIA RAID DRIVER FOR AMD-X86-64"
Publisher:
"(Not verified) VIA Technologies Inc.Ltd"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vsmraid
Program path & name:
"c:\windows\system32\drivers\vsmraid.sys"
Enabled: [V]
Program:
"Virtual WiFi Bus Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vwifibus
Program path & name:
"c:\windows\system32\drivers\vwifibus.sys"
Enabled: [V]
Program:
"Virtual WiFi Filter Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
vwififlt
Program path & name:
"c:\windows\system32\drivers\vwififlt.sys"
Enabled: [V]
Program:
"Wacom Serial Pen Tablet HID Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WacomPen
Program path & name:
"c:\windows\system32\drivers\wacompen.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32011"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WANARP
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\wanarp.sys"
Enabled: [V]
Program:
"@%systemroot%\system32\rascfg.dll
Publisher:
-32012"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Wanarpv6
Program path & name:
"(Not verified) Microsoft Corporation""c:\windows\system32\drivers\wanarp.sys"
Enabled: [V]
Program:
"Microsoft Watchdog Timer Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Wd
Program path & name:
"c:\windows\system32\drivers\wd.sys"
Enabled: [V]
Program:
"Kernel Mode Driver Framework Runtime"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
Wdf01000
Program path & name:
"c:\windows\system32\drivers\wdf01000.sys"
Enabled: [V]
Program:
"WFP Lightweight Filter"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WfpLwf
Program path & name:
"c:\windows\system32\drivers\wfplwf.sys"
Enabled: [V]
Program:
"Windows Management Interface for ACPI"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WmiAcpi
Program path & name:
"c:\windows\system32\drivers\wmiacpi.sys"
Enabled: [V]
Program:
"Windows Driver Foundation - User-mode Driver Framework Platform Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WudfPf
Program path & name:
"c:\windows\system32\drivers\wudfpf.sys"
Enabled: [V]
Program:
"Windows Driver Foundation - User-mode Driver Framework Reflector"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WUDFRd
Program path & name:
"c:\windows\system32\drivers\wudfrd.sys"
Enabled: [V]
Program:
"XNA Common Controller Driver"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
xnacc
Program path & name:
"c:\windows\system32\drivers\xnacc.sys"
Enabled: [V]
Program:
"Windows Common Controller"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
xusb21
Program path & name:
"c:\windows\system32\drivers\xusb21.sys"
Enabled: [V]
Program:
"Logon Visualizer"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
klogon
Program path & name:
"c:\windows\system32\klogon.dll"
Enabled: [V]
Program:
"Logitech Bluetooth Service"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
Entry name:
LBTWlgn
Program path & name:
"c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
Enabled: [V]
Program:
"Local Spooler DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Entry name:
Local Port
Program path & name:
"c:\windows\system32\localspl.dll"
Enabled: [V]
Program:
"Microsoft Fax Print Monitor"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Entry name:
Microsoft Shared Fax Monitor
Program path & name:
"c:\windows\system32\fxsmon.dll"
Enabled: [V]
Program:
"Standard TCP/IP Port Monitor DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Entry name:
Standard TCP/IP Port
Program path & name:
"c:\windows\system32\tcpmon.dll"
Enabled: [V]
Program:
"Standard Dynamic Printing Port Monitor DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Entry name:
USB Monitor
Program path & name:
"c:\windows\system32\usbmon.dll"
Enabled: [V]
Program:
"WSD Printer Port Monitor"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
Entry name:
WSD Port
Program path & name:
"c:\windows\system32\wsdmon.dll"
Enabled: [V]
Program:
"Credential Delegation Security Package"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
Entry name:
credssp.dll
Program path & name:
"c:\windows\system32\credssp.dll"
Enabled: [V]
Program:
"Credential Delegation Security Package"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
Entry name:
credssp.dll
Program path & name:
"c:\windows\syswow64\credssp.dll"
Enabled: [V]
Program:
"Microsoft Authentication Package v1.0"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
Entry name:
msv1_0
Program path & name:
"c:\windows\system32\msv1_0.dll"
Enabled: [V]
Program:
"Windows Security Configuration Editor Client Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages
Entry name:
scecli
Program path & name:
"c:\windows\system32\scecli.dll"
Enabled: [V]
Program:
"Kerberos Security Package"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
kerberos
Program path & name:
"c:\windows\system32\kerberos.dll"
Enabled: [V]
Program:
"Microsoft Authentication Package v1.0"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
msv1_0
Program path & name:
"c:\windows\system32\msv1_0.dll"
