Email is not working
Hello,
Please take a look at my system. I've just installed Kaspersky and a lot of problems began to surface. I feel that there is a virus that has yet to be removed. Here's the log:
Logfile of Trend Micro
HijackThis v2.0.2
Scan saved at 10:12:46, on
2008-3-26
Platform: Windows XP SP3
(WinNT 5.01.2600)
MSIE: Internet Explorer v8.00
(8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32
\winlogon.exe
D:\WINDOWS\system32
\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32
\Ati2evxx.exe
D:\WINDOWS\system32
\svchost.exe
D:\WINDOWS\System32
\svchost.exe
D:\WINDOWS\system32
\Ati2evxx.exe
D:\WINDOWS\system32
\spoolsv.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe
D:\Program
Files\Bonjour\mDNSResponder.e
xe
D:\Program Files\95599
Certificate
Tools\Watertek\c20ukdrwsvr.ex
e
D:\Program Files\Common
Files\EPSON\EBAPI\SAgent2.exe
D:\WINDOWS\system32
\HZ_CommSrv.exe
D:\Program Files\Java\jre6
\bin\jqs.exe
D:\WINDOWS\system32
\svchost.exe
D:\Program Files\Yahoo!
\SoftwareUpdate\YahooAUServic
e.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAHP.EXE
D:\WINDOWS\system32
\Rundll32.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe
D:\WINDOWS\VM_STI.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9AP.EXE
D:\WINDOWS\system32
\ctfmon.exe
D:\Documents and
Settings\Owner\Local
Settings\Application
Data\Google\Update\1.2.183.29
\GoogleCrashHandler.exe
D:\Program Files\Mozilla
Firefox\firefox.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtblfs.exe
D:\Program
Files\kondge_netphone_sipsms\
KONDGE_NetphoneSMS.exe
D:\Program Files\Trend
Micro\HijackThis\HijackThis.e
xe
F2 - REG:system.ini:
UserInit=userinit.exe,passwor
d_viewer.exe
O2 - BHO: &Yahoo! Toolbar
Helper - {02478D38-C3F9-4efb
-9B51-7695ECA05670} -
D:\Program Files\Yahoo!
\Companion\Installs\cpn3
\yt.dll
O2 - BHO: Adobe PDF Reader
Link Helper - {06849E9F-C8D7
-4D59-B87D-784B7D6BE0B3} -
D:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\A
croIEHelper.dll
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-
FA578C2EBDC3} - D:\Program
Files\Common
Files\Adobe\Acrobat\ActiveX\A
croIEHelperShim.dll
O2 - BHO: QQ工具æ -
{29CF293A-1E7D-4069-9E11-
E39698D0AF95} - D:\Program
Files\Tencent\QQToolbar\IEBar
.dll
O2 - BHO: IEVkbdBHO -
{59273AB4-E7D3-40F9-A1A8-
6FA9CCA1862C} - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\ievkbd.dll
O2 - BHO: ThunderAtOnce Class
- {D13424D4-2159-46EC-A46D-
17BD39FDC3ED} - D:\Program
Files\Internet
Explorer\Connection
Wizard\TDAtOnce_Now.dll
O2 - BHO: Java(tm) Plug-In 2
SSV Helper - {DBC80044-A445-
435b-BC74-9C25C1C588A9} -
D:\Program Files\Java\jre6
\bin\jp2ssv.dll
O2 - BHO: link filter bho -
{E33CF602-D945-461A-83F0-
819F76A199F8} - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\klwtbbho.dll
O2 - BHO:
JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-
EABFE594F69C} - D:\Program
Files\Java\jre6
\lib\deploy\jqs\ie\jqs_plugin
.dll
O2 - BHO: EpsonToolBandKicker
Class - {E99421FB-68DD-40F0-
B4AC-B7027CAE2F1A} -
D:\Program Files\EPSON\EPSON
Web-To-Page\EPSON Web-To-
Page.dll
O2 - BHO: SingleInstance
Class - {FDAD4DA1-61A2-4FD8-
9C17-86F7AC245081} -
D:\Program Files\Yahoo!
\Companion\Installs\cpn3
\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-
Page - {EE5D279F-081B-4404-
994D-C6B60AAEBA6D} -
D:\Program Files\EPSON\EPSON
Web-To-Page\EPSON Web-To-
Page.dll
O3 - Toolbar: QQ工具æ -
{29CF293A-1E7D-4069-9E11-
E39698D0AF95} - D:\Program
Files\Tencent\QQToolbar\IEBar
.dll
O3 - Toolbar: Google Toolbar
- {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - D:\Program
Files\Google\Google
Toolbar\GoogleToolbar_32.dll
(file missing)
O3 - Toolbar: Yahoo! Toolbar
- {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - D:\Program
Files\Yahoo!
\Companion\Installs\cpn3
\yt.dll
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P30 "EPSON
Stylus Photo R230 Series" /O6
"USB001" /M "Stylus Photo
R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 5)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 5)" /O6 "USB050" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo RX630 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9HP.EXE /P31 "EPSON
Stylus Photo RX630 Series"
/O6 "USB011" /M "Stylus Photo
RX630"
O4 - HKLM\..\Run: [EPSON
Stylus CX3500 Series (Copy
1)] D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9BP.EXE /P35 "EPSON
Stylus CX3500 Series (Copy
1)" /O6 "USB034" /M "Stylus
CX3500"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 10)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P40 "EPSON
Stylus Photo R230 Series
(Copy 10)" /O6 "USB053" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R300 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_S4I2F1.EXE /P39 "EPSON
Stylus Photo R300 Series
(Copy 1)" /O5 "LPT1:" /M
"Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON
Stylus Photo RX630 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9HP.EXE /P40 "EPSON
Stylus Photo RX630 Series
(Copy 1)" /O6 "USB034" /M
"Stylus Photo RX630"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R250 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAHP.EXE /P30 "EPSON
Stylus Photo R250 Series" /O6
"USB033" /M "Stylus Photo
R250"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 11)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P40 "EPSON
Stylus Photo R230 Series
(Copy 11)" /O6 "USB054" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 2)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 2)" /O6 "USB044" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 1)" /O6 "USB032" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 4)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 4)" /O6 "USB049" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [DirLocker]
D:\Documents and Settings\All
Users\application
data\Zilch.InfiniSoft\dirlock
.exe
O4 - HKLM\..\Run: [LSAShell]
D:\WINDOWS\lsass.exe
O4 - HKLM\..\Run: [stup.exe]
Rundll32.exe D:\PROGRA~1
\TENCENT\SSPlus\SPlus.dll,Run
dll32 R
O4 - HKLM\..\Run: [AVP]
"D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe"
O4 - HKLM\..\Run: [SSC
Service Utility] D:\Program
Files\SSC Service
Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 7)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 7)" /O6 "USB046" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [NewRecog]
D:\Program
Files\HandWrite\MyNewRecog.ex
e
O4 - HKLM\..\Run:
[BigDogPath]
D:\WINDOWS\VM_STI.EXE ZSMC
USB PC Camera
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 6)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 6)" /O6 "USB045" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus CX4500 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9AP.EXE /P26 "EPSON
Stylus CX4500 Series" /O6
"USB040" /M "Stylus CX4500"
O4 - HKLM\..\Run: [EPSON
Stylus C87 Series (Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIABP.EXE /P32 "EPSON
Stylus C87 Series (Copy 1)"
/O6 "USB043" /M "Stylus C87"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 3)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 3)" /O6 "USB045" /M
"Stylus Photo R230"
O4 - HKCU\..\Run: [WinSys]
D:\WINDOWS\system.exe
O4 - HKCU\..\Run:
[ctfmon.exe]
D:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [Google
Update] "D:\Documents and
Settings\Owner\Local
Settings\Application
Data\Google\Update\GoogleUpda
te.exe" /c
O4 - HKCU\..\Run: [EPSON
Stylus Photo 1390 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIBXP.EXE /FU
"D:\WINDOWS\TEMP\E_S119.tmp"
