Quantcast
Channel: Sysinternals Forums
Viewing all 10386 articles
Browse latest View live

Process Monitor : New Filter Suggestion: Filter by Process Tree

September 24, 2015, 10:43 am
$
0
0
Author: Dax1792
Subject: New Filter Suggestion: Filter by Process Tree
Posted: 24 September 2015 at 5:43pm

I don't understand what you are asking for which isn't already possible using the 'Include Subtree' option on the Process Tree dialog (Ctrl+T or clicking the Process Tree toolbar button).
Search

Miscellaneous Utilities : Desktop v2 and Adobe Acrobat 9

September 24, 2015, 11:42 am
$
0
0
Author: b.z.mann
Subject: Desktop v2 and Adobe Acrobat 9
Posted: 24 September 2015 at 6:42pm

Just installed Desktop v2 and it's very helpful.  However, I've noticed right off the bat that I can't have PDF's open in multiple desktops.  Any ideas?

BgInfo : BgInfo not updating on Server 2012

September 24, 2015, 12:22 pm
$
0
0
Author: ryansmith
Subject: BgInfo not updating on Server 2012
Posted: 24 September 2015 at 7:22pm

I have an issue where BgInfo does not update the wallpaper on Windows Server 2012 and 2012 R2.
For my setup, BgInfo is called as a logon script.  Here is my script:
%LOGONSERVER%\NETLOGON\BGinfo\bginfo.exe "%LOGONSERVER%\NETLOGON\BGinfo\BGinfo-Config - Standard.bgi" /timer:0 /NOLICPROMPT /silent
 
The problem I am seeing as that on Windows Server 2012 and 2012 R2, BgInfo successfully sets an initial wallpaper and everything looks as it should.  But if log off and back on, the data on the wallpaper is not refreshed with current data.
 
However, BgInfo is definitely updating the .bmp file.  I can browse to the file and open it, and everything looks as it should.  But for some reason, Windows displays an old version of the wallpaper.  What's strange, is if I go to the control panel and open 'Change desktop background', the wallpaper suddenly updates with the correct one.  I don't even have to click anything, simply going to the screen where you'd set a wallpaper will cause the wallpaper to suddenly refresh.
 
So I'm thinking maybe the wallpaper is cached in some way.  So I decided to create a LOGOFF script that clears the windows wallpaper setting and deletes the .bmp file.  Even after doing that, I go to log on and Windows STILL shows an old version of the wallpaper!  And again, simply navigating to the control panel screen where you set your wallpaper, the screen suddenly refreshes with the correct wallpaper.
 
Here is my logoff script.  I have confirmed that the reg entries are cleared and .bmp file deleted after logoff:
reg delete "HKCU\Control Panel\Desktop" /v Wallpaper /f
del /q %APPDATA%\Sysinternals\BGInfo\BGInfo.bmp >nul 2>&1
 
 
I do not have this problem on Server 2008 R2 and older.

BgInfo : BgInfo not updating on Server 2012

September 24, 2015, 5:59 pm
$
0
0
Author: ryansmith
Subject: BgInfo not updating on Server 2012
Posted: 25 September 2015 at 12:59am

I have something working now.  It looks like starting with Windows 8 / 2012, there's another registry for the desktop wallpaper.  HKCU\Control Panel\Desktop\TranscodedImageCache.   So I expanded my logoff script to delete the value.  After logging back in, the value gets re-created when BgInfo runs and Server 2012 is now displaying the correct up to date wallpaper.
Here's my logoff script:
reg add "HKCU\Control Panel\Desktop" /v Wallpaper /t REG_SZ /d "" /f
reg delete "HKCU\Control Panel\Desktop" /v TranscodedImageCache /f
del /q %APPDATA%\Sysinternals\BGInfo\BGInfo.bmp >nul 2>&1

Malware : Please can u help?

September 25, 2015, 3:28 am
$
0
0
Author: BazzD
Subject: Please can u help?
Posted: 25 September 2015 at 10:28am

Today the Safari somehow was hacked by esurfbiz that is a webpage. I have downloaded and run scans wit eset node32h, ccleaner and malwarebytes, they pick up nothing. I have also tried some manual methods like it and it's still there. I've been at it for several hours Pinchso any ideas on how to get rid of it is appreciated.