Enabled: [V]
Program:
"TLS / SSL Security Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
schannel
Program path & name:
"c:\windows\system32\schannel.dll"
Enabled: [V]
Program:
"Microsoft Digest Access"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
wdigest
Program path & name:
"c:\windows\system32\wdigest.dll"
Enabled: [V]
Program:
"Web Service Security Package"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
tspkg
Program path & name:
"c:\windows\system32\tspkg.dll"
Enabled: [V]
Program:
"Pku2u Security Package"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages
Entry name:
pku2u
Program path & name:
"c:\windows\system32\pku2u.dll"
Enabled: [V]
Program:
"Windows Authentication UI"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
GenericProvider
Program path & name:
"c:\windows\system32\authui.dll"
Enabled: [V]
Program:
"Windows Authentication UI"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
NPProvider
Program path & name:
"c:\windows\system32\authui.dll"
Enabled: [V]
Program:
"Vault Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
VaultCredProvider
Program path & name:
"c:\windows\system32\vaultcredprovider.dll"
Enabled: [V]
Program:
"Windows Authentication UI"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
PasswordProvider
Program path & name:
"c:\windows\system32\authui.dll"
Enabled: [V]
Program:
"Windows Smartcard Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
Smartcard Credential Provider
Program path & name:
"c:\windows\system32\smartcardcredentialprovider.dll"
Enabled: [V]
Program:
"Windows Smartcard Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
Smartcard Pin Provider
Program path & name:
"c:\windows\system32\smartcardcredentialprovider.dll"
Enabled: [V]
Program:
"WinBio Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
WinBio Credential Provider
Program path & name:
"c:\windows\system32\biocredprov.dll"
Enabled: [V]
Program:
"Cert Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers
Entry name:
CCertProvider
Program path & name:
"c:\windows\system32\certcredprovider.dll"
Enabled: [V]
Program:
"Windows Authentication UI"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters
Entry name:
GenericFilter
Program path & name:
"c:\windows\system32\authui.dll"
Enabled: [V]
Program:
"RAS PLAP Credential Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers
Entry name:
CRasProvider
Program path & name:
"c:\windows\system32\rasplap.dll"
Enabled: [V]
Program:
"Microsoft Terminal Services"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Entry name:
RDPNP
Program path & name:
"c:\windows\system32\drprov.dll"
Enabled: [V]
Program:
"Microsoft Windows Network"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Entry name:
LanmanWorkstation
Program path & name:
"c:\windows\system32\ntlanman.dll"
Enabled: [V]
Program:
"Web Client Network"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order
Entry name:
webclient
Program path & name:
"c:\windows\system32\davclnt.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [TCP/IP]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [UDP/IP]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [RAW/IP]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [TCP/IPv6]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [UDP/IPv6]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
MSAFD Tcpip [RAW/IPv6]
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
RSVP TCPv6 Service Provider
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
RSVP TCP Service Provider
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
RSVP UDPv6 Service Provider
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"Microsoft Windows Sockets 2.0 Service Provider"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
Entry name:
RSVP UDP Service Provider
Program path & name:
"c:\windows\system32\mswsock.dll"
Enabled: [V]
Program:
"RDP Clip Monitor"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
Entry name:
rdpclip
Program path & name:
"c:\windows\system32\rdpclip.exe"
Enabled: [V]
Program:
"Userinit Logon Application"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
Entry name:
C:\Windows\system32\userinit.exe
Program path & name:
"c:\windows\system32\userinit.exe"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
Entry name:
C:\Users\Mads\AppData\Roaming\pluginwin\pluginwin.exe
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
"Sandbox r3 hooks for virtual processes"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\sbhook64.dll"
Enabled: [V]
Program:
"Kaspersky OE plugin loader"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\kloehk.dll"
Enabled: [V]
Program:
"Mozilla 3 Virtual Keyboard"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\mzvkbd3.dll"
Enabled: [V]
Program:
"Sandbox r3 hooks for virtual processes"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls
Entry name:
C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\sbhook.dll"
Enabled: [V]
Program:
"COM+ Configuration Catalog"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
clbcatq
Program path & name:
"c:\windows\syswow64\clbcatq.dll"
Enabled: [V]
Program:
"Microsoft OLE for Windows"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
ole32
Program path & name:
"c:\windows\syswow64\ole32.dll"
Enabled: [V]
Program:
"Advanced Windows 32 Base API"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
advapi32
Program path & name:
"c:\windows\syswow64\advapi32.dll"
Enabled: [V]
Program:
"Common Dialogs DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
COMDLG32
Program path & name:
"c:\windows\syswow64\comdlg32.dll"
Enabled: [V]
Program:
"GDI Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
gdi32
Program path & name:
"c:\windows\syswow64\gdi32.dll"
Enabled: [V]
Program:
"Run time utility for Internet Explorer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IERTUTIL
Program path & name:
"c:\windows\syswow64\iertutil.dll"
Enabled: [V]
Program:
"Windows NT Image Helper"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IMAGEHLP
Program path & name:
"c:\windows\syswow64\imagehlp.dll"
Enabled: [V]
Program:
"Multi-User Windows IMM32 API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IMM32
Program path & name:
"c:\windows\syswow64\imm32.dll"
Enabled: [V]
Program:
"Windows NT BASE API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
kernel32
Program path & name:
"c:\windows\syswow64\kernel32.dll"
Enabled: [V]
Program:
"Language Pack"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
LPK
Program path & name:
"c:\windows\syswow64\lpk.dll"
Enabled: [V]
Program:
"MSCTF Server DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
MSCTF
Program path & name:
"c:\windows\syswow64\msctf.dll"
Enabled: [V]
Program:
"Windows NT CRT DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
MSVCRT
Program path & name:
"c:\windows\syswow64\msvcrt.dll"
Enabled: [V]
Program:
"Unicode Normalization DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
NORMALIZ
Program path & name:
"c:\windows\syswow64\normaliz.dll"
Enabled: [V]
Program:
"NSI User-mode interface DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
NSI
Program path & name:
"c:\windows\syswow64\nsi.dll"
Enabled: [V]
Program:
N/A
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
OLEAUT32
Program path & name:
"c:\windows\syswow64\oleaut32.dll"
Enabled: [V]
Program:
"Process Status Helper"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
PSAPI
Program path & name:
"c:\windows\syswow64\psapi.dll"
Enabled: [V]
Program:
"Remote Procedure Call Runtime"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
rpcrt4
Program path & name:
"c:\windows\syswow64\rpcrt4.dll"
Enabled: [V]
Program:
"Host for SCM/SDDL/LSA Lookup APIs"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
sechost
Program path & name:
"c:\windows\syswow64\sechost.dll"
Enabled: [V]
Program:
"Windows Setup API"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
Setupapi
Program path & name:
"c:\windows\syswow64\setupapi.dll"
Enabled: [V]
Program:
"Windows Shell Common Dll"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
SHELL32
Program path & name:
"c:\windows\syswow64\shell32.dll"
Enabled: [V]
Program:
"Shell Light-weight Utility Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
SHLWAPI
Program path & name:
"c:\windows\syswow64\shlwapi.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
URLMON
Program path & name:
"c:\windows\syswow64\urlmon.dll"
Enabled: [V]
Program:
"Multi-User Windows USER API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
user32
Program path & name:
"c:\windows\syswow64\user32.dll"
Enabled: [V]
Program:
"Uniscribe Unicode script processor"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
USP10
Program path & name:
"c:\windows\syswow64\usp10.dll"
Enabled: [V]
Program:
"Internet Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WININET
Program path & name:
"c:\windows\syswow64\wininet.dll"
Enabled: [V]
Program:
"Win32 LDAP API DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WLDAP32
Program path & name:
"c:\windows\syswow64\wldap32.dll"
Enabled: [V]
Program:
"Windows Socket 2.0 32-Bit DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WS2_32
Program path & name:
"c:\windows\syswow64\ws2_32.dll"
Enabled: [V]
Program:
"Driver Install Frameworks for API library module"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
DifxApi
Program path & name:
"c:\windows\syswow64\difxapi.dll"
Enabled: [V]
Program:
"COM+ Configuration Catalog"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
clbcatq
Program path & name:
"c:\windows\system32\clbcatq.dll"
Enabled: [V]
Program:
"Microsoft OLE for Windows"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
ole32
Program path & name:
"c:\windows\system32\ole32.dll"
Enabled: [V]
Program:
"Advanced Windows 32 Base API"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
advapi32
Program path & name:
"c:\windows\system32\advapi32.dll"
Enabled: [V]
Program:
"Common Dialogs DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
COMDLG32
