Vba32 AntiRootKit Log File

GEORGE-HP 18:46:14 15-07-2012
Home Edition SP1.0
AntiVirus checking is OFF
Sign checking is ON
AntiRootKit driver is working in ordinary mode

List of Kernel-Mode Hooks

TypeNumberFunction NameStateBase AddressCurrent AddressDriver
No hooks found

List of Kernel-Mode Notificators

TypeStateCurrent AddressDriver
No notificators installed

List of Driver Input/Output Handler's Hooks (IRP & FastIo)

Driver ObjectHandler NameStateCurrent AddressDriver
No hooks found

List of kernel modules

ModuleFull PathStateDescriptionCompany NameBase AddressModule SizeInformation

List of processes

PIDFull PathStateDescriptionCompany NameInformation

List of autorun objects

NameImage PathStateRegistry PathInformation
Autostart Folders
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnkC:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exeSigned
C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnkC:\PROGRA~2\ERUNT\AUTOBACK.EXE, C:\Program Files (x86)\ERUNT\AUTOBACK.EXE, %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow
C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KatMouse.lnkC:\PROGRA~2\KatMouse\KatMouse.exe, C:\Program Files (x86)\KatMouse\KatMouse.exe
Autostart Keys
RemoveIT Pro v9EntC:\Program Files\RemoveIT Pro 2012 Enterprise\removeit.exeHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Sysinternals DesktopsC:\Users\George\Documents\SysinternalsSuite\Desktops.exeSigned HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Everything"C:\Program Files (x86)\Everything\Everything.exe" -startupHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Norton Online BackupC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exeSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
PDF CompleteC:\Program Files (x86)\PDF Complete\pdfsty.exeSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
StartCCC"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
RemoveIT Pro v9EntC:\Program Files\RemoveIT Pro 2012 Enterprise\removeit.exeHKEY_USERS\S-1-5-21-1768697462-2737597764-3804408366-1000\Software\Microsoft\Windows\CurrentVersion\Run
Sysinternals DesktopsC:\Users\George\Documents\SysinternalsSuite\Desktops.exeSigned HKEY_USERS\S-1-5-21-1768697462-2737597764-3804408366-1000\Software\Microsoft\Windows\CurrentVersion\Run
Windows WinLogon
ShellExplorer.exeSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
UserinitC:\Windows\system32\userinit.exe,Signed HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
VmAppletSystemPropertiesPerformance.exe /pagefileSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Browser Helper Objects
{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
ActiveX
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}%SystemRoot%\system32\unregmp2.exe /ShowWMPSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
>{26923b43-4d38-484f-9b9e-de460746276c}C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfigSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
>{60B49E34-C7CC-11D0-8953-00A0C90347FF}"C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUPSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{2C7339CF-2B09-4501-B3F3-F3508C9228ED}%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dllSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{44BBA840-CC51-11CF-AAFA-00AA00B6015C}"%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOESigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{6BF52A52-394A-11d3-B153-00C04F79FAA6}%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUISigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{89820200-ECBD-11cf-8B85-00AA005B4340}regsvr32.exe /s /n /i:U shell32.dllSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{89820200-ECBD-11cf-8B85-00AA005B4383}C:\Windows\SysWOW64\ie4uinit.exe -BaseSettingsSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
{89B4C1CD-B018-4511-B0A1-5476DBF70820}C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,InstallSigned HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components
WinLogon Notify
{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}wlgpclnt.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}
{25537BA6-77A8-11D2-9B6C-0000F8080861}fdeploy.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{25537BA6-77A8-11D2-9B6C-0000F8080861}
{3610eda5-77ef-11d2-8dc5-00c04fa31a66}%SystemRoot%\System32\dskquota.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{3610eda5-77ef-11d2-8dc5-00c04fa31a66}
{426031c0-0b47-4852-b0ca-ac3d37bfcb39}gptext.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{426031c0-0b47-4852-b0ca-ac3d37bfcb39}
{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}C:\Windows\SysWOW64\iedkcs32.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}
{7933F41E-56F8-41d6-A31C-4148A711EE93}%SystemRoot%\System32\srchadmin.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7933F41E-56F8-41d6-A31C-4148A711EE93}
{7B849a69-220F-451E-B3FE-2CB811AF94AE}C:\Windows\SysWOW64\iedkcs32.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{7B849a69-220F-451E-B3FE-2CB811AF94AE}
{827D319E-6EAC-11D2-A4EA-00C04F79F83A}scecli.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}
{8A28E2C5-8D06-49A4-A08C-632DAA493E17}%systemroot%\system32\gpprnext.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{8A28E2C5-8D06-49A4-A08C-632DAA493E17}
{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}C:\Windows\SysWOW64\iedkcs32.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}
{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}dot3gpclnt.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}C:\Windows\SysWOW64\iedkcs32.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}
{FB2CA36D-0B40-4307-821B-A13B252DE56C}gptext.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{FB2CA36D-0B40-4307-821B-A13B252DE56C}
{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}gptext.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}
{e437bc1c-aa7d-11d2-a382-00c04f991e27}%SystemRoot%\System32\polstore.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{e437bc1c-aa7d-11d2-a382-00c04f991e27}
{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}gptext.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}
Security Providers
SecurityProviderscredssp.dllHKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
Value Run Keys
ProviderPath%SystemRoot%\system32\ntmarta.dllSigned HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider
BootExecuteautocheck autochk *Signed HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
StartupProgramsrdpclipHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd
Shell Service Object Delay Load
WebCheck%Systemroot%\SysWow64\webcheck.dllSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
My Computer (Backup, Cleanup, Defrag utilities)
BackupPath%SystemRoot%\system32\sdclt.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\BackupPath
CleanupPath%SystemRoot%\System32\cleanmgr.exe /D %cSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\CleanupPath
DefragPath%systemroot%\system32\dfrgui.exeSigned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\DefragPath
LSP Providers
MSAFD RfComm [Bluetooth]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [RAW/IP]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [RAW/IPv6]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [TCP/IP]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [TCP/IPv6]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [UDP/IP]%SystemRoot%\system32\mswsock.dllSigned
MSAFD Tcpip [UDP/IPv6]%SystemRoot%\system32\mswsock.dllSigned
RSVP TCP Service Provider%SystemRoot%\system32\mswsock.dllSigned
RSVP TCPv6 Service Provider%SystemRoot%\system32\mswsock.dllSigned
RSVP UDP Service Provider%SystemRoot%\system32\mswsock.dllSigned
RSVP UDPv6 Service Provider%SystemRoot%\system32\mswsock.dllSigned
Shell Spawning
Applications"C:\Program Files (x86)\Internet Explorer\iexplore.exe" % 1Signed HKEY_CLASSES_ROOT\Applications\iexplore.exe\shell\open\command
CLSID"C:\Program Files (x86)\Internet Explorer\iexplore.exe"Signed HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command
Drive%SystemRoot%\Explorer.exeSigned HKEY_CLASSES_ROOT\Drive\shell\find\command
Folder%SystemRoot%\Explorer.exeSigned HKEY_CLASSES_ROOT\Folder\shell\open\command
InternetShortcut"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %lSigned HKEY_CLASSES_ROOT\InternetShortcut\shell\open\command
Unknown%SystemRoot%\SysWow64\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL % 1Signed HKEY_CLASSES_ROOT\Unknown\shell\openas\command
batfile"% 1" %*Signed HKEY_CLASSES_ROOT\batfile\shell\open\command
comfile"% 1" %*Signed HKEY_CLASSES_ROOT\comfile\shell\open\command
cplfile%SystemRoot%\SysWow64\control.exe "% 1",%*Signed HKEY_CLASSES_ROOT\cplfile\shell\cplopen\command
exefile"% 1" %*Signed HKEY_CLASSES_ROOT\exefile\shell\open\command
htafileC:\Windows\SysWOW64\mshta.exe "% 1" %*Signed HKEY_CLASSES_ROOT\htafile\shell\open\command
inffile%SystemRoot%\SysWow64\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 % 1Signed HKEY_CLASSES_ROOT\inffile\shell\install\command
jsefileC:\Windows\System32\WScript.exe "% 1" %*Signed HKEY_CLASSES_ROOT\jsefile\shell\open\command
jsfile%SystemRoot%\SysWow64\WScript.exe "% 1" %*Signed HKEY_CLASSES_ROOT\jsfile\shell\open\command
piffile"% 1" %*Signed HKEY_CLASSES_ROOT\piffile\shell\open\command
regfileregedit.exe "% 1"Signed HKEY_CLASSES_ROOT\regfile\shell\open\command
scrfile"% 1"Signed HKEY_CLASSES_ROOT\scrfile\shell\config\command
scrfile"% 1" /SSigned HKEY_CLASSES_ROOT\scrfile\shell\open\command
txtfile%SystemRoot%\system32\NOTEPAD.EXE % 1Signed HKEY_CLASSES_ROOT\txtfile\shell\open\command
vbefile%SystemRoot%\SysWow64\WScript.exe "% 1" %*Signed HKEY_CLASSES_ROOT\vbefile\shell\open\command
vbsfile%SystemRoot%\SysWow64\WScript.exe "% 1" %*Signed HKEY_CLASSES_ROOT\vbsfile\shell\open\command
wsffile"%SystemRoot%\System32\WScript.exe" "% 1" %*Signed HKEY_CLASSES_ROOT\wsffile\shell\open\command
wshfile"%SystemRoot%\System32\WScript.exe" "% 1" %*Signed HKEY_CLASSES_ROOT\wshfile\shell\open\command

List of Drivers\Services (from Registry)

NameImage PathStateDescriptionGroupInformation
Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALG%SystemRoot%\System32\alg.exe@%SystemRoot%\system32\Alg.exe,-112
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AMD External Events Utility%SystemRoot%\system32\atiesrxx.exeEvent log
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AeLookupSvc%systemroot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\aelupsvc.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppIDSvc%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%systemroot%\system32\appidsvc.dll,-100ProfSvc_Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppMgmt%SystemRoot%\system32\svchost.exe -k netsvcsSigned
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Appinfo%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\appinfo.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioEndpointBuilder%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\audiosrv.dll,-204AudioGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AudioSrv%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\system32\audiosrv.dll,-200AudioGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AxInstSV%SystemRoot%\system32\svchost.exe -k AxInstSVGroupSigned @%SystemRoot%\system32\AxInstSV.dll,-103
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BBSvc"C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"Signed Bing Bar Update Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BBUpdate"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"Signed BBUpdate
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BDESVC%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\bdesvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BFE%systemroot%\system32\svchost.exe -k LocalServiceNoNetworkSigned @%SystemRoot%\system32\bfe.dll,-1001NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS%SystemRoot%\system32\svchost.exe -k netsvcsSigned Background Intelligent Transfer Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\browser.dll,-100NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COMSysApp%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}Signed @comres.dll,-947
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertPropSvc%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\certprop.dll,-11
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CryptSvc%SystemRoot%\system32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\system32\cryptsvc.dll,-1001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DPS%SystemRoot%\System32\svchost.exe -k LocalServiceNoNetworkSigned @%systemroot%\system32\dps.dll,-500
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch%SystemRoot%\system32\svchost.exe -k DcomLaunchSigned @oleres.dll,-5012COM Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp%SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\system32\dhcpcore.dll,-100TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache%SystemRoot%\system32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\System32\dnsapi.dll,-101TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EFS%SystemRoot%\System32\lsass.exe@%SystemRoot%\system32\efssvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EapHost%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%systemroot%\system32\eapsvc.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventSystem%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @comres.dll,-2450
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FDResPub%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%systemroot%\system32\fdrespub.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FLEXnet Licensing Service"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"Signed FLEXnet Licensing Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fax%systemroot%\system32\fxssvc.exe@%systemroot%\system32\fxsresm.dll,-118
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%systemroot%\system32\FntCache.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache3.0.0.0%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeSigned @%SystemRoot%\system32\PresentationHost.exe,-3309
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HPAuto"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"Signed HP Auto
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HPClientSvc"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"Signed HP Client Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HomeGroupListener%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned HomeGroup Listener
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HomeGroupProvider%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestrictedSigned HomeGroup Provider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IKEEXT%systemroot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\ikeext.dll,-501
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPBusEnum%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%systemroot%\system32\IPBusEnum.dll,-102
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KeyIso%SystemRoot%\system32\lsass.exe@keyiso.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KtmRm%SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonationSigned @comres.dll,-2946
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\srvsvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned WorkstationNetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MMCSS%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\mmcss.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSDTC%SystemRoot%\System32\msdtc.exe@comres.dll,-2797
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSiSCSI%systemroot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\iscsidsc.dll,-5000iSCSI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mcx2Svc%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\ehome\ehres.dll,-15501
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpsSvc%SystemRoot%\system32\svchost.exe -k LocalServiceNoNetworkSigned @%SystemRoot%\system32\FirewallAPI.dll,-23090NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsMpSvc"C:\Program Files\Microsoft Security Client\MsMpEng.exe"Signed Microsoft Antimalware ServiceCOM Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NOBU"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICESigned Norton Online Backup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetMsmqActivator"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivatorSigned @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetPipeActivatorC:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exeSigned @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetTcpActivatorC:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exeSigned @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetTcpPortSharingC:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exeSigned @C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8201
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon%SystemRoot%\system32\lsass.exe@%SystemRoot%\System32\netlogon.dll,-102MS_WindowsRemoteValidation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netman%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\netman.dll,-109
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NisSrv"C:\Program Files\Microsoft Security Client\NisSrv.exe"Signed @C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\System32\nlasvc.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PNRPAutoReg%SystemRoot%\System32\svchost.exe -k LocalServicePeerNetSigned @%SystemRoot%\system32\pnrpauto.dll,-8002
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PNRPsvc%SystemRoot%\System32\svchost.exe -k LocalServicePeerNetSigned @%SystemRoot%\system32\pnrpsvc.dll,-8000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PcaSvc%systemroot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\pcasvc.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfHost%SystemRoot%\SysWow64\perfhost.exeSigned @%systemroot%\sysWow64\perfhost.exe,-2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PlugPlay%SystemRoot%\system32\svchost.exe -k DcomLaunchSigned @%SystemRoot%\system32\umpnpmgr.dll,-100PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent%SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestrictedSigned @%SystemRoot%\System32\polstore.dll,-5010
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Power%SystemRoot%\system32\svchost.exe -k DcomLaunchSigned @%SystemRoot%\system32\umpo.dll,-100Plugplay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProfSvc%systemroot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\profsvc.dll,-300profsvc_group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ProtectedStorage%SystemRoot%\system32\lsass.exe@%systemroot%\system32\psbase.dll,-300
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QWAVE%windir%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\system32\qwave.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAuto%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%Systemroot%\system32\rasauto.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%Systemroot%\system32\rasmans.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%Systemroot%\system32\mprdim.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry%SystemRoot%\system32\svchost.exe -k regsvcSigned @regsvc.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcEptMapper%SystemRoot%\system32\svchost.exe -k RPCSSSigned @%windir%\system32\RpcEpMap.dll,-1001COM Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcLocator%SystemRoot%\system32\locator.exe@%systemroot%\system32\Locator.exe,-2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs%SystemRoot%\system32\svchost.exe -k rpcssSigned @oleres.dll,-5010COM Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCPolicySvc%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\certprop.dll,-13
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCardSvr%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\System32\SCardSvr.dll,-1SmartCardGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SDRSVC%SystemRoot%\system32\svchost.exe -k SDRSVCSigned @%SystemRoot%\system32\sdrsvc.dll,-107
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SENS%SystemRoot%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\Sens.dll,-200ProfSvc_Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNMPTRAP%SystemRoot%\System32\snmptrap.exe@%SystemRoot%\system32\snmptrap.exe,-3
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%systemroot%\system32\ssdpsrv.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SamSs%SystemRoot%\system32\lsass.exe@%SystemRoot%\system32\samsrv.dll,-1MS_WindowsLocalValidation
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\schedsvc.dll,-100SchedulerGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SensrSvc%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\System32\sensrsvc.dll,-1000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SessionEnv%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\SessEnv.dll,-1026
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\ipnathlp.dll,-106
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ShellHWDetection%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\shsvcs.dll,-12288ShellSvcGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SstpSvc%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\sstpsvc.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysMain%systemroot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\sysmain.dll,-1000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TBS%SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\system32\tbssvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\THREADORDER%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%systemroot%\system32\mmcss.dll,-102
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TabletInputService%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\TabSvc.dll,-100PlugPlay
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TapiSrv%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\system32\tapisrv.dll,-10100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\System32\termsrv.dll,-268
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\themeservice.dll,-8192ProfSvc_Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrkWks%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\trkwks.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TrustedInstaller%SystemRoot%\servicing\TrustedInstaller.exeSigned @%SystemRoot%\servicing\TrustedInstaller.exe,-100ProfSvc_Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UxSms%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\dwm.exe,-2000UIGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS%systemroot%\system32\vssvc.exe@%systemroot%\system32\vssvc.exe,-102
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VaultSvc%SystemRoot%\system32\lsass.exe@%SystemRoot%\system32\vaultsvc.dll,-1003
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\w32time.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WMPNetworkSvc"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WPCSvc%SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\system32\wpcsvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WPDBusEnum%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\wpdbusenum.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSearch%systemroot%\system32\SearchIndexer.exe /EmbeddingSigned @%systemroot%\system32\SearchIndexer.exe,-103
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WatAdminSvc%SystemRoot%\system32\Wat\WatAdminSvc.exe@%SystemRoot%\system32\Wat\WatUX.exe,-601
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WbioSrvc%SystemRoot%\system32\svchost.exe -k WbioSvcGroupSigned @%systemroot%\system32\wbiosrvc.dll,-100SmartCardGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WcsPlugInService%SystemRoot%\system32\svchost.exe -k wcssvcSigned @%SystemRoot%\system32\WcsPlugInService.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdiServiceHost%SystemRoot%\System32\svchost.exe -k LocalServiceSigned @%systemroot%\system32\wdi.dll,-502
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdiSystemHost%SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%systemroot%\system32\wdi.dll,-500
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%systemroot%\system32\webclnt.dll,-100NetworkProvider
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wecsvc%SystemRoot%\system32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\system32\wecsvc.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WerSvc%SystemRoot%\System32\svchost.exe -k WerSvcGroupSigned @%SystemRoot%\System32\wersvc.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\winhttp.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinRM%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned @%Systemroot%\system32\wsmsvc.dll,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winmgmt%systemroot%\system32\svchost.exe -k netsvcsSigned @%Systemroot%\system32\wbem\wmisvc.dll,-205
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wlansvc%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\System32\wlansvc.dll,-257TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WwanSvc%SystemRoot%\system32\svchost.exe -k LocalServiceNoNetworkSigned @%SystemRoot%\System32\wwansvc.dll,-257TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aspnet_state%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exeSigned ASP.NET State Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bthserv%SystemRoot%\system32\svchost.exe -k bthsvcsSigned @%SystemRoot%\System32\bthserv.dll,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwdinsc:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exeSigned Bluetooth Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_32%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exeSigned Microsoft .NET Framework NGEN v2.0.50727_X86
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_64%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exeSigned Microsoft .NET Framework NGEN v2.0.50727_X64
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v4.0.30319_32C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeSigned Microsoft .NET Framework NGEN v4.0.30319_X86
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v4.0.30319_64C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exeSigned Microsoft .NET Framework NGEN v4.0.30319_X64
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defragsvc%SystemRoot%\system32\svchost.exe -k defragsvcSigned @%SystemRoot%\system32\defragsvc.dll,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dot3svc%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned Wired AutoConfigTDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehRecvr%systemroot%\ehome\ehRecvr.exeSigned @%SystemRoot%\ehome\ehrecvr.exe,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ehSched%systemroot%\ehome\ehsched.exeSigned @%SystemRoot%\ehome\ehsched.exe,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\system32\wevtsvc.dll,-200Event Log