Miscellaneous Utilities : Sysmon 3.1 config error

September 25, 2015, 9:12 am
$
0
0
Author: s0mar
Subject: Sysmon 3.1 config error
Posted: 25 September 2015 at 4:12pm

I had been experimenting with Sysmon 3.0.  I just changed to 3.1.  My config file was working with 3.0, but since moving to 3.1, I am receiving warning messages.

Sysinternals Sysmon v3.10 - System activity monitor
Copyright (C) 2014-2015 Mark Russinovich and Thomas Garnier
Sysinternals - www.sysinternals.com

Loading configuration file with schema version 2.00
Sysmon schema version: 2.01
Warn: The event 'ProcessCreate' cannot be automatically enabled.
      Ensure it is correctly configured.
Warn: The event 'ProcessTerminate' cannot be automatically enabled.
      Ensure it is correctly configured.
Configuration file successfully applied
Configuration updated.

Is anyone seeing this behavior?  Is this a bug?


Thanks in advance.

Miscellaneous Utilities : "coreinfo -v" creates bsod on T5600 win81 32bit

September 25, 2015, 12:52 pm
$
0
0
Author: costinel
Subject: "coreinfo -v" creates bsod on T5600 win81 32bit
Posted: 25 September 2015 at 7:52pm

Miscellaneous Utilities : "coreinfo -v" creates bsod on T5600 win81 32bit

September 25, 2015, 12:53 pm
$
0
0
Author: costinel
Subject: "coreinfo -v" creates bsod on T5600 win81 32bit
Posted: 25 September 2015 at 7:53pm

coreinfo without "-v" works ok
Search

Miscellaneous Utilities : "coreinfo -v" creates bsod on T5600 win81 32bit

September 25, 2015, 11:04 pm
$
0
0
Author: MagicAndre1981
Subject: "coreinfo -v" creates bsod on T5600 win81 32bit
Posted: 26 September 2015 at 6:04am

upload the dump C:\Windows\Memory.dmp to OneDrive and send mark the link:

http://blogs.technet.com/b/markrussinovich/contact.aspx

Miscellaneous Utilities : Desktop v2 and Adobe Acrobat 9

September 26, 2015, 2:53 pm

Process Explorer : Search online not working.

October 2, 2015, 12:22 pm
$
0
0
Author: ChaosEngine
Subject: Search online not working.
Posted: 02 October 2015 at 7:22pm

Hi Simoncu,

Have you tried running the programs elevated to see if the issue is still there?

Process Explorer : ** Feature Requests **

October 2, 2015, 12:58 pm
$
0
0
Author: ChaosEngine
Subject: ** Feature Requests **
Posted: 02 October 2015 at 7:58pm

 Option in PExp: jump to auto-start location(s) in autoruns.

Process Monitor : Process Monitor 3.2 NOT running

October 2, 2015, 5:50 pm
$
0
0
Author: powerdrome
Subject: Process Monitor 3.2 NOT running
Posted: 03 October 2015 at 12:50am

Originally posted by powerdrome powerdrome wrote:

hello everyone,
i recently upgraded to win10 and i started to fix some errors and problems: context menus not compatible, permission errors, and various other fixes... forums are full of those...
Now i started to improve also the boot time, because it was 40 seconds with my saved image of win 8.1 and now it sometimes take 2 minutes.
NOt that i'm going to race with my boot time, but as you know, that should point to other problems, maybe video card drivers, infact during boot, the screen goes black with mouse cursor able to move for long time before showing logon screen.
So i downloaded the new procmon 3.20, but it doesn't start!!!
I read another thread here with a similar problem so i noticed:
that it tries to create an hidden file in my temp directory, but it is cancelled immediatly after.
I tried do extract the 64 bit version, and it works, but if i select enable boot logging i get error: unable to write procmon23.sys (make sure u have permission to write the %%systemroot%%\system32\drivers directory)
I checked the permission on ..drivers directory and i gave full to (all app package, creator owner (i select full bu it doesn' retain flags), system, myuser, administrators, trusted installers)
I checked the permission on ..emp directory and i gave full to (all app package, creator owner (i select full bu it doesn' retain flags), system, myuser, administrators)
!!!: I tried to run Process Explore v16.05, it does create an hidden 64 version in my temp dir and it STARTS, it doesn't create any sys file in drivers.
I also tried with a clean install of win10 and it works, so is not a win10 problem.