Program path & name:
"c:\windows\system32\comdlg32.dll"
Enabled: [V]
Program:
"GDI Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
gdi32
Program path & name:
"c:\windows\system32\gdi32.dll"
Enabled: [V]
Program:
"Run time utility for Internet Explorer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IERTUTIL
Program path & name:
"c:\windows\system32\iertutil.dll"
Enabled: [V]
Program:
"Windows NT Image Helper"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IMAGEHLP
Program path & name:
"c:\windows\system32\imagehlp.dll"
Enabled: [V]
Program:
"Multi-User Windows IMM32 API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
IMM32
Program path & name:
"c:\windows\system32\imm32.dll"
Enabled: [V]
Program:
"Windows NT BASE API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
kernel32
Program path & name:
"c:\windows\system32\kernel32.dll"
Enabled: [V]
Program:
"Language Pack"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
LPK
Program path & name:
"c:\windows\system32\lpk.dll"
Enabled: [V]
Program:
"MSCTF Server DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
MSCTF
Program path & name:
"c:\windows\system32\msctf.dll"
Enabled: [V]
Program:
"Windows NT CRT DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
MSVCRT
Program path & name:
"c:\windows\system32\msvcrt.dll"
Enabled: [V]
Program:
"Unicode Normalization DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
NORMALIZ
Program path & name:
"c:\windows\system32\normaliz.dll"
Enabled: [V]
Program:
"NSI User-mode interface DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
NSI
Program path & name:
"c:\windows\system32\nsi.dll"
Enabled: [V]
Program:
N/A
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
OLEAUT32
Program path & name:
"c:\windows\system32\oleaut32.dll"
Enabled: [V]
Program:
"Process Status Helper"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
PSAPI
Program path & name:
"c:\windows\system32\psapi.dll"
Enabled: [V]
Program:
"Remote Procedure Call Runtime"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
rpcrt4
Program path & name:
"c:\windows\system32\rpcrt4.dll"
Enabled: [V]
Program:
"Host for SCM/SDDL/LSA Lookup APIs"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
sechost
Program path & name:
"c:\windows\system32\sechost.dll"
Enabled: [V]
Program:
"Windows Setup API"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
Setupapi
Program path & name:
"c:\windows\system32\setupapi.dll"
Enabled: [V]
Program:
"Windows Shell Common Dll"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
SHELL32
Program path & name:
"c:\windows\system32\shell32.dll"
Enabled: [V]
Program:
"Shell Light-weight Utility Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
SHLWAPI
Program path & name:
"c:\windows\system32\shlwapi.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
URLMON
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"Multi-User Windows USER API Client DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
user32
Program path & name:
"c:\windows\system32\user32.dll"
Enabled: [V]
Program:
"Uniscribe Unicode script processor"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
USP10
Program path & name:
"c:\windows\system32\usp10.dll"
Enabled: [V]
Program:
"Internet Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WININET
Program path & name:
"c:\windows\system32\wininet.dll"
Enabled: [V]
Program:
"Win32 LDAP API DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WLDAP32
Program path & name:
"c:\windows\system32\wldap32.dll"
Enabled: [V]
Program:
"Windows Socket 2.0 32-Bit DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
WS2_32
Program path & name:
"c:\windows\system32\ws2_32.dll"
Enabled: [V]
Program:
"Driver Install Frameworks for API library module"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
Entry name:
DifxApi
Program path & name:
"c:\windows\system32\difxapi.dll"
Enabled: [V]
Program:
"Windows Explorer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
Entry name:
explorer.exe
Program path & name:
"c:\windows\explorer.exe"
Enabled: [V]
Program:
"Event Monitor User Notification Tool"
Publisher:
"(Not verified) Intel Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
IAAnotif
Program path & name:
"c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
Enabled: [V]
Program:
"NVIDIA Display Properties Extension"
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
NvCplDaemon
Program path & name:
"c:\windows\system32\nvcpl.dll"
Enabled: [V]
Program:
"CameraMonitor Application"
Publisher:
"(Not verified) Sonix"
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
snp2std
Program path & name:
"c:\windows\vsnp2std.exe"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
pluginwin
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
"Logitech GamePanel Agent"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Launch LgDevAgt
Program path & name:
"c:\program files\logitech\gamepanel software\lgdevagt.exe"
Enabled: [V]
Program:
"Logitech LCD Manager"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Launch LCDMon
