D
DW
I apologize for the long post--a litany of misery--and also if I have posted
this in the wrong place.
I'm having a heck of a time. I have a fairly new computer (less than a year
old) and I have recently caught several viruses--the I-worm/stration.AEJ and
several Trojanhorse Backdoor.Generic 3sw1.
I first noticed problems with programs freezing and/or not being able to be
opened. When I realized I had virusesI ran AVG and supposedly these were
healed. I encountered these in several places on my computer...through
several sweeps. Then System Restore would no longer work.
I posted to this forum and on the newsgroups and following advice I turned
off system restore, downloaded and installed a new version of AVG (7.5
Ewido?), a trial version of Panda AV, Windows Defender, A-Squared, as well
as my old stand-bys of SpyBot and Ad-Aware. I installed the Windows Firewall
although my dsl modem (through Q-West) is supposed to have a very robust
hardware firewall.
I ran these programs over and over again doing deep scans and medium scans.
According to all of them my system is clean.
But things are not back to normal or stable. Occasionally my dsl modem
appears to be downloading or uploading when I am not on the net. Programs
either fail to respond when I try to open them from icons on the desktop or
in the taskbar "notification area" and when opened, sometimes
freeze...randomly. I have Windows Security Updates turned on but Security
Center says I do not...in system properties Automatic update is turned on
(it was supposed to update last night, I don't think it did) and links to
the Microsoft Update page do not work.
While typing this I tried to access AVG and the icon on the desktop did not
work, computer stopped responding...wouldn't even shut down properly.
Rebooting, it now works. Last night after several hours of inactivity I came
back to find that the resident shield on AVG was turned off (I am as certain
as I can be I had turned it on) and a message from my Panda AV stating that
the Communications Library needed to be enabled (I am certain I enabled all
features). The i immediately got a very breif error message advising that
MSUI (?) was being shut down.
I need to know if I can repair Windows and/or fully recover from this
(without reformatting) and how to go about it.
I DL'd HiJackThis and am including a scan log:
Logfile of HijackThis v1.99.1
Scan saved at 5:13:32 AM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
E:\Acrobat\Distillr\Acrotray.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Stardock\Object Desktop\cursorxp\CursorXP.exe
C:\WINDOWS\cliptray.exe
C:\WINDOWS\Deskmenu.exe
C:\Program Files\KeirNet\K9\K9.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\system32\wscntfy.exe
D:\extract\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.monarchcomputer.com/search/main.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.monarchcomputer.com/search/main.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.monarchcomputer.com/search/main.php
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
E:\acroread\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} -
E:\Acrobat\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
E:\Acrobat\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON PictureMate]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE /P17 "EPSON
PictureMate" /O6 "USB001" /M "PictureMate"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "E:\Acrobat\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program
Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda
Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\Stardock\Object
Desktop\cursorxp\CursorXP.exe
O4 - Startup: cliptray.lnk = C:\WINDOWS\cliptray.exe
O4 - Startup: Deskmenu.lnk = C:\WINDOWS\Deskmenu.exe
O4 - Startup: Launch K9.lnk = C:\Program Files\KeirNet\K9\K9.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
E:\acroread\Reader\reader_sl.exe
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: Monarch - {EF754947-2070-4C37-8985-5A0DFAB65053} -
http://www.monarchcomputer.com (file missing) (HKCU)
O14 - IERESET.INF:
START_PAGE_URL=http://www.monarchcomputer.com/search/main.php
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162817903265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
http://ax.emsisoft.com/asquared.cab
O20 - AppInit_DLLs: wbsys.dll e1.dll winmfaul.dll diagdss.dll statdss.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: dssconf - C:\WINDOWS\SYSTEM32\cfgdss.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: uxthwmer - C:\WINDOWS\
O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object
Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} -
C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software
International - C:\Program Files\Panda Software\Panda Antivirus
2007\pavsrv51.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program
Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program
Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software -
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
this in the wrong place.
