[CODE] 2009-07-08,14:51:44 System Repair Engineer 2.7.1.1261 Smallfrogs (http://www.KZTechs.com) Windows Vista Home Basic Edition Service Pack 1 (Build 6001) - 管理許可權用戶 - 完整功能 ???????: ???????(???????????????) ?????? ???????(????????) ???? Winsock ??? Autorun.inf HOSTS ?? ?????? ???? API HOOK ???? ???? ??? [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme> [SRS Labs, Inc.] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [] [File is missing] [(Verified)"McAfee, Inc."] <"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.] <"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"> [] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <> [N/A] <"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"> [] <"C:\Program Files\GridService\peer.exe" -n Grid> [FS2YOU] <"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."] [ iPassion Technology Inc.] <360Safetray> [(Verified)Qizhi Software (beijing) Co. Ltd] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Windows] [HKEY_CURRENT_USER\Control Panel\Desktop] [] ================================== ????? N/A ================================== ?? [NTI Backup Now 5 Agent Service / BUNAgentSvc][Running/Auto Start] <"C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe"> [Empowering Technology Service / ETService][Running/Auto Start] <> [LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start] <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"> [McAfee SiteAdvisor Service / McAfee SiteAdvisor Service][Running/Auto Start] <"C:\Program Files\McAfee\SiteAdvisor\McSACore.exe"><> [McAfee Services / mcmscsvc][Running/Auto Start] [McAfee Network Agent / McNASvc][Running/Auto Start] <"c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe"> [McAfee Scanner / McODS][Stopped/Manual Start] [McAfee Proxy Service / McProxy][Running/Auto Start] [McAfee Real-time Scanner / McShield][Running/Auto Start] [McAfee SystemGuards / McSysmon][Running/Manual Start] [McAfee Personal Firewall Service / MpfService][Stopped/Auto Start] <"C:\Program Files\McAfee\MPF\MPFSrv.exe"> [McAfee Anti-Spam Service / MSK80Service][Running/Auto Start] <"C:\Program Files\McAfee\MSK\MskSrver.exe"> [NTI Backup Now 5 Backup Service / NTIBackupSvc][Running/Auto Start] [NTI Backup Now 5 Scheduler Service / NTISchedulerSvc][Running/Auto Start] [NVIDIA Display Driver Service / nvsvc][Running/Auto Start] [PnkBstrB / PnkBstrB][Stopped/Manual Start] [Cyberlink RichVideo Service(CRVS) / RichVideo][Running/Auto Start] <"C:\Program Files\Cyberlink\Shared files\RichVideo.exe"><> [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"> [Threat Mitigation Service / Threat Mitigation Service][Running/Auto Start] [木馬清除大師設定性服務 / 木馬清除大師設定性服務][Stopped/Auto Start] ================================== ???? [adp94xx / adp94xx][Stopped/Disabled] <\SystemRoot\system32\drivers\adp94xx.sys> [adpahci / adpahci][Stopped/Disabled] <\SystemRoot\system32\drivers\adpahci.sys> [adpu160m / adpu160m][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu160m.sys> [adpu320 / adpu320][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu320.sys> [aic78xx / aic78xx][Stopped/Disabled] <\SystemRoot\system32\drivers\djsvs.sys> [AlcwIeProDrv / AlcwIeProDrv][Stopped/Manual Start] <\??\C:\Windows\system32\drivers\AlcwIeProDrv.sys> [AlcwLdDrvHook / AlcwLdDrvHook][Stopped/Manual Start] <\??\C:\Windows\system32\drivers\AlcwLdDrvHook.sys> [AlcwRegProDrv / AlcwRegProDrv][Stopped/Manual Start] <\??\C:\Windows\system32\drivers\AlcwRegProDrv.sys> [aliide / aliide][Stopped/Disabled] <\SystemRoot\system32\drivers\aliide.sys> [arc / arc][Stopped/Disabled] <\SystemRoot\system32\drivers\arc.sys> [arcsas / arcsas][Stopped/Disabled] <\SystemRoot\system32\drivers\arcsas.sys> [BREGDRV / BREGDRV][Stopped/Manual Start] <\??\C:\Windows\system32\drivers\bregdrv.sys><360安全中心> [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltlo.sys> [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltup.sys> [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] <\SystemRoot\system32\drivers\brserid.sys> [Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brserwdm.sys> [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brusbmdm.sys> [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\system32\drivers\brusbser.sys> [cltbmk / cltbmk][Running/Boot Start] <\SystemRoot\system32\drivers\ggyun.sys> [cmdide / cmdide][Stopped/Disabled] <\SystemRoot\system32\drivers\cmdide.sys> [iPassion PC Camera / DCamUSBTP10][Running/Manual Start] [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [elxstor / elxstor][Stopped/Disabled] <\SystemRoot\system32\drivers\elxstor.sys> [HpCISSs / HpCISSs][Stopped/Disabled] <\SystemRoot\system32\drivers\hpcisss.sys> [Intel RAID Controller Vista / iaStorV][Stopped/Disabled] <\SystemRoot\system32\drivers\iastorv.sys> [iirsp / iirsp][Stopped/Disabled] <\SystemRoot\system32\drivers\iirsp.sys> [int15 / int15][Running/Auto Start] <\??\C:\Windows\system32\drivers\int15.sys> [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] <\SystemRoot\system32\drivers\iteatapi.sys> [ITERAID_Service_Install / iteraid][Stopped/Disabled] <\SystemRoot\system32\drivers\iteraid.sys> [LSI_FC / LSI_FC][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_fc.sys> [LSI_SAS / LSI_SAS][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_sas.sys> [LSI_SCSI / LSI_SCSI][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_scsi.sys> [megasas / megasas][Stopped/Disabled] <\SystemRoot\system32\drivers\megasas.sys> [MegaSR / MegaSR][Stopped/Disabled] <\SystemRoot\system32\drivers\megasr.sys> [McAfee Inc. mfeavfk / mfeavfk][Running/Manual Start] [McAfee Inc. mfebopk / mfebopk][Running/Manual Start] [McAfee Inc. mfehidk / mfehidk][Running/System Start] [McAfee Inc. mferkdk / mferkdk][Stopped/Manual Start] [McAfee Inc. mfesmfk / mfesmfk][Running/Manual Start] [MPFP / MPFP][Running/System Start] [Mraid35x / Mraid35x][Stopped/Disabled] <\SystemRoot\system32\drivers\mraid35x.sys> [nfrd960 / nfrd960][Stopped/Disabled] <\SystemRoot\system32\drivers\nfrd960.sys> [Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] [Nokia USB Generic / nmwcdc][Stopped/Manual Start] [Upper Class Filter Driver / NTIDrvr][Running/Manual Start] [N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] <\SystemRoot\system32\drivers\ntrigdigi.sys> [NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start] [nvlddmkm / nvlddmkm][Running/Manual Start] [NVIDIA nForce RAID Driver / nvraid][Stopped/Disabled] <\SystemRoot\system32\drivers\nvraid.sys> [nvstor / nvstor][Stopped/Disabled] <\SystemRoot\system32\drivers\nvstor.sys> [nvstor32 / nvstor32][Running/Boot Start] <\SystemRoot\system32\DRIVERS\nvstor32.sys> [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start] [PnkBstrK / PnkBstrK][Stopped/Manual Start] <\??\C:\Windows\system32\drivers\PnkBstrK.sys> [QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] <\SystemRoot\system32\drivers\ql2300.sys> [QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] <\SystemRoot\system32\drivers\ql40xx.sys> [SiSRaid4 / SiSRaid4][Stopped/Disabled] <\SystemRoot\system32\drivers\sisraid4.sys> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [SRS Labs Audio Sandbox (WDM) / SRS_SSCFilter][Running/Manual Start] <> [Symc8xx / Symc8xx][Stopped/Disabled] <\SystemRoot\system32\drivers\symc8xx.sys> [Sym_hi / Sym_hi][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_hi.sys> [Sym_u3 / Sym_u3][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_u3.sys> [tvicport / tvicport][Running/Auto Start] <\??\C:\Windows\system32\drivers\tvicport.sys> [uliahci / uliahci][Stopped/Disabled] <\SystemRoot\system32\drivers\uliahci.sys> [UlSata / UlSata][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata.sys> [ulsata2 / ulsata2][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata2.sys> [upperdev / upperdev][Stopped/Manual Start] [UsbserFilt / UsbserFilt][Stopped/Manual Start] [viaide / viaide][Stopped/Disabled] <\SystemRoot\system32\drivers\viaide.sys> [vsmraid / vsmraid][Stopped/Disabled] <\SystemRoot\system32\drivers\vsmraid.sys> [zntport / zntport][Running/Auto Start] <\??\C:\Windows\system32\drivers\zntport.sys> [BeatTrojanHelperOne / BeatTrojanHelperOne][Running/Auto Start] <\??\C:\Program Files\BeatTrojan2009\BeatTrojanHelperOne.sys> ================================== ?????? [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [McAfee Phishing Filter] {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [BitComet Helper] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [] {5C255C8A-E604-49b4-9D64-90988571CECB} <, > [HaoKanBar BrowserHelper] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} [scriptproxy] {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [Windows Live 登入小幫手] {9030D464-4C02-4ABF-8ECC-5164760863C6} [McAfee SiteAdvisor BHO] {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} [Send to OneNote from Internet Explorer button] {2670000A-7350-4f3c-8081-5663EE0C6C49} [研究(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [BitComet] {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, > [McAfee SiteAdvisor Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [GotoYa上網精靈] {43869BB3-22FD-4F15-9B46-238106BA2F4E} [Java Plug-in 1.6.0_14] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Java Plug-in 1.6.0_14] {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [Java Plug-in 1.6.0_14] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [] {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <, > [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [] {089FD14D-132B-48FC-8861-0048AE113215} <, > [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [] {0BF43445-2F28-4351-9252-17FE6E806AA0} <, > [McAfee SiteAdvisor Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} [] {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, > [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [] {2670000A-7350-4F3C-8081-5663EE0C6C49} <, > [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [HtmlDlgSafeHelper Class] {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [McAfee Phishing Filter] {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} [BitComet Helper] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [GotoYa上網精靈] {43869BB3-22FD-4F15-9B46-238106BA2F4E} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [] {5C255C8A-E604-49B4-9D64-90988571CECB} <, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A> [HaoKanBar BrowserHelper] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} [scriptproxy] {7DB2D5A0-7241-4E79-B68D-6309F01C5231} [Peer Adapter] {80E18282-3716-48CA-B50C-F7B7F6A32791} <, > [] {83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} <, > [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [XML DOM Document 5.0] {88D969E5-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [Java Plug-in 1.6.0_14] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Windows Live 登入小幫手] {9030D464-4C02-4ABF-8ECC-5164760863C6} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {AA58ED58-01DD-4D91-8333-CF10577473F7} <, > [] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, > [McAfee SiteAdvisor BHO] {B164E929-A1B6-4A06-B104-2CD0E90A88FF} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [] {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <, > [] {CA92B524-BC8A-4610-BD2C-6BD3E28155D0} <, > [Java Plug-in 1.6.0_14] {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [] {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} [] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [&使用BitComet下載] [&使用BitComet下載全部影片] [&使用BitComet下載全部連結] [匯出至 Microsoft Excel(&X)] [氝樓V豢綎VDえ] <, > [添加為廣告過濾圖片] ================================== ??????? [PID: 468 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [PID: 536 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 584 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 596 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 628 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 640 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 648 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 796 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 828 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 872 / SYSTEM][C:\Windows\system32\TDMEAgent.exe] [Trend Micro Inc., 2.1.0.1033] [PID: 916 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 7.15.11.7540] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 944 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1064 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1112 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1128 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1268 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [PID: 1304 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1464 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1776 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1820 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1876 / Vincent][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 1980 / Vincent][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7540] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [PID: 516 / Vincent][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\BeatTrojan2009\BtHelpSeven.dll] [北京盛世京天科技有限公司, 4, 5, 0, 0] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll] [Nokia, 7, 1, 106, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL] [Nokia, 7, 1, 152, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-hk.nlr] [Nokia, 7, 1, 69, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 7, 1, 21, 0] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\Super Rabbit\IeProt\Scan.dll] [N/A, ] [C:\Program Files\McAfee\VirusScan\scriptsn.dll] [McAfee, Inc., VSCORE.14.0.0.366.x86] [C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.7540] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.7540] [PID: 1472 / Vincent][C:\Windows\system32\conime.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] [PID: 1084 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 700 / SYSTEM][C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe] [NewTech Infosystems, Inc., 5.1.2.1] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll] [, 5.5.1] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll] [NewTech Infosystems, Inc., 5.1.2.1] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll] [NewTech Infosystems, Inc., 5.1.2.1] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll] [N/A, ] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll] [N/A, ] [PID: 244 / SYSTEM][C:\Program Files\Acer\Empowering Technology\Service\ETService.exe] [, 3.0.3009] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3009.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll] [acer, 3.0.3009] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3faf6c0dd4b29ada10b11269abb62653\System.Management.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll] [, 3.0.3009] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll] [Acer Incorporated, 3.1.3000.19] [C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll] [, 3.0.3009] [C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll] [Acer Incorporated, 3.1.3003.22] [C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll] [Acer Incorporated, 3.0.3014.14] [C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll] [The Apache Software Foundation, 1.2.10.0] [C:\Windows\system32\INT15.dll] [N/A, ] [C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll] [, 3.0.3007] [C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll] [, 3.0.3007] [C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll] [, 3.0.3007] [C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll] [, 3.0.3007] [C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3009.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll] [acer, 3.0.3009] [PID: 2136 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe] [Hewlett-Packard Company, 1.4.142.1] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\Common Files\LightScribe\LSSProxy.dll] [Hewlett-Packard Company, 1.4.142.1] [C:\Program Files\Common Files\LightScribe\LSLog.dll] [Hewlett-Packard Company, 1.4.142.1] [PID: 2180 / SYSTEM][C:\Program Files\McAfee\SiteAdvisor\McSACore.exe] [, ] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\mcafee\SITEAD~1\apengine.dll] [, ] [c:\PROGRA~1\mcafee\SITEAD~1\saupkeep.dll] [, ] [C:\Program Files\McAfee\SiteAdvisor\SACore.dll] [, ] [C:\Program Files\McAfee\SiteAdvisor\SASet.dll] [, ] [c:\PROGRA~1\mcafee\SITEAD~1\MCSACO~1.DLL] [, ] [c:\PROGRA~1\mcafee\msc\mcregobj\8_0_22~1\mcregobj.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\8_1_11~1\McUtil.dll] [McAfee, Inc., 8,1,114,0] [c:\PROGRA~1\mcafee\SITEAD~1\McFrmWk.dll] [, ] [c:\PROGRA~1\mcafee\SITEAD~1\CntScan.dll] [, ] [PID: 2200 / SYSTEM][c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe] [McAfee, Inc., 2,0,150,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\mcafee\VIRUSS~1\escnplug.dll] [McAfee, Inc., 12,1,109,0] [c:\PROGRA~1\mcafee\VIRUSS~1\EsPlgRes.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 12,1,118,0] [c:\PROGRA~1\mcafee\mps\mps.dll] [McAfee, Inc., 10.1.138.0] [c:\PROGRA~1\mcafee\msk\mskpxplg.dll] [McAfee, Inc., 9.1.107.0] [c:\PROGRA~1\mcafee\mps\mpscfg.dll] [McAfee, Inc., 10.1.137.0] [C:\Windows\system32\Dunzip32.dll] [Inner Media, Inc., 5.00.06] [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\mps\mpsevh.dll] [McAfee, Inc., 10.1.133.0] [c:\PROGRA~1\mcafee\mps\mpsmisp.dll] [McAfee, Inc., 10.1.137.0] [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [C:\Program Files\McAfee\VirusScan\mvslog.dll] [McAfee, Inc., 12,0,172,0] [c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 8,0,226,0] [PID: 2208 / SYSTEM][C:\Windows\system32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 2240 / SYSTEM][C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\PROGRA~1\McAfee\VIRUSS~1\LockDown.dll] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3.dll] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_worker.dll] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_server.dll] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\RES00\McShield.dll] [McAfee, Inc., VSCORE.14.0.0.349] [C:\PROGRA~1\McAfee\VIRUSS~1\FTL.Dll] [McAfee, Inc., VSCORE.14.0.0.349.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\mcafee\VIRUSS~1\naiannps.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 12,1,118,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 3,0,117,0] [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll] [McAfee, Inc., 12,0,172,0] [C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mcscan32.dll] [McAfee, Inc., 5.3.00] [C:\Program Files\McAfee\VirusScan\Engine\5301.4018\mc5300up.001] [McAfee, Inc., 5.3.00] [C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll] [McAfee, Inc., SYSCORE.14.0.0.291.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll] [McAfee, Inc., SYSCORE.14.0.0.291.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll] [McAfee, Inc., SYSCORE.14.0.0.291.x86] [PID: 2352 / SYSTEM][C:\Program Files\McAfee\MSK\MskSrver.exe] [McAfee, Inc., 9.1.107.0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\mcafee\msk\mskengn.dll] [McAfee, Inc., 9.1.107.0] [c:\PROGRA~1\mcafee\msk\mskwm.dll] [McAfee, Inc., 9.1.107.0] [c:\PROGRA~1\mcafee\msk\mskxaif.dll] [McAfee, Inc., 9.1.107.0] [C:\Program Files\McAfee\MSK\MSKSet.dll] [McAfee, Inc., 9.1.107.0] [PID: 2412 / SYSTEM][C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe] [NewTech InfoSystems, Inc., 5.1.0.3] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll] [NewTech InfoSystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll] [NewTech Infosystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll] [NewTech Infosystems, Inc., 3, 1, 1, 91] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll] [NewTech Infosystems, Inc., 3, 1, 1, 173] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll] [NewTech Infosystems, Inc., 3, 1, 1, 95] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll] [NewTech Infosystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll] [NewTech InfoSystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll] [NewTech InfoSystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll] [NewTech Infosystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll] [NewTech Infosystems, Inc., 5.1.0.3] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll] [NewTech InfoSystems, Inc., 5.1.0.3] [PID: 2460 / SYSTEM][C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe] [N/A, ] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll] [NewTech Infosystems, Inc., 0] [PID: 2536 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2572 / SYSTEM][C:\Program Files\Cyberlink\Shared files\RichVideo.exe] [, 2.0.2829 ] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2596 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2660 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2700 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2776 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2888 / SYSTEM][C:\Program Files\BeatTrojan2009\BeatTrojanShields.exe] [北京盛世京天科技有限公司, 4, 5, 0, 0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 2988 / SYSTEM][C:\Program Files\BeatTrojan2009\BeatTrojanMon.exe] [Lofocus(洛克思)安全實驗室, 5, 0, 0, 0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\BeatTrojan2009\BtHelpOne.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\EgHelperOne.dll] [Lofocus(洛克思)安全實驗室, 5, 0, 0, 0] [C:\Program Files\BeatTrojan2009\BtHelpThree.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\SystemGuardDelete.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\BtHelpEight.dll] [MoatSoft,inc., 4, 6, 0, 0] [C:\Program Files\BeatTrojan2009\SystemGuardHelper.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\BtHelpTwo.dll] [Lofocus(洛克思)安全實驗室, 5, 0, 0, 0] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\BeatTrojan2009\Office2007Blue.dll] [Codejock Software, 12, 0, 1, 0] [PID: 3112 / SYSTEM][C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe] [McAfee, Inc., 8,1,159,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\8_1_11~1\McUtil.dll] [McAfee, Inc., 8,1,114,0] [C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 8,1,153,0] [C:\Program Files\McAfee\MSC\oem\662-22\Mccobres.dll] [McAfee, Inc., 9,3,106,0] [C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 8,1,165,0] [C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll] [McAfee, Inc., 8,1,125,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\mcafee\msc\mcmscver.dll] [McAfee, Inc., 8,1,136,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mvsap.dll] [McAfee, Inc., 12,0,172,0] [c:\PROGRA~1\mcafee\mpf\mc\mpfmisp.dll] [McAfee, Inc., 9.0.136.0] [C:\Program Files\McAfee\MPF\L10N.DLL] [McAfee, Inc., 9.1.108.0] [c:\PROGRA~1\mcafee\msk\mskmisp.dll] [McAfee, Inc., 9.1.107.0] [c:\PROGRA~1\mcafee\mps\mpsmisp.dll] [McAfee, Inc., 10.1.137.0] [C:\Program Files\McAfee\MPS\MpsRes.DLL] [McAfee, Inc., 10.0.263.0] [c:\PROGRA~1\mcafee\mps\mpspii.dll] [McAfee, Inc., 10.1.133.0] [c:\PROGRA~1\mcafee\mps\mpspc.dll] [McAfee, Inc., 10.1.133.0] [c:\PROGRA~1\mcafee\msc\mcprotpv.