Program path & name:
"c:\program files\logitech\gamepanel software\lcd manager\lcdmon.exe"
Enabled: [V]
Program:
"Logitech G-series Profiler"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Launch LGDCore
Program path & name:
"c:\program files\logitech\gamepanel software\g-series software\lgdcore.exe"
Enabled: [V]
Program:
"Logitech KHAL Main Process"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
Kernel and Hardware Abstraction Layer
Program path & name:
"c:\windows\khalmnpr.exe"
Enabled: [V]
Program:
"Kbd Stub"
Publisher:
"(Not verified) Microsoft"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
KBD
Program path & name:
"c:\program files (x86)\hewlett-packard\kbd\kbdstub.exe"
Enabled: [V]
Program:
"Adobe Acrobat SpeedLauncher"
Publisher:
"(Not verified) Adobe Systems Incorporated"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
Adobe Reader Speed Launcher
Program path & name:
"c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
Enabled: [V]
Program:
"Adobe Reader and Acrobat Manager"
Publisher:
"(Not verified) Adobe Systems Incorporated"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
Adobe ARM
Program path & name:
"c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
Enabled: [V]
Program:
"Java(TM) Platform SE binary"
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
SunJavaUpdateSched
Program path & name:
"c:\program files (x86)\java\jre6\bin\jusched.exe"
Enabled: [V]
Program:
"AMD Dual-Core Optimizer"
Publisher:
"(Not verified) AMD"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
amd_dc_opt
Program path & name:
"c:\program files (x86)\amd\dual-core optimizer\amd_dc_opt.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
tsnp2std
Program path & name:
File not found: C:\Windows\tsnp2std.exe"
Enabled: [V]
Program:
"Host Process for Windows Services"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
Svchost
Program path & name:
"c:\windows\system32\svchost.exe"
Enabled: [V]
Program:
N/A
Publisher:
"(Not verified) "
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
Svcger.exe
Program path & name:
"c:\windows\system32\svchoewst.exe"
Enabled: [V]
Program:
"Host Process for Windows Services"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
svchost.exe
Program path & name:
"c:\windows\system32\svchost.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
raidhost
Program path & name:
File not found: raidhost.exe"
Enabled: [V]
Program:
"Kaspersky Anti-Virus"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
AVP
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\avp.exe"
Enabled: [V]
Program:
"Hardware Diagnostic Tools Profiler"
Publisher:
"(Not verified) PC-Doctor Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Entry name:
PCDrProfiler
Program path & name:
"c:\program files\pc-doctor for windows\runprofiler.exe"
Enabled: [V]
Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/octet-stream
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]
Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-complus
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]
Program:
"Microsoft .NET Runtime Execution Engine"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
application/x-msdownload
Program path & name:
"c:\windows\system32\mscoree.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
deflate
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Filter
Entry name:
gzip
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"Microsoft (R) HTML Viewer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
about
Program path & name:
"c:\windows\system32\mshtml.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
cdl
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"ActiveX control for streaming video"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
dvd
Program path & name:
"c:\windows\system32\msvidctl.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
file
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
ftp
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
http
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
https
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"Microsoft® InfoTech Storage System Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
its
Program path & name:
"c:\windows\system32\itss.dll"
Enabled: [V]
Program:
"Microsoft (R) HTML Viewer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
javascript
Program path & name:
"c:\windows\system32\mshtml.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
local
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"Microsoft (R) HTML Viewer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
mailto
Program path & name:
"c:\windows\system32\mshtml.dll"
Enabled: [V]
Program:
"Microsoft Internet Messaging API Resources"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
mhtml
Program path & name:
"c:\windows\system32\inetcomm.dll"
Enabled: [V]
Program:
"OLE32 Extensions for Win32"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