As long as we are talking of a debugging program ;-) I would like to solve it, because there must be a permission or policies problem in my installation that i would like to fix, and maybe it could be of some help to other people with the same problem.

Thanks for your help

If someone would give this a try i also saved a trace/log running the procmon.exe in the described situation
And i also get this error messages:

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-FilterManager" Guid="{F3C5E28E-63F6-49C7-A204-E48A1BC4B09D}" />
  <EventID>6</EventID>
  <Version>1</Version>
  <Level>4</Level>
  <Task>0</Task>
  <Opcode>0</Opcode>
  <Keywords>0x8000400000000000</Keywords>
  <TimeCreated SystemTime="2015-10-02T23:29:27.248068900Z" />
  <EventRecordID>2925</EventRecordID>
  <Correlation />
  <Execution ProcessID="4" ThreadID="4072" />
  <Channel>System</Channel>
  <Computer>ASUSN550JV</Computer>
  <Security UserID="S-1-5-18" />
  </System>
- <EventData>
  <Data Name="FinalStatus">0x0</Data>
  <Data Name="DeviceVersionMajor">0</Data>
  <Data Name="DeviceVersionMinor">0</Data>
  <Data Name="DeviceNameLength">9</Data>
  <Data Name="DeviceName">PROCMON23</Data>
  <Data Name="DeviceTime">2015-05-26T02:35:46.000000000Z</Data>
  <Data Name="ExtraInfoLength">184</Data>
  <Data Name="ExtraInfoString">{ "flags" : "0x00000010" , "registration_version" : "0x00000200" , "tx" : false , "sections" : false , "frame" : 0 , "class_name" : "(null)" , "instances" : [["385200","0x00000000"]] }</Data>
  <Data Name="FilterID">{02000000-000D-0000-2FED-EA2D6AFDD001}</Data>
  </EventData>
  </Event>

 - <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
  <EventID>4797</EventID>
  <Version>0</Version>
  <Level>0</Level>
  <Task>13824</Task>
  <Opcode>0</Opcode>
  <Keywords>0x8020000000000000</Keywords>
  <TimeCreated SystemTime="2015-10-02T23:49:58.376411900Z" />
  <EventRecordID>6779</EventRecordID>
  <Correlation ActivityID="{8FA49F5A-FD61-0001-5C9F-A48F61FDD001}" />
  <Execution ProcessID="748" ThreadID="7232" />
  <Channel>Security</Channel>
  <Computer>ASUSN550JV</Computer>
  <Security />
  </System>
- <EventData>
  <Data Name="SubjectUserSid">S-1-5-21-2593983523-4113023716-1611044618-1003</Data>
  <Data Name="SubjectUserName">PowerDrome</Data>
  <Data Name="SubjectDomainName">ASUSN550JV</Data>
  <Data Name="SubjectLogonId">0x4ba63</Data>
  <Data Name="Workstation">ASUSN550JV</Data>
  <Data Name="TargetUserName">Guest</Data>
  <Data Name="TargetDomainName">ASUSN550JV</Data>
  </EventData>
  </Event>

Thanks for the help

Process Explorer : ProcExp doesn't report the correct number of CPU

October 2, 2015, 11:16 pm
$
0
0
Author: MagicAndre1981
Subject: ProcExp doesn't report the correct number of CPU
Posted: 03 October 2015 at 6:16am

report it here

http://wj32.org/processhacker/forums/index.php

so that wj32 can fix it in ProcessHacker

Troubleshooting : Help with BSOD "Pool Corruption"

October 3, 2015, 3:17 am
Search

Troubleshooting : Help with BSOD "Pool Corruption"

October 3, 2015, 9:28 am
$
0
0
Author: MagicAndre1981
Subject: Help with BSOD "Pool Corruption"
Posted: 03 October 2015 at 4:28pm

that bugcheck is a KMODE_EXCEPTION_NOT_HANDLED (1e), not pool corruption.

It is caused by the Atheros Wifi driver athrxusb.sys which is very old (from 2008: Tue Jul 29 14:47:13 2008). A reinstall won't fix it. Look for a newer driver.

Troubleshooting : Help with BSOD "Pool Corruption"

October 3, 2015, 11:29 am
$
0
0
Author: loverboy
Subject: Help with BSOD "Pool Corruption"
Posted: 03 October 2015 at 6:29pm

I know it is not a pool corruption, but it is another BSOD on this PC and it is caused by a driver so I made that logical connection Smile
Why do you say that it is caused by athrxusb.sys (by the way, the one I have is the latest version available) and not by nwifi.sys as suggested by WinDbg?
 
What is the connection between athrxusb.sys  and nwifi.sys?
One launches the other?
 
 
Quote KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception
......
 
CUSTOMER_CRASH_COUNT:  1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
BUGCHECK_STR:  0x1E
PROCESS_NAME:  System
CURRENT_IRQL:  2
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
DPC_STACK_BASE:  FFFFF800043F0FB0
EXCEPTION_RECORD:  fffff800043ea198 -- (.exr 0xfffff800043ea198)
ExceptionAddress: fffff88003d91767 (nwifi!Pt6RepackRecvNBL+0x0000000000000103)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff
TRAP_FRAME:  fffff800043ea240 -- (.trap 0xfffff800043ea240)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.

rax=fffffa800e84d130 rbx=0000000000000000 rcx=fffff88003dc96e0
rdx=fffffa800e8dbf40 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88003d91767 rsp=fffff800043ea3d0 rbp=0000000000000000
 r8=0000000000000000  r9=1374d41f915213b0 r10=fffff88003dc7110
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
nwifi!Pt6RepackRecvNBL+0x103:
fffff880`03d91767 450fb701        movzx   r8d,word ptr [r9] ds:1374d41f`915213b0=????
Resetting default scope
 
LAST_CONTROL_TRANSFER:  from fffff80003076fbe to fffff8000307f590
STACK_TEXT: 
fffff800`043e9278 fffff800`03076fbe : 00000000`00000000 00000000`00000000 fffff800`043e99f0 fffff800`030ab200 : nt!KeBugCheck
fffff800`043e9280 fffff800`030aaecd : fffff800`0329426c fffff800`031d074c fffff800`0300c000 fffff800`043ea198 : nt!KiKernelCalloutExceptionHandler+0xe
fffff800`043e92b0 fffff800`030a9ca5 : fffff800`031d3ce8 fffff800`043e9328 fffff800`043ea198 fffff800`0300c000 : nt!RtlpExecuteHandlerForException+0xd
fffff800`043e92e0 fffff800`030bac41 : fffff800`043ea198 fffff800`043e99f0 fffff800`00000000 fffffa80`0e8fc310 : nt!RtlDispatchException+0x415
fffff800`043e99c0 fffff800`0307ec42 : fffff800`043ea198 00000000`00000000 fffff800`043ea240 fffffa80`0ed79010 : nt!KiDispatchException+0x135
fffff800`043ea060 fffff800`0307d54a : fffffa80`0e84d220 00000000`00000000 00000000`00000000 fffff880`03874bd4 : nt!KiExceptionDispatch+0xc2
fffff800`043ea240 fffff880`03d91767 : 00000000`00000000 00000000`00000000 fffffa80`0ed79010 00000000`00000048 : nt!KiGeneralProtectionFault+0x10a
fffff800`043ea3d0 fffff880`03d926c8 : fffffa80`0e870030 fffffa80`0e8ba324 fffffa80`00001324 fffffa80`0ed79010 : nwifi!Pt6RepackRecvNBL+0x103
fffff800`043ea4d0 fffff880`014520a7 : fffffa80`0e8051a0 fffffa80`0e8fc310 00000000`00000001 fffffa80`0e8bcdc8 : nwifi!Pt6Receive+0x170
fffff800`043ea530 fffff880`0383f202 : 00000000`00000000 fffff880`00ec7730 fffffa80`0e829e40 00000000`00000000 : ndis! ?? ::FNODOBFM::`string'+0xcd8f
fffff800`043ea580 00000000`00000000 : fffff880`00ec7730 fffffa80`0e829e40 00000000`00000000 fffffa80`00000001 : athrxusb+0x11202

STACK_COMMAND:  kb
FOLLOWUP_IP:
nwifi!Pt6RepackRecvNBL+103
fffff880`03d91767 450fb701        movzx   r8d,word ptr [r9]
SYMBOL_STACK_INDEX:  7
SYMBOL_NAME:  nwifi!Pt6RepackRecvNBL+103
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: nwifi
IMAGE_NAME:  nwifi.sys
DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bcc3b
IMAGE_VERSION:  6.1.7600.16385
FAILURE_BUCKET_ID:  X64_0x1E_nwifi!Pt6RepackRecvNBL+103
BUCKET_ID:  X64_0x1E_nwifi!Pt6RepackRecvNBL+103
ANALYSIS_SOURCE:  KM
FAILURE_ID_HASH_STRING:  km:x64_0x1e_nwifi!pt6repackrecvnbl+103
FAILURE_ID_HASH:  {ca3570d1-2d2b-4f1f-ccf2-468b5dbd65c1}
Followup: MachineOwner
---------


Edited by loverboy - 15 hours 52 minutes ago at 6:30pm

Malware : FREE ONLINE SECURITY SCANS For Suspicious URL Link

October 3, 2015, 8:30 pm
$
0
0
Author: ramseysmylie
Subject: FREE ONLINE SECURITY SCANS For Suspicious URL Link
Posted: 04 October 2015 at 3:30am

I have found https://sitecheck.sucuri.net/ to be very easy and quick to use and has not failed me yet.  It is like whatismyip or speedtest where you get there and the field is right there, so no searching or digging for where you paste the url.




Edited by ramseysmylie - 6 hours 51 minutes ago at 3:31am

Troubleshooting : Help with BSOD "Pool Corruption"

October 3, 2015, 11:36 pm
$
0
0
Author: MagicAndre1981
Subject: Help with BSOD "Pool Corruption"
Posted: 04 October 2015 at 6:36am

Originally posted by loverboy loverboy wrote:

Why do you say that it is caused by athrxusb.sys (by the way, the one I have is the latest version available) and not by nwifi.sys as suggested by WinDbg?
 

 
Quote
nt!KiExceptionDispatch+0xc2
nt!KiGeneralProtectionFault+0x10a
nwifi!Pt6RepackRecvNBL+0x103
nwifi!Pt6Receive+0x170
ndis! ?? ::FNODOBFM::`string'+0xcd8f
athrxusb+0x11202


the Atheros driver calls the Windows miniport driver and this leads to the crash. Post the Hardware ID (VID_PID) so that I can see which chipset your WIFI card uses.

Troubleshooting : Help with BSOD "Pool Corruption"

October 4, 2015, 12:45 am
$
0
0
Author: loverboy
Subject: Help with BSOD "Pool Corruption"
Posted: 04 October 2015 at 7:45am

Is it this what you mean?
 
Quote Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\athrusb]
"Type"=dword:00000001
"Start"=dword:00000003
"ErrorControl"=dword:00000001
"Tag"=dword:00000021
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
  52,00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,74,00,68,00,72,00,78,00,75,\
  00,73,00,62,00,2e,00,73,00,79,00,73,00,00,00
"DisplayName"="Belkin Wireless LAN USB device driver"
"Group"="NDIS"
"NdisMajorVersion"=dword:00000006
"NdisMinorVersion"=dword:00000000
"BootFlags"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\athrusb\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\athrusb\Parameters\Wdf]
"WdfMajorVersion"=dword:00000001
"WdfMinorVersion"=dword:00000005
"TimeOfLastSqmLog"=hex(b):c2,7e,bb,a2,e7,fd,d0,01
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\athrusb\Enum]
"0"="USB\\VID_050D&PID_705C\\6&df2ee03&0&4"
"Count"=dword:00000001
"NextInstance"=dword:00000001
 
or this?
 
Quote Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0B05&PID_179C]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0B05&PID_179C\6&df2ee03&0&7]
"LocationInformation"="Port_#0007.Hub_#0004"
"Capabilities"=dword:00000080
"HardwareID"=hex(7):55,00,53,00,42,00,5c,00,56,00,49,00,44,00,5f,00,30,00,42,\
  00,30,00,35,00,26,00,50,00,49,00,44,00,5f,00,31,00,37,00,39,00,43,00,26,00,\
  52,00,45,00,56,00,5f,00,30,00,30,00,30,00,31,00,00,00,55,00,53,00,42,00,5c,\
  00,56,00,49,00,44,00,5f,00,30,00,42,00,30,00,35,00,26,00,50,00,49,00,44,00,\
  5f,00,31,00,37,00,39,00,43,00,00,00,00,00
"CompatibleIDs"=hex(7):55,00,53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,\
  5f,00,45,00,30,00,26,00,53,00,75,00,62,00,43,00,6c,00,61,00,73,00,73,00,5f,\
  00,30,00,31,00,26,00,50,00,72,00,6f,00,74,00,5f,00,30,00,31,00,00,00,55,00,\
  53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,5f,00,45,00,30,00,26,00,53,\
  00,75,00,62,00,43,00,6c,00,61,00,73,00,73,00,5f,00,30,00,31,00,00,00,55,00,\
  53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,5f,00,45,00,30,00,00,00,00,\
  00
"ContainerID"="{00000000-0000-0000-ffff-ffffffffffff}"
"ConfigFlags"=dword:00000000
"ClassGUID"="{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}"
"Driver"="{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}\\0000"
"UpperFilters"=hex(7):42,00,74,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,\
  00
"LowerFilters"=hex(7):42,00,74,00,46,00,69,00,6c,00,74,00,65,00,72,00,00,00,00,\
  00
"Class"="Bluetooth"
"Mfg"="@oem27.inf,%manufacturername%;Atheros Communications"
"Service"="BTHUSB"
"DeviceDesc"="@oem27.inf,%asus01.devicedesc%;ASUS Bluetooth"
"ParentIdPrefix"="7&42d85a8&0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0B05&PID_179C\6&df2ee03&0&7\Device Parameters]
"COD Type"=dword:00000001
"Scans Before Out of Range"=dword:00000008
"SCO Max Channels"=dword:00000002
"Store Link Key COD Masks"=hex:00,00,1f,43,00,00,05,40,00,00,1f,83,00,00,05,80
"SymbolicLinkName"="\\??\\USB#VID_0B05&PID_179C#6&df2ee03&0&7#{0850302a-b344-4fda-9be9-90576b8d46f0}"
"SymbolicName"="\\??\\USB#VID_0B05&PID_179C#6&df2ee03&0&7#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
"DeviceSelectiveSuspended"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0B05&PID_179C\6&df2ee03&0&7\LogConf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0B05&PID_179C\6&df2ee03&0&7\Control]
"ActiveService"="BTHUSB"
 
Quote Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0CF3&PID_3000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0CF3&PID_3000\6&df2ee03&0&7]
"LocationInformation"="Port_#0007.Hub_#0004"
"Capabilities"=dword:00000080
"HardwareID"=hex(7):55,00,53,00,42,00,5c,00,56,00,49,00,44,00,5f,00,30,00,43,\
  00,46,00,33,00,26,00,50,00,49,00,44,00,5f,00,33,00,30,00,30,00,30,00,26,00,\
  52,00,45,00,56,00,5f,00,30,00,32,00,30,00,30,00,00,00,55,00,53,00,42,00,5c,\
  00,56,00,49,00,44,00,5f,00,30,00,43,00,46,00,33,00,26,00,50,00,49,00,44,00,\
  5f,00,33,00,30,00,30,00,30,00,00,00,00,00
"CompatibleIDs"=hex(7):55,00,53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,\
  5f,00,46,00,46,00,26,00,53,00,75,00,62,00,43,00,6c,00,61,00,73,00,73,00,5f,\
  00,30,00,30,00,26,00,50,00,72,00,6f,00,74,00,5f,00,30,00,30,00,00,00,55,00,\
  53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,5f,00,46,00,46,00,26,00,53,\
  00,75,00,62,00,43,00,6c,00,61,00,73,00,73,00,5f,00,30,00,30,00,00,00,55,00,\
  53,00,42,00,5c,00,43,00,6c,00,61,00,73,00,73,00,5f,00,46,00,46,00,00,00,00,\
  00
"ContainerID"="{00000000-0000-0000-ffff-ffffffffffff}"
"ConfigFlags"=dword:00000000
"ClassGUID"="{36fc9e60-c465-11cf-8056-444553540000}"
"Driver"="{36fc9e60-c465-11cf-8056-444553540000}\\0011"
"Class"="USB"
"Mfg"="@oem26.inf,%mfgname%;Atheros"
"Service"="AthDfu"
"DeviceDesc"="@oem26.inf,%usb\\vid_0cf3&pid_3000.devicedesc%;Atheros Valkyrie BootROM"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0CF3&PID_3000\6&df2ee03&0&7\Device Parameters]
"SymbolicName"="\\??\\USB#VID_0CF3&PID_3000#6&df2ee03&0&7#{a5dcbf10-6530-11d2-901f-00c04fb951ed}"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\VID_0CF3&PID_3000\6&df2ee03&0&7\LogConf]
Viewing all 10386 articles
Browse latest View live
Search