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll] [McAfee, Inc., 2,1,151,0] [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll] [McAfee, Inc., 2,1,151,0] [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll] [McAfee, Inc., 2,1,151,0] [C:\PROGRA~1\McAfee\MSC\McProHlp.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\mcafee\msc\mcdbmgr.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mvsver.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\COMMON~1\mcafee\mcproxy\proxyver.dll] [McAfee, Inc., 2,0,150,0] [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.dll] [McAfee, Inc., 9.1.9.0] [c:\PROGRA~1\mcafee\mps\mpsver.dll] [McAfee, Inc., 10.0.263.0] [c:\PROGRA~1\mcafee\mqc\qcmisp.dll] [McAfee, Inc., 8,1,106,0] [c:\PROGRA~1\mcafee\mqc\QcLite.dll] [McAfee, Inc., 8,1,106,0] [c:\PROGRA~1\mcafee\msc\mcnmcver.dll] [McAfee, Inc., 2,0,115,0] [PID: 3444 / Vincent][c:\PROGRA~1\mcafee.com\agent\mcagent.exe] [McAfee, Inc., 8,0,237,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 8,1,153,0] [C:\Program Files\McAfee\MSC\oem\662-22\Mccobres.dll] [McAfee, Inc., 9,3,106,0] [C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 8,1,165,0] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\mcafee\msc\mccfgpv.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\mcafee.com\agent\mcagntps.dll] [McAfee, Inc., 8,0,226,0] [PID: 3720 / Vincent][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1, 0, 0, 230] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 3744 / Vincent][C:\Program Files\Acer\Empowering Technology\SysMonitor.exe] [, 1.0.1.0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [PID: 3764 / Vincent][C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe] [, 3.0.3009] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll] [, 3.0.3009] [C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll] [, 3.0.3009] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3009.0__739b31b1908c49e5\Framework.UIComponent.dll] [Acer PVL, 3.0.3009] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3faf6c0dd4b29ada10b11269abb62653\System.Management.ni.dll] [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll] [, 3.0.3009] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\Acer\Empowering Technology\zh-CHT\Framework.AppBar.resources.dll] [, 3.0.3009] [C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll] [, 3.0.3009] [C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll] [, 3.0.3007] [C:\Program Files\Acer\Empowering Technology\eRecovery\eRecoveryMenuPlugin.dll] [Acer Incorporated, 3.0.3014.15] [PID: 3856 / Vincent][C:\Program Files\Cyberlink\PowerDVD\PDVDServ.exe] [Cyberlink Corp., 7.00.2406] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll] [CyberLink Corp., 7.00.1711 ] [PID: 4008 / Vincent][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Windows\system32\NvMcTray.dll] [NVIDIA Corporation, 7.15.11.7540] [C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.7540] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 4068 / Vincent][C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe] [, 5.1.0.3] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll] [N/A, ] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 1056 / Vincent][C:\Program Files\GridService\peer.exe] [FS2YOU, 2, 1, 10, 8366] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 924 / Vincent][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.1.137] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 2312 / Vincent][C:\Windows\iPScan.exe] [ iPassion Technology Inc., 1, 0, 0, 1] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Windows\iPPage.AX] [iPassion Technology Inc., 1, 0, 0, 1] [PID: 2524 / Vincent][C:\Program Files\360\360Safe\safemon\360tray.exe] [360安全中心, 5, 0, 0, 1021] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\360\360Safe\safemon\360compro.dll] [360安全中心, 1, 0, 0, 