mk
Program path & name:
"c:\windows\system32\urlmon.dll"
Enabled: [V]
Program:
"Microsoft® InfoTech Storage System Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
ms-its
Program path & name:
"c:\windows\system32\itss.dll"
Enabled: [V]
Program:
"Microsoft (R) HTML Viewer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
res
Program path & name:
"c:\windows\system32\mshtml.dll"
Enabled: [V]
Program:
"ActiveX control for streaming video"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
tv
Program path & name:
"c:\windows\system32\msvidctl.dll"
Enabled: [V]
Program:
"Microsoft (R) HTML Viewer"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Classes\Protocols\Handler
Entry name:
vbscript
Program path & name:
"c:\windows\system32\mshtml.dll"
Enabled: [V]
Program:
"Microsoft Windows Media Player Setup Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Microsoft Windows Media Player
Program path & name:
"c:\windows\system32\unregmp2.exe"
Enabled: [V]
Program:
"IE Per-User Initialization Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Internet Explorer
Program path & name:
"c:\windows\system32\ie4uinit.exe"
Enabled: [V]
Program:
"IEAK branding"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Browser Customizations
Program path & name:
"c:\windows\system32\iedkcs32.dll"
Enabled: [V]
Program:
"Microsoft(C) Register Server"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Themes Setup
Program path & name:
"c:\windows\system32\regsvr32.exe"
Enabled: [V]
Program:
"Windows Mail"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Microsoft Windows
Program path & name:
"c:\program files (x86)\windows mail\winmail.exe"
Enabled: [V]
Program:
"Microsoft Windows Media Player Setup Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Microsoft Windows Media Player
Program path & name:
"c:\windows\system32\unregmp2.exe"
Enabled: [V]
Program:
"Microsoft(C) Register Server"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Windows Desktop Update
Program path & name:
"c:\windows\system32\regsvr32.exe"
Enabled: [V]
Program:
"IE Per-User Initialization Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
Web Platform Customizations
Program path & name:
"c:\windows\system32\ie4uinit.exe"
Enabled: [V]
Program:
"Microsoft .NET IE SECURITY REGISTRATION"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Entry name:
n/a
Program path & name:
"c:\windows\system32\mscories.dll"
Enabled: [V]
Program:
"Microsoft Windows Media Player Setup Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Microsoft Windows Media Player
Program path & name:
"c:\windows\syswow64\unregmp2.exe"
Enabled: [V]
Program:
"IE Per-User Initialization Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Internet Explorer
Program path & name:
"c:\windows\syswow64\ie4uinit.exe"
Enabled: [V]
Program:
"IEAK branding"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Browser Customizations
Program path & name:
"c:\windows\syswow64\iedkcs32.dll"
Enabled: [V]
Program:
"Microsoft(C) Register Server"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Themes Setup
Program path & name:
"c:\windows\syswow64\regsvr32.exe"
Enabled: [V]
Program:
"Microsoft Windows Media Player Setup Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Microsoft Windows Media Player
Program path & name:
"c:\windows\syswow64\unregmp2.exe"
Enabled: [V]
Program:
"Microsoft(C) Register Server"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Windows Desktop Update
Program path & name:
"c:\windows\syswow64\regsvr32.exe"
Enabled: [V]
Program:
"IE Per-User Initialization Utility"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
Web Platform Customizations
Program path & name:
"c:\windows\syswow64\ie4uinit.exe"
Enabled: [V]
Program:
"Microsoft .NET IE SECURITY REGISTRATION"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
Entry name:
n/a
Program path & name:
"c:\windows\syswow64\mscories.dll"
Enabled: [V]
Program:
" "
Publisher:
N/A
Entry path:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
est2.exe
Program path & name:
c:\programdata\microsoft\windows\start menu\programs\startup\est2.exe"
Enabled: [V]
Program:
"Logitech SetPoint Event Manager (UNICODE)"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
Logitech SetPoint.lnk
Program path & name:
"c:\program files\logitech\setpoint\setpoint.exe"
Enabled: [V]
Program:
"Product Registration"
Publisher:
"(Not verified) Leader Technologies/Logitech"
Entry path:
C:\Users\Mads\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
Logitech . Produktregistrering.lnk
Program path & name:
"c:\program files (x86)\common files\logishrd\ereg\setpoint\ereg.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Entry name:
WebCheck
Program path & name:
File not found: CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Entry name:
WebCheck
Program path & name:
File not found: CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32"
Enabled: [V]
Program:
"µTorrent"
Publisher:
"(Not verified) BitTorrent Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
uTorrent
Program path & name:
"c:\program files (x86)\utorrent\utorrent.exe"
Enabled: [V]
Program:
"Windows Live Messenger"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
msnmsgr
Program path & name:
"c:\program files (x86)\windows live\messenger\msnmsgr.exe"
Enabled: [V]
Program:
"Skype "
Publisher:
"(Not verified) Skype Technologies S.A."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Skype
Program path & name:
"c:\program files (x86)\skype\phone\skype.exe"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
pluginwin
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Not verified) Google Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\users\mads\appdata\local\google\update\googleupdate.exe"
Enabled: [V]
Program:
"System settings protector"
Publisher:
"(Not verified) Safer-Networking Ltd."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
SpybotSD TeaTimer
Program path & name:
"c:\program files (x86)\spybot - search & destroy\teatimer.exe"
Enabled: [V]
Program:
"IE Virtual Keyboard"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
IEVkbdBHO Class
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\ievkbd.dll"
Enabled: [V]
Program:
"WebToolBar component"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
FilterBHO Class
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\x64\klwtbbho.dll"
Enabled: [V]
Program:
"Adobe PDF Helper for Internet Explorer"
Publisher:
"(Not verified) Adobe Systems Incorporated"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
Adobe PDF Link Helper
Program path & name:
"c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
Enabled: [V]
Program:
"SBSD IE Protection"
Publisher:
"(Not verified) Safer Networking Limited"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
Spybot-S&D IE Protection
Program path & name:
"c:\program files (x86)\spybot - search & destroy\sdhelper.dll"
Enabled: [V]
Program:
"IE Virtual Keyboard"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
IEVkbdBHO Class
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\ievkbd.dll"
Enabled: [V]
Program:
"WindowsLiveLogin.dll"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
Påloggingshjelp for Windows Live
Program path & name:
"c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
Enabled: [V]
Program:
"Java(TM) Platform SE binary"
Publisher:
"(Not verified) Sun Microsystems Inc."
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
Java(tm) Plug-In 2 SSV Helper
Program path & name:
"c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
Enabled: [V]
Program:
"WebToolBar component"
Publisher:
"(Not verified) Kaspersky Lab"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
Entry name:
FilterBHO Class
Program path & name:
"c:\program files (x86)\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll"
Enabled: [V]
Program:
"Shell Doc Object and Control Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
shdocvw.dll
Program path & name:
"c:\windows\system32\shdocvw.dll"
Enabled: [V]
Program:
"Media Foundation DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
MF ADTS Property Handler
Program path & name:
"c:\windows\system32\mf.dll"
Enabled: [V]
Program:
"NVIDIA Display Properties Extension"
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
NvCpl DesktopContext Class
Program path & name:
"c:\windows\system32\nvcpl.dll"
Enabled: [V]
Program:
N/A
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
NVIDIA Play On My TV Context Menu Extension
Program path & name:
"c:\windows\system32\nvshext.dll"
Enabled: [V]
Program:
"7-Zip Shell Extension"
Publisher:
"(Not verified) Igor Pavlov"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
7-Zip Shell Extension
Program path & name:
"c:\program files\7-zip\7-zip.dll"
Enabled: [V]
Program:
"NVIDIA Display Properties Extension"
Publisher:
"(Not verified) NVIDIA Corporation"
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
Play on my TV helper
Program path & name:
"c:\windows\system32\nvcpl.dll"
Enabled: [V]
Program:
"Logitech SetPoint Event Manager"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
Logitech Setpoint Extension
Program path & name:
"c:\program files\logitech\setpoint\kbcplext.dll"
Enabled: [V]
Program:
"Logitech SetPoint Event Manager"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
Logitech Setpoint Extension
Program path & name:
"c:\program files\logitech\setpoint\mcplext.dll"
Enabled: [V]
Program:
"Shell Doc Object and Control Library"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
shdocvw.dll
Program path & name:
"c:\windows\system32\shdocvw.dll"
Enabled: [V]
Program:
"Media Foundation DLL"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
MF ADTS Property Handler
Program path & name:
"c:\windows\system32\mf.dll"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Entry name:
blue.shell
Program path & name:
c:\program files (x86)\pinnacle\studio 12\programs\blueshellext.dll"
Enabled: [V]
Program:
"PDF Shell Extension"
Publisher:
"(Not verified) Adobe Systems Inc."
