Another PC, Another headache
Hello. Our PC runs too slowly. I believe password viewer is a virus but there are others. Please help me resolve the problem. Thanks.
***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:07, on 2007-8-19
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\HandWriter\penmin.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
D:\Program Files\Funshion Online\Funshion\Funshion.exe
D:\WINDOWS\system32\Rundll32.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe
D:\Program Files\åŽå¤§æ™ºå®å»ºè¡Œç½‘银盾\USBKeyTools.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE
D:\Program Files\Tencent\QQ\Bin\QQ.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFGP.EXE
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\Java\jre6\bin\jucheck.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTCAP.EXE
D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
D:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Windows NT\Accessories\WORDPAD.EXE
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTEBS.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,password_viewer.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QQ工具æ - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - D:\Program Files\Tencent\QQToolbar\IEBar.dll
O2 - BHO: ThunderAtOnce Class - {D13424D4-2159-46EC-A46D-17BD39FDC3ED} - D:\Program Files\Internet Explorer\Connection Wizard\TDAtOnce_Now.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: QQ工具æ - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - D:\Program Files\Tencent\QQToolbar\IEBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Yahoo! 工具列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [penmin] D:\Program Files\HandWriter\penmin.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series" /O6 "USB001" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB002" /M "Stylus C87"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P32 "EPSON Stylus C87 Series (Copy 1)" /O6 "USB011" /M "Stylus C87"
O4 - HKLM\..\Run: [Funshion] D:\Program Files\Funshion Online\Funshion\Funshion.exe /tray
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 8)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 8)" /O6 "USB038" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB010" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 5)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 5)" /O6 "USB034" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX630 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HP.EXE /P31 "EPSON Stylus Photo RX630 Series" /O6 "USB011" /M "Stylus Photo RX630"
O4 - HKLM\..\Run: [EPSON Stylus C67 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P32 "EPSON Stylus C67 Series (Copy 1)" /O6 "USB032" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 9)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 9)" /O6 "USB040" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P26 "EPSON Stylus CX3500 Series" /O6 "USB019" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB022" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 6)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 6)" /O6 "USB035" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P32 "EPSON Stylus C45 Series (Copy 2)" /O6 "USB020" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB023" /M "Stylus CX6600"
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB012" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2S1.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [EPSON Stylus C66 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2S1.EXE /P32 "EPSON Stylus C66 Series (Copy 1)" /O6 "USB020" /M "Stylus C66"
O4 - HKLM\..\Run: [stup.exe] Rundll32.exe D:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R
O4 - HKLM\..\Run: [BigDogPath] D:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [YSearchProtection] "D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P35 "EPSON Stylus CX3500 Series (Copy 1)" /O6 "USB026" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 10)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P40 "EPSON Stylus Photo R230 Series (Copy 10)" /O6 "USB041" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB025" /M "Stylus C64"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 3)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 3)" /O6 "USB031" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 2)" /O6 "USB033" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C43 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 4)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 4)" /O6 "USB035" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [Comyct20] "D:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe"
O4 - HKLM\..\Run: [USBKeyTools.exe] D:\Program Files\åŽå¤§æ™ºå®å»ºè¡Œç½‘银盾\USBKeyTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 1)" /O6 "USB026" /M "Stylus Photo R230"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus T10 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S64.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON Stylus CX7400 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE /FU "D:\WINDOWS\TEMP\E_S9C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus C92 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZL.EXE /FU "D:\WINDOWS\TEMP\E_S3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus C92 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZL.EXE /FU "D:\WINDOWS\TEMP\E_S62.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX7300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDP.EXE /FU "D:\WINDOWS\TEMP\E_S1FB.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON TX100 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDP.EXE /FU "D:\WINDOWS\TEMP\E_S52.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Photo R290 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKP.EXE /FU "D:\WINDOWS\TEMP\E_SF4.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus TX200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFP.EXE /FU "D:\WINDOWS\TEMP\E_S4A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON TX300F Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE /FU "D:\WINDOWS\TEMP\E_S135.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [QQ2009] "D:\Program Files\Tencent\QQ\Bin\QQ.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [EPSON Stylus CX4100 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE /FU "D:\WINDOWS\TEMP\E_SE6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON TX110 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBP.EXE /FU "D:\WINDOWS\TEMP\E_S5F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON T60 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFGP.EXE /FU "D:\WINDOWS\TEMP\E_SB2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX5500 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE /FU "D:\WINDOWS\TEMP\E_SB8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Office T30 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEEP.EXE /FU "D:\WINDOWS\TEMP\E_S70.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S107.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX5500 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE /FU "D:\WINDOWS\TEMP\E_SE9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S12B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 3)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S167.tmp" /EF "HKCU"
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Adobe Media Player.lnk = ?
O4 - Startup: OpenOffice.org 3.1.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = D:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Register Mask Pro 3.0.lnk = ?
O4 - Global Startup: å¯åŠ¨æ¸…åŽç´«å…‰ä¸æ–‡æ‰‹å†™è¯†åˆ«ç³»ç»Ÿ.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: æ·»åŠ åˆ°QQ表情 - D:\Program Files\Tencent\QQ\Bin\AddEmotion.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [TBH] SOSO AddressBar Search
O15 - Trusted Zone: http://easyabc.95599.cn
O15 - Trusted Zone: http://www.95599.cn
O15 - Trusted Zone: http://www.abchina.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {62B938C4-4190-4F37-8CF0-A92B0A91CC77} (InfoSecNetSign Class) - http://www.95599.cn/update/down/NetSign.cab
O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} (DvrOcx Control) - http://111.68.34.113/DvrOcx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: c20ukdrwsvc - Unknown owner - D:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDZB Comm Service For V2.0 (HZ_CommSrv) - åŽå¤§æ™ºå®ç”µå系统有é™å…¬å¸ - D:\WINDOWS\system32\HZ_CommSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Tencent Software Update Service (TSUSVC) - Tencent - D:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 17375 bytes
***
This PC is used for multiple printers. Thanks.
***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:07, on 2007-8-19
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\HandWriter\penmin.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
D:\Program Files\Funshion Online\Funshion\Funshion.exe
D:\WINDOWS\system32\Rundll32.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe
D:\Program Files\åŽå¤§æ™ºå®å»ºè¡Œç½‘银盾\USBKeyTools.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE
D:\Program Files\Tencent\QQ\Bin\QQ.exe
D:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFGP.EXE
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\Program Files\Java\jre6\bin\jucheck.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTCAP.EXE
D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
D:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
D:\WINDOWS\system32\taskmgr.exe
D:\WINDOWS\explorer.exe
D:\Program Files\Windows NT\Accessories\WORDPAD.EXE
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FAMTEBS.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F2 - REG:system.ini: UserInit=userinit.exe,password_viewer.exe
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QQ工具æ - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - D:\Program Files\Tencent\QQToolbar\IEBar.dll
O2 - BHO: ThunderAtOnce Class - {D13424D4-2159-46EC-A46D-17BD39FDC3ED} - D:\Program Files\Internet Explorer\Connection Wizard\TDAtOnce_Now.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - D:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: QQ工具æ - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - D:\Program Files\Tencent\QQToolbar\IEBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O3 - Toolbar: Yahoo! 工具列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [penmin] D:\Program Files\HandWriter\penmin.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series" /O6 "USB001" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB002" /M "Stylus C87"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P32 "EPSON Stylus C87 Series (Copy 1)" /O6 "USB011" /M "Stylus C87"
O4 - HKLM\..\Run: [Funshion] D:\Program Files\Funshion Online\Funshion\Funshion.exe /tray
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 8)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 8)" /O6 "USB038" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB010" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 5)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 5)" /O6 "USB034" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX630 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9HP.EXE /P31 "EPSON Stylus Photo RX630 Series" /O6 "USB011" /M "Stylus Photo RX630"
O4 - HKLM\..\Run: [EPSON Stylus C67 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P32 "EPSON Stylus C67 Series (Copy 1)" /O6 "USB032" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 9)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 9)" /O6 "USB040" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P26 "EPSON Stylus CX3500 Series" /O6 "USB019" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB022" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 6)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 6)" /O6 "USB035" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P32 "EPSON Stylus C45 Series (Copy 2)" /O6 "USB020" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB023" /M "Stylus CX6600"
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB012" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON Stylus C66 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2S1.EXE /P23 "EPSON Stylus C66 Series" /O5 "LPT1:" /M "Stylus C66"
O4 - HKLM\..\Run: [EPSON Stylus C66 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2S1.EXE /P32 "EPSON Stylus C66 Series (Copy 1)" /O6 "USB020" /M "Stylus C66"
O4 - HKLM\..\Run: [stup.exe] Rundll32.exe D:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R
O4 - HKLM\..\Run: [BigDogPath] D:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera
O4 - HKLM\..\Run: [YSearchProtection] "D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P35 "EPSON Stylus CX3500 Series (Copy 1)" /O6 "USB026" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 10)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P40 "EPSON Stylus Photo R230 Series (Copy 10)" /O6 "USB041" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB025" /M "Stylus C64"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 3)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 3)" /O6 "USB031" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 2)" /O6 "USB033" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C43 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43"
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 4)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 4)" /O6 "USB035" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [Comyct20] "D:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe"
O4 - HKLM\..\Run: [USBKeyTools.exe] D:\Program Files\åŽå¤§æ™ºå®å»ºè¡Œç½‘银盾\USBKeyTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 1)" /O6 "USB026" /M "Stylus Photo R230"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON Stylus T10 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S64.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON Stylus CX7400 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDA.EXE /FU "D:\WINDOWS\TEMP\E_S9C.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus C92 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZL.EXE /FU "D:\WINDOWS\TEMP\E_S3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus C92 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZL.EXE /FU "D:\WINDOWS\TEMP\E_S62.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX7300 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDP.EXE /FU "D:\WINDOWS\TEMP\E_S1FB.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON TX100 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDP.EXE /FU "D:\WINDOWS\TEMP\E_S52.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Photo R290 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICKP.EXE /FU "D:\WINDOWS\TEMP\E_SF4.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus TX200 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFP.EXE /FU "D:\WINDOWS\TEMP\E_S4A.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON TX300F Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEJP.EXE /FU "D:\WINDOWS\TEMP\E_S135.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [QQ2009] "D:\Program Files\Tencent\QQ\Bin\QQ.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "D:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Search Protection] D:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [EPSON Stylus CX4100 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE /FU "D:\WINDOWS\TEMP\E_SE6.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON TX110 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBP.EXE /FU "D:\WINDOWS\TEMP\E_S5F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON T60 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFGP.EXE /FU "D:\WINDOWS\TEMP\E_SB2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX5500 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE /FU "D:\WINDOWS\TEMP\E_SB8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus Office T30 Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEEP.EXE /FU "D:\WINDOWS\TEMP\E_S70.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S107.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus CX5500 Series (Copy 1)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAP.EXE /FU "D:\WINDOWS\TEMP\E_SE9.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 2)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S12B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON Stylus T10 Series (Copy 3)] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEBS.EXE /FU "D:\WINDOWS\TEMP\E_S167.tmp" /EF "HKCU"
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Adobe Media Player.lnk = ?
O4 - Startup: OpenOffice.org 3.1.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = D:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Register Mask Pro 3.0.lnk = ?
O4 - Global Startup: å¯åŠ¨æ¸…åŽç´«å…‰ä¸æ–‡æ‰‹å†™è¯†åˆ«ç³»ç»Ÿ.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: æ·»åŠ åˆ°QQ表情 - D:\Program Files\Tencent\QQ\Bin\AddEmotion.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [TBH] SOSO AddressBar Search
O15 - Trusted Zone: http://easyabc.95599.cn
O15 - Trusted Zone: http://www.95599.cn
O15 - Trusted Zone: http://www.abchina.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {62B938C4-4190-4F37-8CF0-A92B0A91CC77} (InfoSecNetSign Class) - http://www.95599.cn/update/down/NetSign.cab
O16 - DPF: {9B479D7B-916A-45B0-B042-D42865A60E21} (DvrOcx Control) - http://111.68.34.113/DvrOcx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: c20ukdrwsvc - Unknown owner - D:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - D:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDZB Comm Service For V2.0 (HZ_CommSrv) - åŽå¤§æ™ºå®ç”µå系统有é™å…¬å¸ - D:\WINDOWS\system32\HZ_CommSrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Tencent Software Update Service (TSUSVC) - Tencent - D:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 17375 bytes
***
This PC is used for multiple printers. Thanks.
0