I'm having a heck of a time. I have a fairly new computer (less than a year
old) and I have recently caught several viruses--the I-worm/stration.AEJ and
several Trojanhorse Backdoor.Generic 3sw1.
I first noticed problems with programs freezing and/or not being able to be
opened. When I realized I had virusesI ran AVG and supposedly these were
healed. I encountered these in several places on my computer...through
several sweeps. Then System Restore would no longer work.
I posted to this forum and on the newsgroups and following advice I turned
off system restore, downloaded and installed a new version of AVG (7.5
Ewido?), a trial version of Panda AV, Windows Defender, A-Squared, as well
as my old stand-bys of SpyBot and Ad-Aware. I installed the Windows Firewall
although my dsl modem (through Q-West) is supposed to have a very robust
hardware firewall.
I ran these programs over and over again doing deep scans and medium scans.
According to all of them my system is clean.
But things are not back to normal or stable. Occasionally my dsl modem
appears to be downloading or uploading when I am not on the net. Programs
either fail to respond when I try to open them from icons on the desktop or
in the taskbar "notification area" and when opened, sometimes
freeze...randomly. I have Windows Security Updates turned on but Security
Center says I do not...in system properties Automatic update is turned on
(it was supposed to update last night, I don't think it did) and links to
the Microsoft Update page do not work.
While typing this I tried to access AVG and the icon on the desktop did not
work, computer stopped responding...wouldn't even shut down properly.
Rebooting, it now works. Last night after several hours of inactivity I came
back to find that the resident shield on AVG was turned off (I am as certain
as I can be I had turned it on) and a message from my Panda AV stating that
the Communications Library needed to be enabled (I am certain I enabled all
features). The i immediately got a very breif error message advising that
MSUI (?) was being shut down.
I need to know if I can repair Windows and/or fully recover from this
(without reformatting) and how to go about it.
I DL'd HiJackThis and am including a scan log:
Logfile of HijackThis v1.99.1
Scan saved at 5:13:32 AM, on 11/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
E:\Acrobat\Distillr\Acrotray.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Stardock\Object Desktop\cursorxp\CursorXP.exe
C:\WINDOWS\cliptray.exe
C:\WINDOWS\Deskmenu.exe
C:\Program Files\KeirNet\K9\K9.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\WINDOWS\system32\wscntfy.exe
D:\extract\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.monarchcomputer.com/search/main.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.monarchcomputer.com/search/main.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.monarchcomputer.com/search/main.php
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
E:\acroread\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper -
{AE7CD045-E861-484f-8273-0445EE161910} -
E:\Acrobat\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
E:\Acrobat\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON PictureMate]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE /P17 "EPSON
PictureMate" /O6 "USB001" /M "PictureMate"
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "E:\Acrobat\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program
Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows
Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG
Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda
Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\Stardock\Object
Desktop\cursorxp\CursorXP.exe
O4 - Startup: cliptray.lnk = C:\WINDOWS\cliptray.exe
O4 - Startup: Deskmenu.lnk = C:\WINDOWS\Deskmenu.exe
O4 - Startup: Launch K9.lnk = C:\Program Files\KeirNet\K9\K9.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
E:\acroread\Reader\reader_sl.exe
O8 - Extra context menu item: Convert link target to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF -
res://E:\Acrobat\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra button: Monarch - {EF754947-2070-4C37-8985-5A0DFAB65053} -
http://www.monarchcomputer.com (file missing) (HKCU)
O14 - IERESET.INF:
START_PAGE_URL=http://www.monarchcomputer.com/search/main.php
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162817903265
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) -
http://ax.emsisoft.com/asquared.cab
O20 - AppInit_DLLs: wbsys.dll e1.dll winmfaul.dll diagdss.dll statdss.dll
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: dssconf - C:\WINDOWS\SYSTEM32\cfgdss.dll
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: uxthwmer - C:\WINDOWS\
O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object
Desktop\WindowBlinds\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} -
C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero
BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software
International - C:\Program Files\Panda Software\Panda Antivirus
2007\pavsrv51.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program
Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program
Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software -
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe