Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Anyone know what pxldqpow.sys is?

  • Please log in to reply
1 reply to this topic

#1 Agentspade


  • Members
  • 13 posts
  • Gender:Male
  • Location:U S Of A
  • Local time:03:34 PM

Posted 20 June 2016 - 09:18 PM

I have had issues with a LSP dealing with Windows Live's driver WLIDNSP.dll. I used LSPfix to fix this and then my Internet was back to normal, but it would come back some times. So I packed WLIDNSP.dll in a 7Z archive and deleted WLIDNSP.dll. I have scanned the computer to death with many programs up to and including Herdprotect. Nothing found. Then I read about Rougescanner and figured what the hell and it found this in the pic. http://i.imgur.com/WKptlXC.jpg


So I clicked fixed, rebooted and scanned again. It was gone. Then I scanned in safe mode and it showed up. So I fixed again. Now in normal and safe mode it is gone. But! I searched the registry for pxldqpow and it found it in this location:





I backed up the key and then tried to delete it. Couldn't. So I used a little App called Runassystem from qwertylab.com and ran the registry as system and then I was able to delete the key. So far the computer is running fine. I opted to delete the key after finding nothing on the net about it. So I know this must be rouge. But what in the world is pxldqpow.sys in the first place?


I'm going to run my programs as usual and periodically check if this comes back or not. Like I said though. Many scanners I ran, Herdprotect, Malwarebytes, ADwcleaner, TDSSkiller, GMER, etc, etc etc found nothing. Processhacker did see pxldqpow.sys, but once I deleted its registry key it was gone.


I don't know if this has to do with the LSP with Windows Live or not. I now run VooDoo Shield and always ran Sandboxie.

BC AdBot (Login to Remove)


#2 TsVk!


    penguin farmer

  • Members
  • 6,239 posts
  • Gender:Male
  • Location:The Antipodes
  • Local time:07:34 AM

Posted 20 June 2016 - 09:31 PM

It's part of GMER.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users