/EF "HKCU"
O8 - Extra context menu item:
E&xport to Microsoft Excel -
res://D:\PROGRA~1\MICROS~2
\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item:
æ·»åŠ åˆ°QQ表情 - D:\Program
Files\Tencent\QQ\Bin\AddEmoti
on.htm
O9 - Extra button: &Virtual
keyboard - {4248FE82-7FCB-
46AC-B270-339F08212110} -
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtbbho.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-
3C9C571A8263} - D:\PROGRA~1
\MICROS~2\OFFICE11
\REFIEBAR.DLL
O9 - Extra button: URLs
c&heck - {CCF151D8-D089-449F
-A5A4-D9909053F20F} -
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtbbho.dll
O9 - Extra button: (no name)
- {e2e2dd38-d088-4134-82b7-
f2ba38496583} -
D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-
f2ba38496583} -
D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger
- {FB5F1910-F110-11d2-BB9E-
00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:
Windows Messenger -
{FB5F1910-F110-11d2-BB9E-
00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [TBH]
SOSO AddressBar Search
O15 - Trusted Zone:
http://easyabc.95599.cn
O15 - Trusted Zone:
http://www.95599.cn
O15 - Trusted Zone:
http://www.abchina.com
O15 - ESC Trusted Zone:
http://*.update.microsoft.com
O16 - DPF: {62B938C4-4190-
4F37-8CF0-A92B0A91CC77}
(InfoSecNetSign Class) -
http://www.95599.cn/update/do
wn/NetSign.cab
O16 - DPF: {9B479D7B-916A-
45B0-B042-D42865A60E21}
(DvrOcx Control) -
http://111.68.34.113/DvrOcx.c
ab
O16 - DPF: {D27CDB6E-AE6D-
11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.macromedia
.com/get/shockwave/cabs/flash
/swflash.cab
O20 - AppInit_DLLs:
D:\PROGRA~1\KASPER~1
\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe LM
Service - Adobe Systems -
D:\Program Files\Common
Files\Adobe Systems
Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey
Poller - ATI Technologies
Inc. - D:\WINDOWS\system32
\Ati2evxx.exe
O23 - Service: ATI Smart -
Unknown owner -
D:\WINDOWS\system32
\ati2sgag.exe
O23 - Service: Kaspersky
Anti-Virus (AVP) - Kaspersky
Lab - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\avp.exe
O23 - Service:
##Id_String1.6844F930_1628_42
23_B5CC_5BB94B879762##
(Bonjour Service) - Apple
Computer, Inc. - D:\Program
Files\Bonjour\mDNSResponder.e
xe
O23 - Service: c20ukdrwsvc -
Unknown owner - D:\Program
Files\95599 Certificate
Tools\Watertek\c20ukdrwsvr.ex
e
O23 - Service: EPSON Printer
Status Agent2
(EPSONStatusAgent2) - SEIKO
EPSON CORPORATION -
D:\Program Files\Common
Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet
Licensing Service -
Macrovision Europe Ltd. -
D:\Program Files\Common
Files\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService
.exe
O23 - Service: Google
Software Updater (gusvc) -
Google - D:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.
exe
O23 - Service: HDZB Comm
Service For V2.0 (HZ_CommSrv)
- åŽå¤§æ™ºå®ç”µå系统有é™å…¬å¸ -
D:\WINDOWS\system32
\HZ_CommSrv.exe
O23 - Service: Java Quick
Starter
(JavaQuickStarterService) -
Sun Microsystems, Inc. -
D:\Program Files\Java\jre6
\bin\jqs.exe
O23 - Service: Tencent
Software Update Service
(TSUSVC) - Tencent -
D:\Program
Files\Tencent\QQSoftMgr\Tence
ntUpdateSvc.exe
O23 - Service: Yahoo! Updater
(YahooAUService) - Yahoo!
Inc. - D:\Program
Files\Yahoo!
\SoftwareUpdate\YahooAUServic
e.exe
--
End of file - 11419 bytes
***
Thank you.
Please take a look at my system. I've just installed Kaspersky and a lot of problems began to surface. I feel that there is a virus that has yet to be removed. Here's the log:
Logfile of Trend Micro
HijackThis v2.0.2
Scan saved at 10:12:46, on
2008-3-26
Platform: Windows XP SP3
(WinNT 5.01.2600)
MSIE: Internet Explorer v8.00
(8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32
\winlogon.exe
D:\WINDOWS\system32
\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32
\Ati2evxx.exe
D:\WINDOWS\system32
\svchost.exe
D:\WINDOWS\System32
\svchost.exe
D:\WINDOWS\system32
\Ati2evxx.exe
D:\WINDOWS\system32
\spoolsv.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe
D:\Program
Files\Bonjour\mDNSResponder.e
xe
D:\Program Files\95599
Certificate
Tools\Watertek\c20ukdrwsvr.ex
e
D:\Program Files\Common
Files\EPSON\EBAPI\SAgent2.exe
D:\WINDOWS\system32
\HZ_CommSrv.exe
D:\Program Files\Java\jre6
\bin\jqs.exe
D:\WINDOWS\system32
\svchost.exe
D:\Program Files\Yahoo!
\SoftwareUpdate\YahooAUServic
e.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAHP.EXE
D:\WINDOWS\system32
\Rundll32.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe
D:\WINDOWS\VM_STI.EXE
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9AP.EXE
D:\WINDOWS\system32
\ctfmon.exe
D:\Documents and
Settings\Owner\Local
Settings\Application
Data\Google\Update\1.2.183.29
\GoogleCrashHandler.exe
D:\Program Files\Mozilla
Firefox\firefox.exe
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtblfs.exe
D:\Program
Files\kondge_netphone_sipsms\
KONDGE_NetphoneSMS.exe
D:\Program Files\Trend
Micro\HijackThis\HijackThis.e
xe
F2 - REG:system.ini:
UserInit=userinit.exe,passwor
d_viewer.exe
O2 - BHO: &Yahoo! Toolbar
Helper - {02478D38-C3F9-4efb
-9B51-7695ECA05670} -
D:\Program Files\Yahoo!
\Companion\Installs\cpn3
\yt.dll
O2 - BHO: Adobe PDF Reader
Link Helper - {06849E9F-C8D7
-4D59-B87D-784B7D6BE0B3} -
D:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\A
croIEHelper.dll
O2 - BHO: AcroIEHelperStub -
{18DF081C-E8AD-4283-A596-
FA578C2EBDC3} - D:\Program
Files\Common
Files\Adobe\Acrobat\ActiveX\A
croIEHelperShim.dll
O2 - BHO: QQ工具æ -
{29CF293A-1E7D-4069-9E11-
E39698D0AF95} - D:\Program
Files\Tencent\QQToolbar\IEBar
.dll
O2 - BHO: IEVkbdBHO -
{59273AB4-E7D3-40F9-A1A8-
6FA9CCA1862C} - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\ievkbd.dll
O2 - BHO: ThunderAtOnce Class
- {D13424D4-2159-46EC-A46D-
17BD39FDC3ED} - D:\Program
Files\Internet
Explorer\Connection
Wizard\TDAtOnce_Now.dll
O2 - BHO: Java(tm) Plug-In 2
SSV Helper - {DBC80044-A445-
435b-BC74-9C25C1C588A9} -
D:\Program Files\Java\jre6
\bin\jp2ssv.dll
O2 - BHO: link filter bho -
{E33CF602-D945-461A-83F0-
819F76A199F8} - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\klwtbbho.dll
O2 - BHO:
JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-
EABFE594F69C} - D:\Program
Files\Java\jre6
\lib\deploy\jqs\ie\jqs_plugin
.dll
O2 - BHO: EpsonToolBandKicker
Class - {E99421FB-68DD-40F0-
B4AC-B7027CAE2F1A} -
D:\Program Files\EPSON\EPSON
Web-To-Page\EPSON Web-To-
Page.dll
O2 - BHO: SingleInstance
Class - {FDAD4DA1-61A2-4FD8-
9C17-86F7AC245081} -
D:\Program Files\Yahoo!
\Companion\Installs\cpn3
\YTSingleInstance.dll
O3 - Toolbar: EPSON Web-To-
Page - {EE5D279F-081B-4404-
994D-C6B60AAEBA6D} -
D:\Program Files\EPSON\EPSON
Web-To-Page\EPSON Web-To-
Page.dll
O3 - Toolbar: QQ工具æ -
{29CF293A-1E7D-4069-9E11-
E39698D0AF95} - D:\Program
Files\Tencent\QQToolbar\IEBar
.dll
O3 - Toolbar: Google Toolbar
- {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - D:\Program
Files\Google\Google
Toolbar\GoogleToolbar_32.dll
(file missing)
O3 - Toolbar: Yahoo! Toolbar
- {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - D:\Program
Files\Yahoo!
\Companion\Installs\cpn3
\yt.dll
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P30 "EPSON
Stylus Photo R230 Series" /O6
"USB001" /M "Stylus Photo
R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 5)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 5)" /O6 "USB050" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo RX630 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9HP.EXE /P31 "EPSON
Stylus Photo RX630 Series"
/O6 "USB011" /M "Stylus Photo
RX630"
O4 - HKLM\..\Run: [EPSON
Stylus CX3500 Series (Copy
1)] D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9BP.EXE /P35 "EPSON
Stylus CX3500 Series (Copy
1)" /O6 "USB034" /M "Stylus
CX3500"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 10)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P40 "EPSON
Stylus Photo R230 Series
(Copy 10)" /O6 "USB053" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R300 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_S4I2F1.EXE /P39 "EPSON
Stylus Photo R300 Series
(Copy 1)" /O5 "LPT1:" /M
"Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON
Stylus Photo RX630 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9HP.EXE /P40 "EPSON
Stylus Photo RX630 Series
(Copy 1)" /O6 "USB034" /M
"Stylus Photo RX630"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R250 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAHP.EXE /P30 "EPSON
Stylus Photo R250 Series" /O6
"USB033" /M "Stylus Photo
R250"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 11)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P40 "EPSON
Stylus Photo R230 Series
(Copy 11)" /O6 "USB054" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 2)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 2)" /O6 "USB044" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 1)" /O6 "USB032" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 4)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 4)" /O6 "USB049" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [DirLocker]
D:\Documents and Settings\All
Users\application
data\Zilch.InfiniSoft\dirlock
.exe
O4 - HKLM\..\Run: [LSAShell]
D:\WINDOWS\lsass.exe
O4 - HKLM\..\Run: [stup.exe]
Rundll32.exe D:\PROGRA~1
\TENCENT\SSPlus\SPlus.dll,Run
dll32 R
O4 - HKLM\..\Run: [AVP]
"D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\avp.exe"
O4 - HKLM\..\Run: [SSC
Service Utility] D:\Program
Files\SSC Service
Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 7)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 7)" /O6 "USB046" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [NewRecog]
D:\Program
Files\HandWrite\MyNewRecog.ex
e
O4 - HKLM\..\Run:
[BigDogPath]
D:\WINDOWS\VM_STI.EXE ZSMC
USB PC Camera
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 6)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 6)" /O6 "USB045" /M
"Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON
Stylus CX4500 Series]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATI9AP.EXE /P26 "EPSON
Stylus CX4500 Series" /O6
"USB040" /M "Stylus CX4500"
O4 - HKLM\..\Run: [EPSON
Stylus C87 Series (Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIABP.EXE /P32 "EPSON
Stylus C87 Series (Copy 1)"
/O6 "USB043" /M "Stylus C87"
O4 - HKLM\..\Run: [EPSON
Stylus Photo R230 Series
(Copy 3)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIAIP.EXE /P39 "EPSON
Stylus Photo R230 Series
(Copy 3)" /O6 "USB045" /M
"Stylus Photo R230"
O4 - HKCU\..\Run: [WinSys]
D:\WINDOWS\system.exe
O4 - HKCU\..\Run:
[ctfmon.exe]
D:\WINDOWS\system32
\ctfmon.exe
O4 - HKCU\..\Run: [Google
Update] "D:\Documents and
Settings\Owner\Local
Settings\Application
Data\Google\Update\GoogleUpda
te.exe" /c
O4 - HKCU\..\Run: [EPSON
Stylus Photo 1390 Series
(Copy 1)]
D:\WINDOWS\System32
\spool\DRIVERS\W32X86\3
\E_FATIBXP.EXE /FU
"D:\WINDOWS\TEMP\E_S119.tmp"
/EF "HKCU"
O8 - Extra context menu item:
E&xport to Microsoft Excel -
res://D:\PROGRA~1\MICROS~2
\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item:
æ·»åŠ åˆ°QQ表情 - D:\Program
Files\Tencent\QQ\Bin\AddEmoti
on.htm
O9 - Extra button: &Virtual
keyboard - {4248FE82-7FCB-
46AC-B270-339F08212110} -
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtbbho.dll
O9 - Extra button: Research -
{92780B25-18CC-41C8-B9BE-
3C9C571A8263} - D:\PROGRA~1
\MICROS~2\OFFICE11
\REFIEBAR.DLL
O9 - Extra button: URLs
c&heck - {CCF151D8-D089-449F
-A5A4-D9909053F20F} -
D:\Program Files\Kaspersky
Lab\Kaspersky Anti-Virus
2010\klwtbbho.dll
O9 - Extra button: (no name)
- {e2e2dd38-d088-4134-82b7-
f2ba38496583} -
D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-
f2ba38496583} -
D:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger
- {FB5F1910-F110-11d2-BB9E-
00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem:
Windows Messenger -
{FB5F1910-F110-11d2-BB9E-
00C04F795683} - D:\Program
Files\Messenger\msmsgs.exe
O11 - Options group: [TBH]
SOSO AddressBar Search
O15 - Trusted Zone:
http://easyabc.95599.cn
O15 - Trusted Zone:
http://www.95599.cn
O15 - Trusted Zone:
http://www.abchina.com
O15 - ESC Trusted Zone:
http://*.update.microsoft.com
O16 - DPF: {62B938C4-4190-
4F37-8CF0-A92B0A91CC77}
(InfoSecNetSign Class) -
http://www.95599.cn/update/do
wn/NetSign.cab
O16 - DPF: {9B479D7B-916A-
45B0-B042-D42865A60E21}
(DvrOcx Control) -
http://111.68.34.113/DvrOcx.c
ab
O16 - DPF: {D27CDB6E-AE6D-
11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.macromedia
.com/get/shockwave/cabs/flash
/swflash.cab
O20 - AppInit_DLLs:
D:\PROGRA~1\KASPER~1
\KASPER~1\mzvkbd3.dll
O23 - Service: Adobe LM
Service - Adobe Systems -
D:\Program Files\Common
Files\Adobe Systems
Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey
Poller - ATI Technologies
Inc. - D:\WINDOWS\system32
\Ati2evxx.exe
O23 - Service: ATI Smart -
Unknown owner -
D:\WINDOWS\system32
\ati2sgag.exe
O23 - Service: Kaspersky
Anti-Virus (AVP) - Kaspersky
Lab - D:\Program
Files\Kaspersky Lab\Kaspersky
Anti-Virus 2010\avp.exe
O23 - Service:
##Id_String1.6844F930_1628_42
23_B5CC_5BB94B879762##
(Bonjour Service) - Apple
Computer, Inc. - D:\Program
Files\Bonjour\mDNSResponder.e
xe
O23 - Service: c20ukdrwsvc -
Unknown owner - D:\Program
Files\95599 Certificate
Tools\Watertek\c20ukdrwsvr.ex
e
O23 - Service: EPSON Printer
Status Agent2
(EPSONStatusAgent2) - SEIKO
EPSON CORPORATION -
D:\Program Files\Common
Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet
Licensing Service -
Macrovision Europe Ltd. -
D:\Program Files\Common
Files\Macrovision
Shared\FLEXnet
Publisher\FNPLicensingService
.exe
O23 - Service: Google
Software Updater (gusvc) -
Google - D:\Program
Files\Google\Common\Google
Updater\GoogleUpdaterService.
exe
O23 - Service: HDZB Comm
Service For V2.0 (HZ_CommSrv)
- åŽå¤§æ™ºå®ç”µå系统有é™å…¬å¸ -
D:\WINDOWS\system32
\HZ_CommSrv.exe
O23 - Service: Java Quick
Starter
(JavaQuickStarterService) -
Sun Microsystems, Inc. -
D:\Program Files\Java\jre6
\bin\jqs.exe
O23 - Service: Tencent
Software Update Service
(TSUSVC) - Tencent -
D:\Program
Files\Tencent\QQSoftMgr\Tence
ntUpdateSvc.exe
O23 - Service: Yahoo! Updater
(YahooAUService) - Yahoo!
Inc. - D:\Program
Files\Yahoo!
\SoftwareUpdate\YahooAUServic
e.exe
--
End of file - 11419 bytes
***
Thank you.
0
Comments
Also, is it a PPPoE e-mail? If it is then you need to make sure you set up your e-mail server settings correctly. You'll have received them from your ISP/The person who supplied your e-mail....