Thread: So sloooooow on the net
View Single Post
Old 11-26-2004, 02:56 AM   #3 (permalink)
petercj
UK
 
petercj's Avatar
 
Join Date: Oct 2004
Location: South Coast UK
Posts: 908
OS: Win XP Pro/XP Home/98se/Suse Linux 9.1 & Xandros 3 Deluxe


Could one of you guys take a look at this full scan please...I'm sure something has been well hidden...I have struggled to even upload this scan.

Many thanks...Peter
.......................................................................................................


StartDreck (build 2.1.5 public BETA) - 2004-11-26 @ 09:08:49
Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)

»Registry
»Run Keys
»Current User
»Run
*CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
*msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
*ILO_Office_Manager=IntEdReg.exe /OFFMAN
»RunOnce
»Default User
»Run
*CTFMON.EXE=C:\WINDOWS\System32\CTFMON.EXE
*ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
*AVG7_Run=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
»RunOnce
»Local Machine
»Run
*SoundMan=SOUNDMAN.EXE
*SunJavaUpdateSched=C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
*Intense Registry Service=IntEdReg.exe /CHECK
*ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
*ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
*iTunesHelper=C:\Program Files\iTunes\iTunesHelper.exe
*QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
*TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
*McAfee Guardian="C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
*QH Reminder=C:\PROGRA~1\WINCLE~1\qhremind.exe
*Quick Heal e-mail Protection=C:\PROGRA~1\WINCLE~1\MailSvr.exe
*QH Live Update Scheduler=C:\PROGRA~1\WINCLE~1\UPSCHD.EXE /FIRSTRUN
*QH Office 2K Check=C:\PROGRA~1\WINCLE~1\O2KCHECK.EXE /CHECK
*Quick Heal On-Line Protection=C:\PROGRA~1\WINCLE~1\CATEYE.EXE
*Quick Heal Messenger=C:\PROGRA~1\WINCLE~1\QHM32.EXE
*Quick Heal Activate=C:\PROGRA~1\WINCLE~1\ACTIVATE.EXE
*Quick Heal Startup Scan=C:\PROGRA~1\WINCLE~1\QHSTRT32.exe /loadrun
*AVG7_CC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
*AVG7_EMC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
*Resume Liveup=C:\PROGRA~1\WINCLE~1\Liveup.exe /resume
*Installed=1
*NoChange=1
*Installed=1
*Installed=1
»RunOnce
*Quick Heal Startup Scan=C:\PROGRA~1\WINCLE~1\QHSTRT32.exe /check
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
*.bat
*batfile="%1" %*
*.com
*comfile="%1" %*
*.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
*.exe
*exefile="%1" %*
*.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
*.htm
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
*.html
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
*.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.pif
*piffile="%1" %*
*.scr
*scrfile="%1" /S
*.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
*.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
*.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
*Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
*Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
*Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
*Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
*Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
*NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
*Internet Explorer/{4b218e3e-bc98-4770-93d3-2731b9329278}
*StubPath=%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
*Windows Messenger 4.7/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
*Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
*Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
*Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
*Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
»Browser Helper Objects (LM)
*YBIOCtrl.CompanionBHO.4/{02478D38-C3F9-4efb-9B51-7695ECA05670}
`InprocServer32=C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
*{53707962-6F74-2D53-2644-206D7942484F}
`InprocServer32=C:\PROGRA~1\SPYBOT~1\SDHelper.dll
*Google Toolbar Helper/{AA58ED58-01DD-4d91-8333-CF10577473F7}
`InprocServer32=c:\program files\google\googletoolbar1.dll
»Internet Explorer
»Current User
*Local Page=C:\WINDOWS\system32\blank.htm
*Search Bar=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
*Search Page=http://red.clientapps.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
»Default User
»Local Machine
*Local Page=%SystemRoot%\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Dad\Start Menu\Programs\Startup\desktop.ini
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\system32\config.nt
`REM Windows MS-DOS Startup File
`REM
`REM CONFIG.SYS vs CONFIG.NT
`REM CONFIG.SYS is not used to initialize the MS-DOS environment.