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fdPHost%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%systemroot%\system32\fdPHost.dll,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gpsvc%systemroot%\system32\svchost.exe -k netsvcsSigned @gpapi.dll,-112ProfSvc_Group
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hidserv%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\System32\hidserv.dll,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hkmsvc%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\kmsvc.dll,-6
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hpqwmiex"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"HP Software Framework Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\idsvc"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"Signed @%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iphlpsvc%SystemRoot%\System32\svchost.exe -k NetSvcsSigned @%SystemRoot%\system32\iphlpsvc.dll,-500
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lltdsvc%SystemRoot%\System32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\lltdres.dll,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lmhosts%SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\system32\lmhsvc.dll,-101TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msiserver%systemroot%\system32\msiexec.exe /VSigned @%SystemRoot%\system32\msimsg.dll,-27
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\napagent%SystemRoot%\System32\svchost.exe -k NetworkServiceSigned @%SystemRoot%\system32\qagentrt.dll,-6
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netprofm%SystemRoot%\System32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\netprofm.dll,-202
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nsi%systemroot%\system32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\nsisvc.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\p2pimsvc%SystemRoot%\System32\svchost.exe -k LocalServicePeerNetSigned @%SystemRoot%\system32\pnrpsvc.dll,-8004
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\p2psvc%SystemRoot%\System32\svchost.exe -k LocalServicePeerNetSigned @%SystemRoot%\system32\p2psvc.dll,-8006
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pdfcDispatcherC:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcServiceSigned PDF Document Manager
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pla%SystemRoot%\System32\svchost.exe -k LocalServiceNoNetworkSigned @%systemroot%\system32\pla.dll,-500
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon%windir%\system32\svchost.exe -k netsvcsSigned @%SystemRoot%\system32\seclogon.dll,-7001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sppsvc%SystemRoot%\system32\sppsvc.exe@%SystemRoot%\system32\sppsvc.exe,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sppuinotify%SystemRoot%\system32\svchost.exe -k LocalServiceSigned @%SystemRoot%\system32\sppuinotify.dll,-103
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc%SystemRoot%\system32\svchost.exe -k imgsvcSigned @%SystemRoot%\system32\wiaservc.dll,-9
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swprv%SystemRoot%\System32\svchost.exe -k swprvSigned @%SystemRoot%\System32\swprv.dll,-103
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\upnphost%SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%systemroot%\system32\upnphost.dll,-213
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vds%SystemRoot%\System32\vds.exe@%SystemRoot%\system32\vds.exe,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wbengine"%systemroot%\system32\wbengine.exe"Block Level Backup Engine Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wcncsvc%SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonationSigned @%SystemRoot%\system32\wcncsvc.dll,-3
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wercplsupport%SystemRoot%\System32\svchost.exe -k netsvcsSigned @%SystemRoot%\System32\wercplsupport.dll,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wlcrasvc"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"Signed Windows Live Mesh remote connections service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wlidsvc"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"Signed Windows Live ID Sign-in Assistant
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wmiApSrv%systemroot%\system32\wbem\WmiApSrv.exe@%Systemroot%\system32\wbem\wmiapsrv.exe,-110
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestrictedSigned @%SystemRoot%\System32\wscsvc.dll,-200
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv%systemroot%\system32\svchost.exe -k netsvcsSigned @%systemroot%\system32\wuaueng.dll,-105
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wudfsvc%SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestrictedSigned @%SystemRoot%\system32\wudfsvc.dll,-1000PlugPlay
Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\1394ohci\SystemRoot\system32\drivers\1394ohci.sys1394 OHCI Compliant Host Controller
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\A2DDA\??\C:\Users\George\Documents\EmsisoftEmergencyKit\Run\a2ddax64.sysSigned A2 Direct Disk Access Support Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ACPIsystem32\drivers\ACPI.sysMicrosoft ACPI DriverBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AFD\SystemRoot\system32\drivers\afd.sys@%systemroot%\system32\drivers\afd.sys,-1000PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AcpiPmi\SystemRoot\system32\drivers\acpipmi.sysACPI Power Meter Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmdK8\SystemRoot\system32\drivers\amdk8.sysAMD K8 Processor DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AmdPPM\SystemRoot\system32\drivers\amdppm.sysAMD Processor DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AppID\SystemRoot\system32\drivers\appid.sys@%systemroot%\system32\appidsvc.dll,-102
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AsyncMacsystem32\DRIVERS\asyncmac.sys@%systemroot%\system32\rascfg.dll,-32000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BCM43XXsystem32\DRIVERS\bcmwl664.sysBroadcom 802.11 Network Adapter DriverNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHMODEM\SystemRoot\system32\drivers\bthmodem.sysBluetooth Serial Communications Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORTSystem32\Drivers\BTHport.sysBluetooth Port DriverPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHUSBSystem32\Drivers\BTHUSB.sysBluetooth Radio USB DriverPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTWAMPFLsystem32\DRIVERS\btwampfl.sysbtwampflPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrFiltLo\SystemRoot\system32\drivers\BrFiltLo.sysBrother USB Mass-Storage Lower Filter Driverextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrFiltUp\SystemRoot\system32\drivers\BrFiltUp.sysBrother USB Mass-Storage Upper Filter Driverextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrSerWdm\SystemRoot\System32\Drivers\BrSerWdm.sysBrother WDM Serial driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrUsbMdm\SystemRoot\System32\Drivers\BrUsbMdm.sysBrother MFC USB Fax Only Modem
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrUsbSer\SystemRoot\System32\Drivers\BrUsbSer.sysBrother MFC USB Serial WDM Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BridgeMPsystem32\DRIVERS\bridge.sys@%SystemRoot%\system32\bridgeres.dll,-1PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Brserid\SystemRoot\System32\Drivers\Brserid.sysBrother MFC Serial Port Interface Driver (WDM)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthEnumsystem32\DRIVERS\BthEnum.sysBluetooth Request Block Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthPansystem32\DRIVERS\bthpan.sysBluetooth Device (Personal Area Network)NDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CLFSSystem32\CLFS.sys@%SystemRoot%\system32\clfs.sys,-100Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CNGSystem32\Drivers\cng.sysBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CmBatt\SystemRoot\system32\drivers\CmBatt.sysMicrosoft ACPI Control Method Battery Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Compbatt\SystemRoot\system32\drivers\compbatt.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CompositeBus\SystemRoot\system32\drivers\CompositeBus.sysComposite Bus Enumerator DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DXGKrnl\SystemRoot\System32\drivers\dxgkrnl.sysLDDM Graphics SubsystemVideo Init
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DfsCSystem32\Drivers\dfsc.sys@%systemroot%\system32\drivers\dfsc.sys,-101Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Disksystem32\drivers\disk.sysDisk Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DrvAgent64\??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYSSigned DrvAgent64
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EraserUtilRebootDrv\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sysSigned EraserUtilRebootDrv
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ErrDev\SystemRoot\system32\drivers\errdev.sysMicrosoft Hardware Error Device DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FileInfosystem32\drivers\fileinfo.sys@%SystemRoot%\system32\drivers\fileinfo.sys,-100FSFilter Bottom
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Filetracesystem32\drivers\filetrace.sys@%SystemRoot%\system32\drivers\filetrace.sys,-10001FSFilter Activity Monitor
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FltMgrsystem32\drivers\fltmgr.sys@%SystemRoot%\system32\drivers\fltmgr.sys,-10001FSFilter Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FsDependsSystem32\drivers\FsDepends.sys@%SystemRoot%\system32\drivers\fsdepends.sys,-10001Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HDAudBus\SystemRoot\system32\drivers\HDAudBus.sysMicrosoft UAA Bus Driver for High Definition AudioExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTPsystem32\drivers\HTTP.sys@%SystemRoot%\system32\drivers\http.sys,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HdAudAddServicesystem32\drivers\HdAudio.sysMicrosoft 1.1 UAA Function Driver for High Definition Audio Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidBatt\SystemRoot\system32\drivers\HidBatt.sysHID UPS Battery Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidBth\SystemRoot\system32\drivers\hidbth.sysMicrosoft Bluetooth HID Miniportextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidIr\SystemRoot\system32\drivers\hidir.sysMicrosoft Infrared HID Driverextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidUsb\SystemRoot\system32\drivers\hidusb.sysMicrosoft HID Class Driverextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HpSAMD\SystemRoot\system32\drivers\HpSAMD.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPMIDRV\SystemRoot\system32\drivers\IPMIDrv.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPNATSystem32\drivers\ipnat.sysIP Network Address Translator
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IRENUMsystem32\drivers\irenum.sys@%SystemRoot%\system32\drivers\irenum.sys,-100
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IntcAzAudAddServicesystem32\drivers\RTKVHD64.sysService for Realtek HD Audio (WDM)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IpFilterDriversystem32\DRIVERS\ipfltdrv.sys@%systemroot%\system32\rascfg.dll,-32013
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSecDDSystem32\Drivers\ksecdd.sysBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KSecPkgSystem32\Drivers\ksecpkg.sysCryptography
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_FC\SystemRoot\system32\drivers\lsi_fc.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SAS\SystemRoot\system32\drivers\lsi_sas.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SAS2\SystemRoot\system32\drivers\lsi_sas2.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LSI_SCSI\SystemRoot\system32\drivers\lsi_scsi.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV\SystemRoot\system32\drivers\mrxdav.sys@%systemroot%\system32\webclnt.dll,-104
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSKSSRVsystem32\drivers\MSKSSRV.sysMicrosoft Streaming Service ProxyExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPCLOCKsystem32\drivers\MSPCLOCK.sysMicrosoft Streaming Clock ProxyExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSPQMsystem32\drivers\MSPQM.sysMicrosoft Streaming Quality Manager ProxyExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSTEEsystem32\drivers\MSTEE.sysMicrosoft Streaming Tee/Sink-to-Sink ConverterExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MTConfig\SystemRoot\system32\drivers\MTConfig.sysMicrosoft Input Configuration DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MegaSR\SystemRoot\system32\drivers\MegaSR.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Modemsystem32\drivers\modem.sysExtended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MpFiltersystem32\DRIVERS\MpFilter.sysMicrosoft Malware Protection DriverFSFilter Anti-Virus
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MupSystem32\Drivers\mup.sys@%systemroot%\system32\drivers\mup.sys,-101Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NDISsystem32\drivers\ndis.sys@%SystemRoot%\system32\drivers\ndis.sys,-200NDIS Wrapper
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NativeWifiPsystem32\DRIVERS\nwifi.sysNativeWiFi FilterNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisCapsystem32\DRIVERS\ndiscap.sysNDIS Capture LightWeight FilterNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisTapisystem32\DRIVERS\ndistapi.sys@%systemroot%\system32\rascfg.dll,-32001
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NdisWansystem32\DRIVERS\ndiswan.sys@%systemroot%\system32\rascfg.dll,-32002
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ndisuiosystem32\DRIVERS\ndisuio.sysNDIS Usermode I/O ProtocolNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBIOSsystem32\DRIVERS\netbios.sysNetBIOS InterfaceNetBIOSGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBTSystem32\DRIVERS\netbt.sys@%SystemRoot%\system32\drivers\netbt.sys,-2PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NisDrvsystem32\DRIVERS\NisDrvWFP.sysMicrosoft Network Inspection System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PEAUTHsystem32\drivers\peauth.sysPEAUTH
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PORTMON\??\C:\Users\George\Documents\SysinternalsSuite\PORTMSYS.SYSPORTMON
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Parport\SystemRoot\system32\drivers\parport.sysParallel port driverParallel arbitrator
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partizansystem32\drivers\Partizan.sysSigned PartizanBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PptpMiniportsystem32\DRIVERS\raspptp.sys@%systemroot%\system32\rascfg.dll,-32006
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Processor\SystemRoot\system32\drivers\processr.sysProcessor DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pschedsystem32\DRIVERS\pacer.sys@%SystemRoot%\System32\drivers\pacer.sys,-101NDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QWAVEdrv\SystemRoot\system32\drivers\qwavedrv.sys@%SystemRoot%\system32\drivers\qwavedrv.sys,-1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPCDDSystem32\DRIVERS\RDPCDD.sys@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100Video Save
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPENCDDsystem32\drivers\rdpencdd.sys@%systemroot%\system32\drivers\RDPENCDD.sys,-101Video Save
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RDPREFMPsystem32\drivers\rdprefmp.sys@%systemroot%\system32\drivers\RdpRefMp.sys,-101Video Save
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RFCOMMsystem32\DRIVERS\rfcomm.sysBluetooth Device (RFCOMM Protocol TDI)PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RTL8167system32\DRIVERS\Rt64win7.sysRealtek 8167 NT DriverNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAcdSystem32\DRIVERS\rasacd.sysRemote Access Auto Connection DriverStreams Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasAgileVpnsystem32\DRIVERS\AgileVpn.sysWAN Miniport (IKEv2)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasPppoesystem32\DRIVERS\raspppoe.sys@%systemroot%\system32\rascfg.dll,-32007
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasSstpsystem32\DRIVERS\rassstp.sys@%systemroot%\system32\sstpsvc.dll,-202
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rasl2tpsystem32\DRIVERS\rasl2tp.sys@%systemroot%\system32\rascfg.dll,-32005
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SWDUMonsystem32\DRIVERS\SWDUMon.sysSWDUMon
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serenum\SystemRoot\system32\drivers\serenum.sysSerenum Filter DriverPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Serial\SystemRoot\system32\drivers\serial.sysExtended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SiSRaid2\SystemRoot\system32\drivers\SiSRaid2.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SiSRaid4\SystemRoot\system32\drivers\sisraid4.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Smbsystem32\DRIVERS\smb.sys@%SystemRoot%\system32\tcpipcfg.dll,-50005PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TCPIP6system32\DRIVERS\tcpip.sysMicrosoft IPv6 Protocol Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDPIPEsystem32\drivers\tdpipe.sysTDPIPE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDTCPsystem32\drivers\tdtcp.sysTDTCP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcpipSystem32\drivers\tcpip.sys@%SystemRoot%\system32\tcpipcfg.dll,-50003PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermDD\SystemRoot\system32\drivers\termdd.sysTerminal Device Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TsUsbFltsystem32\drivers\tsusbflt.sysbase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TsUsbGD\SystemRoot\system32\drivers\TsUsbGD.sysRemote Desktop Generic USB DeviceExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTORsystem32\DRIVERS\USBSTOR.SYSUSB Mass Storage Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UmPass\SystemRoot\system32\drivers\umpass.sysMicrosoft UMPass DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VgaSave\SystemRoot\System32\drivers\vga.sysVideo Save
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WANARPsystem32\DRIVERS\wanarp.sys@%systemroot%\system32\rascfg.dll,-32011
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WIMMountsystem32\drivers\wimmount.sysSigned WIMMountFSFilter Infrastructure
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WUDFRdsystem32\DRIVERS\WUDFRd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WacomPen\SystemRoot\system32\drivers\wacompen.sysWacom Serial Pen HID DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wanarpv6system32\DRIVERS\wanarp.sys@%systemroot%\system32\rascfg.dll,-32012
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wd\SystemRoot\system32\drivers\wd.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wdf01000system32\drivers\Wdf01000.sysKernel Mode Driver Frameworks serviceWdfLoadGroup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WfpLwfsystem32\DRIVERS\wfplwf.sysWFP Lightweight FilterNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmiAcpi\SystemRoot\system32\drivers\wmiacpi.sysMicrosoft Windows Management Interface for ACPIExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsAudioDevice_383S(1)system32\drivers\WsAudioDevice_383S(1).sysWsAudioDevice_383S(1)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WudfPfsystem32\drivers\WudfPf.sysUser Mode Driver Frameworks Platform Driverbase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adp94xx\SystemRoot\system32\drivers\adp94xx.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adpahci\SystemRoot\system32\drivers\adpahci.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adpu320\SystemRoot\system32\drivers\adpu320.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\agp440\SystemRoot\system32\drivers\agp440.sysIntel AGP Bus FilterPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aliide\SystemRoot\system32\drivers\aliide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd_satasystem32\drivers\amd_sata.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amd_xatasystem32\drivers\amd_xata.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdide\SystemRoot\system32\drivers\amdide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdkmdagsystem32\DRIVERS\atikmdag.sysVideo
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdkmdapsystem32\DRIVERS\atikmpag.sysVideo
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdsata\SystemRoot\system32\drivers\amdsata.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdsbs\SystemRoot\system32\drivers\amdsbs.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\amdxatasystem32\drivers\amdxata.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\arc\SystemRoot\system32\drivers\arc.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\arcsas\SystemRoot\system32\drivers\arcsas.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\SystemRoot\system32\drivers\atapi.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b06bdrv\SystemRoot\system32\drivers\bxvbda.sysBroadcom NetXtreme II VBDbase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b57nd60asystem32\DRIVERS\b57nd60a.sysBroadcom NetXtreme Gigabit Ethernet - NDIS 6.0NDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\blbdrive\SystemRoot\system32\drivers\blbdrive.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bowsersystem32\DRIVERS\bowser.sys@%systemroot%\system32\browser.dll,-102Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwaudiosystem32\drivers\btwaudio.sysBluetooth Audio Device Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwavdt\SystemRoot\system32\drivers\btwavdt.sysBluetooth AVDT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwl2capsystem32\DRIVERS\btwl2cap.sysBluetooth L2CAP ServiceExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwrchid\SystemRoot\system32\drivers\btwrchid.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdfssystem32\DRIVERS\cdfs.sysCD/DVD File System ReaderBoot File System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cdrom\SystemRoot\system32\drivers\cdrom.sysCD-ROM DriverSCSI CDROM Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\circlass\SystemRoot\system32\drivers\circlass.sysConsumer IR DevicesExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdide\SystemRoot\system32\drivers\cmdide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crcdisk\SystemRoot\system32\drivers\crcdisk.sysCrcdisk Filter DriverPnp Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\discacheSystem32\drivers\discache.sys@%systemroot%\system32\drivers\discache.sys,-102
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drmkaudsystem32\drivers\drmkaud.sysMicrosoft Trusted Audio Drivers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ebdrv\SystemRoot\system32\drivers\evbda.sysBroadcom NetXtreme II 10 GigE VBDbase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eeCtrl\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sysSigned Symantec Eraser Control driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\elxstor\SystemRoot\system32\drivers\elxstor.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fdc\SystemRoot\system32\drivers\fdc.sysFloppy Disk Controller Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\flpydisk\SystemRoot\system32\drivers\flpydisk.sysFloppy Disk Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fvevolSystem32\DRIVERS\fvevol.sys@%SystemRoot%\system32\drivers\fvevol.sys,-100PnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gagp30kx\SystemRoot\system32\drivers\gagp30kx.sysMicrosoft Generic AGPv3.0 Filter for K8 Processor PlatformsPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hcw85cir\SystemRoot\system32\drivers\hcw85cir.sysHauppauge Consumer Infrared ReceiverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hwpolicySystem32\drivers\hwpolicy.sys@%systemroot%\system32\drivers\hwpolicy.sys,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\SystemRoot\system32\drivers\i8042prt.sysi8042 Keyboard and PS/2 Mouse Port DriverKeyboard Port
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iScsiPrtsystem32\DRIVERS\msiscsi.sysiScsiPort Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStorV\SystemRoot\system32\drivers\iaStorV.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\igfxsystem32\DRIVERS\igdkmd64.sysVideo
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iirsp\SystemRoot\system32\drivers\iirsp.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelide\SystemRoot\system32\drivers\intelide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm\SystemRoot\system32\drivers\intelppm.sysIntel Processor DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\isapnp\SystemRoot\system32\drivers\isapnp.sysBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\k1mc580d\??\C:\Windows\system32\drivers\k1mc580d.sysSigned Vba32 Armour Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdclass\SystemRoot\system32\drivers\kbdclass.sysKeyboard Class DriverKeyboard Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\SystemRoot\system32\drivers\kbdhid.sysKeyboard HID DriverKeyboard Port
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksthunk\SystemRoot\system32\drivers\ksthunk.sysKernel Streaming ThunksPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lltdiosystem32\DRIVERS\lltdio.sysLink-Layer Topology Discovery Mapper I/O DriverNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\luafv\SystemRoot\system32\drivers\luafv.sys@%systemroot%\system32\drivers\luafv.sys,-100FSFilter Virtualization
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\megasas\SystemRoot\system32\drivers\megasas.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\monitorsystem32\DRIVERS\monitor.sysMicrosoft Monitor Class Function Driver Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouclass\SystemRoot\system32\drivers\mouclass.sysMouse Class DriverPointer Class
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouhid\SystemRoot\system32\drivers\mouhid.sysMouse HID DriverPointer Port
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mountmgrSystem32\drivers\mountmgr.sys@%SystemRoot%\system32\drivers\mountmgr.sys,-100System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpio\SystemRoot\system32\drivers\mpio.sysBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mpsdrvSystem32\drivers\mpsdrv.sys@%SystemRoot%\system32\FirewallAPI.dll,-23092network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmbsystem32\DRIVERS\mrxsmb.sys@%systemroot%\system32\wkssvc.dll,-1002Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmb10system32\DRIVERS\mrxsmb10.sys@%systemroot%\system32\wkssvc.dll,-1004Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mrxsmb20system32\DRIVERS\mrxsmb20.sys@%systemroot%\system32\wkssvc.dll,-1006Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msahci\SystemRoot\system32\drivers\msahci.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msdsm\SystemRoot\system32\drivers\msdsm.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mshidkmdf\SystemRoot\System32\drivers\mshidkmdf.sys@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msisadrvsystem32\drivers\msisadrv.sysBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mssmbios\SystemRoot\system32\drivers\mssmbios.sysMicrosoft System Management BIOS Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nfrd960\SystemRoot\system32\drivers\nfrd960.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nsiproxysystem32\drivers\nsiproxy.sys@%SystemRoot%\system32\drivers\nsiproxy.sys,-2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nv_agp\SystemRoot\system32\drivers\nv_agp.sysNVIDIA nForce AGP Bus FilterPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvraid\SystemRoot\system32\drivers\nvraid.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nvstor\SystemRoot\system32\drivers\nvstor.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ohci1394\SystemRoot\system32\drivers\ohci1394.sys1394 OHCI Compliant Host Controller (Legacy)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\partmgrSystem32\drivers\partmgr.sys@%SystemRoot%\system32\drivers\partmgr.sys,-100Boot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcisystem32\drivers\pci.sysPCI Bus DriverBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pciide\SystemRoot\system32\drivers\pciide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcmcia\SystemRoot\system32\drivers\pcmcia.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pcwSystem32\drivers\pcw.sysPerformance Counters for Windows DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql2300\SystemRoot\system32\drivers\ql2300.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ql40xx\SystemRoot\system32\drivers\ql40xx.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdbsssystem32\DRIVERS\rdbss.sys@%systemroot%\system32\wkssvc.dll,-1000Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdpbus\SystemRoot\system32\drivers\rdpbus.sysRemote Desktop Device Redirector Bus Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdyboostSystem32\drivers\rdyboost.sysReadyBoostPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rspndrsystem32\DRIVERS\rspndr.sysLink-Layer Topology Discovery ResponderNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbp2port\SystemRoot\system32\drivers\sbp2port.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scfilterSystem32\DRIVERS\scfilter.sys@%SystemRoot%\System32\drivers\scfilter.sys,-11PnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sdbussystem32\DRIVERS\sdbus.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sermouse\SystemRoot\system32\drivers\sermouse.sysSerial Mouse DriverPointer Port
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffdisk\SystemRoot\system32\drivers\sffdisk.sysSFF Storage Class Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffp_mmc\SystemRoot\system32\drivers\sffp_mmc.sysSFF Storage Protocol Driver for MMC
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffp_sd\SystemRoot\system32\drivers\sffp_sd.sysSFF Storage Protocol Driver for SDBus
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sfloppy\SystemRoot\system32\drivers\sfloppy.sysHigh-Capacity Floppy Disk Drive
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvSystem32\DRIVERS\srv.sys@%systemroot%\system32\srvsvc.dll,-102Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srv2System32\DRIVERS\srv2.sys@%systemroot%\system32\srvsvc.dll,-104Network
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvnetSystem32\DRIVERS\srvnet.sysNetwork
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stexstor\SystemRoot\system32\drivers\stexstor.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swenum\SystemRoot\system32\drivers\swenum.sysSoftware Bus Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpipregSystem32\drivers\tcpipreg.sysTCP/IP Registry Compatibility
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdxsystem32\DRIVERS\tdx.sys@%SystemRoot%\system32\tcpipcfg.dll,-50004PNP_TDI
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tssecsrvSystem32\DRIVERS\tssecsrv.sys@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tunnelsystem32\DRIVERS\tunnel.sysMicrosoft Tunnel Miniport Adapter DriverNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uagp35\SystemRoot\system32\drivers\uagp35.sysMicrosoft AGPv3.5 FilterPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\udfssystem32\DRIVERS\udfs.sysudfsBoot File System
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uliagpkx\SystemRoot\system32\drivers\uliagpkx.sysUli AGP Bus FilterPnP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\umbussystem32\DRIVERS\umbus.sysUMBus Enumerator DriverExtended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbccgp\SystemRoot\system32\drivers\usbccgp.sysMicrosoft USB Generic Parent DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbcir\SystemRoot\system32\drivers\usbcir.syseHome Infrared Receiver (USBCIR)Extended Base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbehci\SystemRoot\system32\drivers\usbehci.sysMicrosoft USB 2.0 Enhanced Host Controller Miniport DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbfilter\SystemRoot\system32\drivers\usbfilter.sysAMD USB Filter DriverPNP Filter
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbhub\SystemRoot\system32\drivers\usbhub.sysMicrosoft USB Standard Hub DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbohci\SystemRoot\system32\drivers\usbohci.sysMicrosoft USB Open Host Controller Miniport DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbprint\SystemRoot\system32\drivers\usbprint.sysMicrosoft USB PRINTER Classextended base
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbuhci\SystemRoot\system32\drivers\usbuhci.sysMicrosoft USB Universal Host Controller Miniport DriverBase
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrvrootsystem32\drivers\vdrvroot.sysMicrosoft Virtual Drive Enumerator DriverBoot Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vgasystem32\DRIVERS\vgapnp.sysVideo
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vhdmp\SystemRoot\system32\drivers\vhdmp.sysSCSI miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\viaide\SystemRoot\system32\drivers\viaide.sysSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volmgrsystem32\drivers\volmgr.sysVolume Manager DriverSystem Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volmgrxSystem32\drivers\volmgrx.sys@%SystemRoot%\system32\drivers\volmgrx.sys,-100System Bus Extender
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\volsnapsystem32\drivers\volsnap.sysStorage volumes
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsmraid\SystemRoot\system32\drivers\vsmraid.sysSCSI Miniport
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vwifibussystem32\DRIVERS\vwifibus.sysVirtual WiFi Bus Driver
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vwififltsystem32\DRIVERS\vwififlt.sysVirtual WiFi Filter DriverNDIS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ws2ifsl\SystemRoot\system32\drivers\ws2ifsl.sys@%systemroot%\System32\drivers\ws2ifsl.sys,-1000PNP_TDI

Copyright © 1993-2009 VirusBlokAda Ltd. All Rights Reserved