Entry path:
HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers
Entry name:
PDF Shell Extension
Program path & name:
"c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
Enabled: [V]
Program:
"Internet Browser"
Publisher:
"(Not verified) Microsoft Corporation"
Entry path:
HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks
Entry name:
ieframe.dll
Program path & name:
"c:\windows\system32\ieframe.dll"
Enabled: [V]
|
|
|
|
|
21-02-10, 23:58
|
#7 |
|
Junior Member
Join Date: Feb 2008
Location: преисподняя
Posts: 18,792
|
I'm just taking a stab here, but have you considered getting yourself a quality anti-virus program? Usually they come standard with any computer.
|
|
|
|
|
22-02-10, 00:47
|
#8 |
|
Tomb Raider
Join Date: Nov 2006
Posts: 10,078
|
Actually, i haven't had any antivirussoftware until now.
|
|
|
|
|
22-02-10, 10:58
|
#9 |
|
Tomb Raider
Join Date: Dec 2007
Location: Armenia
Posts: 15,844
|
hows it going Mads, any luck with Spybot
did your comp get rid of all the viruses and such
__________________
❒Single ❒Taken ☑Tekken |
|
|
|
|
22-02-10, 11:30
|
#10 |
|
Moderator
Join Date: Jan 2005
Location: Russia
Posts: 48,537
|
 Mads1. Download Autoruns. 2. Reboot your PC in Safe mode, disconnect the network cable. 3. Run Autoruns and kill the following entries: Code:
Program:
"Holder Google-programvaren oppdatert. Hvis denne tjenesten deaktiveres eller stoppes
Publisher:
vil ikke Google-programvaren holdes oppdatert. Dette kan føre til at sikkerhetstrusler som oppstår ikke kan utbedres og at enkelte funksjoner ikke vil fungere. Denne tjenesten avinstallerer seg selv når den ikke blir brukt av en Google-programvare."
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
gupdate
Program path & name:
"(Not verified) Google Inc.""c:\program files (x86)\google\update\googleupdate.exe"
Enabled: [V]
Program:
"Protection against spyware and potentially unwanted software"
Publisher:
N/A
Entry path:
HKLM\System\CurrentControlSet\Services
Entry name:
WinDefend
Program path & name:
File not found: C:\Program Files (x86)\Windows Defender\mpsvc.dll"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
Entry name:
C:\Users\Mads\AppData\Roaming\pluginwin\pluginwin.exe
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Entry name:
pluginwin
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
tsnp2std
Program path & name:
File not found: C:\Windows\tsnp2std.exe"
Enabled: [V]
Program:
N/A
Publisher:
"(Not verified) "
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
Svcger.exe
Program path & name:
"c:\windows\system32\svchoewst.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Entry name:
raidhost
Program path & name:
File not found: raidhost.exe"
Enabled: [V]
Program:
"Hardware Diagnostic Tools Profiler"
Publisher:
"(Not verified) PC-Doctor Inc."
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Entry name:
PCDrProfiler
Program path & name:
"c:\program files\pc-doctor for windows\runprofiler.exe"
Enabled: [V]
Program:
" "
Publisher:
N/A
Entry path:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
est2.exe
Program path & name:
c:\programdata\microsoft\windows\start menu\programs\startup\est2.exe"
Enabled: [V]
Program:
"Logitech SetPoint Event Manager (UNICODE)"
Publisher:
"(Not verified) Logitech Inc."
Entry path:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
Logitech SetPoint.lnk
Program path & name:
"c:\program files\logitech\setpoint\setpoint.exe"
Enabled: [V]
Program:
"Product Registration"
Publisher:
"(Not verified) Leader Technologies/Logitech"
Entry path:
C:\Users\Mads\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Entry name:
Logitech . Produktregistrering.lnk
Program path & name:
"c:\program files (x86)\common files\logishrd\ereg\setpoint\ereg.exe"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Entry name:
WebCheck
Program path & name:
File not found: CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32"
Enabled: [V]
Program:
N/A
Publisher:
N/A
Entry path:
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Entry name:
WebCheck
Program path & name:
File not found: CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32"
Enabled: [V]
Program:
"pluginwin"
Publisher:
N/A
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
pluginwin
Program path & name:
c:\users\mads\appdata\roaming\pluginwin\pluginwin.exe"
Enabled: [V]
Program:
"Google Installer"
Publisher:
"(Not verified) Google Inc."
Entry path:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Entry name:
Google Update
Program path & name:
"c:\users\mads\appdata\local\google\update\googleupdate.exe"
Enabled: [V]
__________________
R.I.P. Lara Croft - The Phoenix gave birth to a Chicken :mis: |
|
|
|
 |
| Bookmarks |
| Thread Tools | |
|
|