`REM CONFIG.NT is used to initialize the MS-DOS environment unless a
`REM different startup file is specified in an application's PIF.
`REM
`REM ECHOCONFIG
`REM By default, no information is displayed when the MS-DOS environment
`REM is initialized. To display CONFIG.NT/AUTOEXEC.NT information, add
`REM the command echoconfig to CONFIG.NT or other startup file.
`REM
`REM NTCMDPROMPT
`REM When you return to the command prompt from a TSR or while running an
`REM MS-DOS-based application, Windows runs COMMAND.COM. This allows the
`REM TSR to remain active. To run CMD.EXE, the Windows command prompt,
`REM rather than COMMAND.COM, add the command ntcmdprompt to CONFIG.NT or
`REM other startup file.
`REM
`REM DOSONLY
`REM By default, you can start any type of application when running
`REM COMMAND.COM. If you start an application other than an MS-DOS-based
`REM application, any running TSR may be disrupted. To ensure that only
`REM MS-DOS-based applications can be started, add the command dosonly to
`REM CONFIG.NT or other startup file.
`REM
`REM EMM
`REM You can use EMM command line to configure EMM(Expanded Memory Manager).
`REM The syntax is:
`REM
`REM EMM = [A=AltRegSets] [B=BaseSegment] [RAM]
`REM
`REM AltRegSets
`REM specifies the total Alternative Mapping Register Sets you
`REM want the system to support. 1 <= AltRegSets <= 255. The
`REM default value is 8.
`REM BaseSegment
`REM specifies the starting segment address in the Dos conventional
`REM memory you want the system to allocate for EMM page frames.
`REM The value must be given in Hexdecimal.
`REM 0x1000 <= BaseSegment <= 0x4000. The value is rounded down to
`REM 16KB boundary. The default value is 0x4000
`REM RAM
`REM specifies that the system should only allocate 64Kb address
`REM space from the Upper Memory Block(UMB) area for EMM page frames
`REM and leave the rests(if available) to be used by DOS to support
`REM loadhigh and devicehigh commands. The system, by default, would
`REM allocate all possible and available UMB for page frames.
`REM
`REM The EMM size is determined by pif file(either the one associated
`REM with your application or _default.pif). If the size from PIF file
`REM is zero, EMM will be disabled and the EMM line will be ignored.
`REM
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\system32\autoexec.nt
`@echo off
`REM AUTOEXEC.BAT is not used to initialize the MS-DOS environment.
`REM AUTOEXEC.NT is used to initialize the MS-DOS environment unless a
`REM different startup file is specified in an application's PIF.
`REM Install CD ROM extensions
`lh %SystemRoot%\system32\mscdexnt.exe
`REM Install network redirector (load before dosx.exe)
`lh %SystemRoot%\system32\redir
`REM Install DPMI support
`lh %SystemRoot%\system32\dosx
`REM The following line enables Sound Blaster 2.0 support on NTVDM.
`REM The command for setting the BLASTER environment is as follows:
`REM SET BLASTER=A220 I5 D1 P330
`REM where:
`REM A specifies the sound blaster's base I/O port
`REM I specifies the interrupt request line
`REM D specifies the 8-bit DMA channel
`REM P specifies the MPU-401 base I/O port
`REM T specifies the type of sound blaster card
`REM 1 - Sound Blaster 1.5
`REM 2 - Sound Blaster Pro I
`REM 3 - Sound Blaster 2.0
`REM 4 - Sound Blaster Pro II
`REM 6 - SOund Blaster 16/AWE 32/32/64
`REM
`REM The default value is A220 I5 D1 T3 and P330. If any of the switches is
`REM left unspecified, the default value will be used. (NOTE, since all the
`REM ports are virtualized, the information provided here does not have to
`REM match the real hardware setting.) NTVDM supports Sound Blaster 2.0 only.
`REM The T switch must be set to 3, if specified.
`SET BLASTER=A220 I5 D1 P330 T3
`REM To disable the sound blaster 2.0 support on NTVDM, specify an invalid
`REM SB base I/O port address. For example:
`REM SET BLASTER=A0
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(1)partition(1)\WINDOW3G
`[operating systems]
`multi(0)disk(0)rdisk(1)partition(1)\WINDOW3G="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
»%PATH% Companion Files
*C:\WINDOWS\system32\notepad.exe
*C:\WINDOWS\notepad.exe
*C:\WINDOWS\system32\slrundll.exe
*C:\WINDOWS\slrundll.exe
*C:\WINDOWS\system32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
*C:\WINDOWS\system32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
»System/Drivers
»Running Processes
*00000000=<unkown>
*00000004=<unkown>
*00000340=\SystemRoot\System32\smss.exe
*000003A0=<unkown>
*000003B8=\??\C:\WINDOWS\system32\winlogon.exe
*000003E4=C:\WINDOWS\system32\services.exe
*000003F0=C:\WINDOWS\system32\lsass.exe
*00000490=C:\WINDOWS\System32\Ati2evxx.exe
*0000049C=C:\WINDOWS\system32\svchost.exe
*00000530=<unkown>
*000005B0=C:\WINDOWS\System32\svchost.exe
*000005DC=<unkown>
*00000618=<unkown>
*00000798=C:\WINDOWS\system32\spoolsv.exe
*00000084=C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
*000000B0=C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
*0000015C=C:\PROGRA~1\WINCLE~1\QHONSVC.EXE
*000001E8=C:\WINDOWS\system32\wuauclt.exe
*000004D0=C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
*0000067C=<unkown>
*000006C0=C:\WINDOWS\system32\Ati2evxx.exe
*00000738=C:\WINDOWS\Explorer.EXE
*00000818=C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
*00000834=C:\WINDOWS\SOUNDMAN.EXE
*0000084C=C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
*00000864=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
*0000086C=C:\Program Files\iTunes\iTunesHelper.exe
*00000878=C:\Program Files\QuickTime\qttask.exe
*0000089C=C:\Program Files\Java\j2re1.4.2_01\bin\jucheck.exe
*000008A0=C:\Program Files\Common Files\Real\Update_OB\realsched.exe
*000008B8=C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
*000008E0=C:\PROGRA~1\WINCLE~1\MailSvr.exe
*000008E8=C:\Program Files\iPod\bin\iPodService.exe
*00000948=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
*0000095C=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
*00000988=C:\WINDOWS\system32\ctfmon.exe
*00000998=C:\Program Files\Real\RealPlayer\RealPlay.exe
*000009B8=C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
*00000A0C=C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
*00000D7C=C:\WINDOWS\system32\wscntfy.exe
*00000940=A:\StartDreck\StartDreck.exe
*00000694=A:\StartDreck\StartDreck.exe
»NT Services
*Alerter Alerter - disabled
*Application Layer Gateway Service ALG running on demand
*Application Management AppMgmt - on demand
*ASP.NET State Service aspnet_state - on demand
*Ati HotKey Poller Ati HotKey Poller running auto
*ATI Smart ATI Smart - auto
*Windows Audio AudioSrv running auto
*AVG7 Alert Manager Server Avg7Alrt running auto
*AVG7 Update Service Avg7UpdSvc running auto
*Background Intelligent Transfer Service BITS running auto
*Computer Browser Browser running auto
*Indexing Service CiSvc - on demand
*ClipBook ClipSrv - disabled
*COM+ System Application COMSysApp - on demand
*Cryptographic Services CryptSvc running auto
*DCOM Server Process Launcher DcomLaunch running auto
*DHCP Client Dhcp running auto
*Logical Disk Manager Administrative Service dmadmin - on demand
*Logical Disk Manager dmserver running auto
*DNS Client Dnscache running auto
*Error Reporting Service ERSvc running auto
*Event Log Eventlog running auto
*COM+ Event System EventSystem running on demand
*Fast User Switching Compatibility FastUserSwitchingCom running on demand
*Help and Support helpsvc running auto
*Human Interface Device Access HidServ - disabled
*HTTP SSL HTTPFilter - on demand
*IMAPI CD-Burning COM Service ImapiService - on demand
*iPod Service iPodService running on demand
*Server lanmanserver running auto
*Workstation lanmanworkstation running auto
*TCP/IP NetBIOS Helper LmHosts running auto
*McAfee Firewall McAfee Firewall running auto
*Messenger Messenger - disabled
*NetMeeting Remote Desktop Sharing mnmsrvc - on demand
*Distributed Transaction Coordinator MSDTC - on demand
*Windows Installer MSIServer - on demand
*Network DDE NetDDE - disabled
*Network DDE DSDM NetDDEdsdm - disabled
*Net Logon Netlogon - on demand
*Network Connections Netman running on demand
*Network Location Awareness (NLA) Nla running on demand
*NT LM Security Support Provider NtLmSsp - on demand
*Removable Storage NtmsSvc - on demand
*Plug and Play PlugPlay running auto
*IPSEC Services PolicyAgent - auto
*Protected Storage ProtectedStorage running auto
*Quick Heal Online Protection Quick Heal Online Pr running auto
*Remote Access Auto Connection Manager RasAuto - on demand
*Remote Access Connection Manager RasMan running on demand
*Remote Desktop Help Session Manager RDSessMgr - on demand
*Routing and Remote Access RemoteAccess running auto
*Remote Registry RemoteRegistry running auto
*Remote Procedure Call (RPC) Locator RpcLocator - on demand
*Remote Procedure Call (RPC) RpcSs running auto
*QoS RSVP RSVP - on demand
*Security Accounts Manager SamSs running auto
*Smart Card SCardSvr - on demand
*Task Scheduler Schedule running auto
*Secondary Logon seclogon running auto
*System Event Notification SENS running auto
*Windows Firewall/Internet Connection Sharing (I SharedAccess running auto
`CS)
*Shell Hardware Detection ShellHWDetection running auto
*Print Spooler Spooler running auto
*System Restore Service srservice - auto
*SSDP Discovery Service SSDPSRV - disabled
*Windows Image Acquisition (WIA) stisvc - on demand
*MS Software Shadow Copy Provider SwPrv - on demand
*Performance Logs and Alerts SysmonLog - on demand
*Telephony TapiSrv running on demand
*Terminal Services TermService running on demand
*Themes Themes running auto
*Telnet TlntSvr - disabled
*Distributed Link Tracking Client TrkWks running auto
*Universal Plug and Play Device Host upnphost - disabled
*Uninterruptible Power Supply UPS - on demand
*Volume Shadow Copy VSS - on demand
*Windows Time W32Time running auto
*WebClient WebClient running auto
*Windows Management Instrumentation winmgmt running auto
*Portable Media Serial Number Service WmdmPmSN - on demand
*Windows Management Instrumentation Driver Exten Wmi - on demand
`sions
*WMI Performance Adapter WmiApSrv - on demand
*Security Center wscsvc running auto
*Automatic Updates wuauserv running auto
*Wireless Zero Configuration WZCSVC running auto
*Network Provisioning Service xmlprov - on demand
»NT Kernel- and FS-drivers
*Abiosdsk Abiosdsk - disabled
*abp480n5 abp480n5 - disabled
*Microsoft ACPI Driver ACPI running boot
*ACPIEC ACPIEC - disabled
*adpu160m adpu160m - disabled
*Microsoft Kernel Acoustic Echo Canceller aec - on demand
*AFD Networking Support Environment AFD running system
*Aha154x Aha154x - disabled
*aic78u2 aic78u2 - disabled
*aic78xx aic78xx - disabled
*Service for Avance AC97 Audio (WDM) ALCXWDM running on demand
*AliIde AliIde - disabled
*AMD K7 Processor Driver AmdK7 running system
*amsint amsint - disabled
*asc asc - disabled
*asc3350p asc3350p - disabled
*asc3550 asc3550 - disabled
*RAS Asynchronous Media Driver AsyncMac - on demand
*Standard IDE/ESDI Hard Disk Controller atapi running boot
*Atdisk Atdisk - disabled
*ati2mtag ati2mtag running on demand
*ATM ARP Client Protocol Atmarpc - on demand
*Audio Stub Driver audstub running on demand
*AVG7 Kernel Avg7Core running system
*AVG7 Wrap Driver Avg7RsW running system
*AVG7 Rezident Driver Avg7RsXP running system
*AVG Network Redirector AvgTdi running auto
*Beep Beep running system
*cbidf2k cbidf2k - disabled
*cd20xrnt cd20xrnt - disabled
*Cdaudio Cdaudio - system
*Cdfs Cdfs running disabled
*CD-ROM Driver Cdrom running system
*Changer Changer - system
*CmdIde CmdIde - disabled
*Binatone ADSL500 USB Modem Network Adapter Driv CnxTrLan - on demand
`er
*Binatone ADSL500 USB Modem Network Interface De CnxTrUsb - on demand
`vice Driver
*Cpqarray Cpqarray - disabled
*dac960nt dac960nt - disabled
*Disk Driver Disk running boot
*dmboot dmboot - disabled
*Logical Disk Manager Driver dmio running boot
*dmload dmload running boot
*Microsoft Kernel DLS Syntheiszer DMusic - on demand
*dpti2o dpti2o - disabled
*Microsoft Kernel DRM Audio Descrambler drmkaud - on demand
*Fastfat Fastfat running disabled
*Floppy Disk Controller Driver Fdc running on demand
*VIA Rhine Family Fast Ethernet Adapter Driver FETNDIS running on demand
*Fips Fips running system
*Floppy Disk Driver Flpydisk running on demand
*FltMgr FltMgr running boot
*Volume Manager Driver Ftdisk running boot
*GEAR CDRom Filter GEARAspiWDM running on demand
*GMSIPCI GMSIPCI - on demand
*Generic Packet Classifier Gpc running on demand
*hpn hpn - disabled
*HTTP HTTP - on demand
*i2omgmt i2omgmt - system
*i2omp i2omp - disabled
*i8042 Keyboard and PS/2 Mouse Port Driver i8042prt running system
*CD-Burning Filter Driver Imapi running system
*ini910u ini910u - disabled
*IntelIde IntelIde - disabled
*Intel(R) 536EP V.92 Modem Intels51 running on demand
*IPv6 Windows Firewall Driver ip6fw - on demand
*IP Traffic Filter Driver IpFilterDriver - on demand
*IP in IP Tunnel Driver IpInIp - on demand
*IP Network Address Translator IpNat running on demand
*IPSEC driver IPSec running system
*IR Enumerator Service IRENUM - on demand
*PnP ISA/EISA Bus Driver isapnp running boot
*Keyboard Class Driver Kbdclass running system
*Microsoft Kernel Wave Audio Mixer kmixer running on demand
*KSecDD KSecDD running boot
*lbrtfdc lbrtfdc - system
*McAfee Firewall Network Filter Miniport McAfeePF running on demand
*mnmdd mnmdd running system
*Modem Modem running on demand
*Unimodem Streaming Filter Device MODEMCSA running on demand
*Mouse Class Driver Mouclass running system
*Mount Point Manager MountMgr running boot
*mraid35x mraid35x - disabled
*WebDav Client Redirector MRxDAV running on demand
*MRxSmb MRxSmb running system
*Msfs Msfs running system
*Microsoft Streaming Service Proxy MSKSSRV - on demand
*Microsoft Streaming Clock Proxy MSPCLOCK - on demand
*Microsoft Streaming Quality Manager Proxy MSPQM - on demand
*Microsoft System Management BIOS Driver mssmbios running on demand
*Mup Mup running boot
*NDIS System Driver NDIS running boot
*Remote Access NDIS TAPI Driver NdisTapi running on demand
*NDIS Usermode I/O Protocol Ndisuio running on demand
*Remote Access NDIS WAN Driver NdisWan running on demand
*NDIS Proxy NDProxy running on demand
*NetBIOS Interface NetBIOS running system
*NetBios over Tcpip NetBT running system
*Npfs Npfs running system
*NTACCESS NTACCESS - on demand
*Ntfs Ntfs running disabled
*Null Null running system
*IPX Traffic Filter Driver NwlnkFlt - on demand
*IPX Traffic Forwarder Driver NwlnkFwd - on demand
*Parallel port driver Parport running on demand
*Partition Manager PartMgr running boot
*ParVdm ParVdm running auto
*PCI Bus Driver PCI running boot
*PCIDump PCIDump - system
*PCIIde PCIIde - disabled
*Pcmcia Pcmcia - disabled
*PDCOMP PDCOMP - on demand
*PDFRAME PDFRAME - on demand
*PDRELI PDRELI - on demand
*PDRFRAME PDRFRAME - on demand
*perc2 perc2 - disabled
*perc2hib perc2hib - disabled
*WAN Miniport (PPTP) PptpMiniport running on demand
*QoS Packet Scheduler PSched running on demand
*Direct Parallel Link Driver Ptilink running on demand
*QHONLINE QHONLINE running auto
*QHScreen QHScreen running boot
*ql1080 ql1080 - disabled
*Ql10wnt Ql10wnt - disabled
*ql12160 ql12160 - disabled
*ql1240 ql1240 - disabled
*ql1280 ql1280 - disabled
*Remote Access Auto Connection Driver RasAcd running system
*WAN Miniport (L2TP) Rasl2tp running on demand
*Remote Access PPPOE Driver RasPppoe running on demand
*Direct Parallel Raspti running on demand
*Rdbss Rdbss running system
*RDPCDD RDPCDD running system
*Terminal Server Device Redirector Driver rdpdr running on demand
*RDPWD RDPWD - on demand
*Digital CD Audio Playback Filter Driver redbook running system
*SANDRA SANDRA - on demand
*Secdrv Secdrv running auto
*Serenum Filter Driver serenum running on demand
*Serial port driver Serial running system
*SetupNTGLM7X SetupNTGLM7X - on demand
*Sfloppy Sfloppy - system
*Simbad Simbad - disabled
*Sparrow Sparrow - disabled
*Microsoft Kernel Audio Splitter splitter - on demand
*System Restore Filter Driver sr - disabled
*Srv Srv running on demand
*Software Bus Driver swenum running on demand
*Microsoft Kernel GS Wavetable Synthesizer swmidi - on demand
*symc810 symc810 - disabled
*symc8xx symc8xx - disabled
*sym_hi sym_hi - disabled
*sym_u3 sym_u3 - disabled
*Microsoft Kernel System Audio Device sysaudio running on demand
*TCP/IP Protocol Driver Tcpip running system
*TDPIPE TDPIPE - on demand
*TDTCP TDTCP - on demand
*Terminal Device Driver TermDD running system
*TosIde TosIde - disabled
*Udfs Udfs - disabled
*ultra ultra - disabled
*Microcode Update Driver Update running on demand
*Microsoft USB 2.0 Enhanced Host Controller Mini usbehci running on demand
`port Driver
*USB2 Enabled Hub usbhub running on demand
*Microsoft USB PRINTER Class usbprint running on demand
*Microsoft USB Universal Host Controller Minipor usbuhci running on demand
`t Driver
*VGA Display Controller. VgaSave running system
*VIA AGP Filter viaagp1 running boot
*ViaIde ViaIde running boot
*VolSnap VolSnap running boot
*Remote Access IP ARP Driver Wanarp running on demand
*WDICA WDICA - on demand
*Microsoft WINMM WDM Audio Compatibility Driver wdmaud running on demand
*Windows Socket 2.0 Non-IFS Service Provider Sup WS2IFSL running system
`port Environment
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
petercj is offline