1009] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\360\360Safe\safemon\SafeKrnl.dll] [奇虎网, 5, 0, 0, 1002] [C:\Program Files\360\360Safe\AntiAdwa.dll] [360Safe.com, 4, 2, 0, 1002] [C:\Program Files\360\360Safe\safemon\360webpro.dll] [360.CN, 1, 0, 0, 1008] [C:\Program Files\360\360Safe\live.dll] [360.cn, 1, 0, 2, 1005] [C:\Program Files\360\360Safe\pdown.dll] [360Safe.com, 1, 1, 0, 0] [PID: 1076 / Vincent][C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe] [SRS Labs, Inc., 2.3.5.0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 3664 / SYSTEM][C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe] [McAfee, Inc., 12,1,111,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\mcafee\msc\mcmispps.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll] [McAfee, Inc., 12,0,172,0] [C:\PROGRA~1\McAfee\VIRUSS~1\mfesmfa.dll] [McAfee, Inc., SYSCORE.14.0.0.291.x86] [C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll] [McAfee, Inc., SYSCORE.14.0.0.291.x86] [c:\PROGRA~1\COMMON~1\mcafee\HACKER~1\hwapi.dll] [McAfee, Inc., 9.1.9.0] [c:\PROGRA~1\mcafee\VIRUSS~1\mvscfg.dll] [McAfee, Inc., 12,1,118,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mcevtbrk.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\VIRUSS~1\mcvsps.dll] [McAfee, Inc., 12,0,188,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [PID: 3680 / SYSTEM][c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe] [McAfee, Inc., 2,1,143,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [c:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\8_1_11~1\McUtil.dll] [McAfee, Inc., 8,1,114,0] [c:\PROGRA~1\mcafee\msc\mcnmcsrv.dll] [McAfee, Inc., 2,1,151,0] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\COMMON~1\mcafee\mna\MCNASV~1.DLL] [McAfee, Inc., 2,1,143,0] [c:\PROGRA~1\mcafee\msc\mcnmcsps.dll] [McAfee, Inc., 2,0,115,0] [c:\PROGRA~1\mcafee\mpf\mc\mpfp.dll] [McAfee, Inc., 9.0.136.0] [c:\PROGRA~1\mcafee\msc\mcregobj\8_0_22~1\mcregobj.dll] [McAfee, Inc., 8,0,226,0] [c:\PROGRA~1\mcafee\msc\mcmismgr.dll] [McAfee, Inc., 8,1,149,0] [C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 8,1,153,0] [C:\Program Files\McAfee\MSC\oem\662-22\Mccobres.dll] [McAfee, Inc., 9,3,106,0] [C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 8,1,165,0] [c:\PROGRA~1\mcafee\msc\mcsubmgr\8_1_13~1\mcsubmgr.dll] [McAfee, Inc., 8,1,133,0] [c:\PROGRA~1\COMMON~1\mcafee\mna\mcuj.dll] [McAfee, Inc., 2,1,143,0] [C:\PROGRA~1\McAfee\MSC\McNmcRes.dll] [McAfee, Inc., 2,1,151,0] [C:\PROGRA~1\McAfee\MSC\McNmcLoR.dll] [McAfee, Inc., 2,1,151,0] [C:\PROGRA~1\McAfee\MSC\McNmcCoR.dll] [McAfee, Inc., 2,1,151,0] [PID: 4700 / Vincent][c:\PROGRA~1\mcafee\msc\mcuimgr.exe] [McAfee, Inc., 8,0,226,0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [c:\PROGRA~1\COMMON~1\mcafee\core\mccoreps.dll] [McAfee, Inc., 3,0,117,0] [c:\PROGRA~1\mcafee\msc\mcshllps.dll] [McAfee, Inc., 8,1,133,0] [C:\PROGRA~1\McAfee\MSC\McRes.dll] [McAfee, Inc., 8,0,226,0] [C:\PROGRA~1\McAfee\MSC\McLocRes.dll] [McAfee, Inc., 8,1,153,0] [C:\Program Files\McAfee\MSC\oem\662-22\Mccobres.dll] [McAfee, Inc., 9,3,106,0] [C:\PROGRA~1\McAfee\MSC\Mccobres.dll] [McAfee, Inc., 8,1,165,0] [PID: 5096 / Vincent][C:\Windows\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 5508 / SYSTEM][C:\Program Files\BeatTrojan2009\BeatTrojan.exe] [Lofocus(洛克思)安全實驗室, 5, 0, 0, 0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\BeatTrojan2009\EgHelperOne.dll] [Lofocus(洛克思)安全實驗室, 5, 0, 0, 0] [C:\Program Files\BeatTrojan2009\EgHelpTwo.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\EgHelpThree.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\BeatTrojan2009\SystemGuardDelete.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\BtHelpSix.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\SystemGuardHelper.dll] [MoatSoft,Inc., 3, 0, 9, 2] [C:\Program Files\BeatTrojan2009\unrar.dll] [N/A, ] [C:\Program Files\BeatTrojan2009\Office2007Blue.dll] [Codejock Software, 12, 0, 1, 0] [C:\Program Files\BeatTrojan2009\CommonReg.dll] [N/A, ] [PID: 4732 / Vincent][C:\jcb_gfzq_big5\TdxW.exe] [, ] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\jcb_gfzq_big5\TCalc.dll] [, 1, 0, 0, 1] [C:\jcb_gfzq_big5\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] [C:\jcb_gfzq_big5\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\jcb_gfzq_big5\Viewthem.dll] [, 1, 0, 0, 1] [C:\jcb_gfzq_big5\invest.dll] [, 1.15] [C:\jcb_gfzq_big5\Dbf.dll] [N/A, ] [C:\jcb_gfzq_big5\Secure.dll] [通?信, 1.00.00] [C:\jcb_gfzq_big5\TTools.dll] [, 1.00] [C:\jcb_gfzq_big5\TList.dll] [, 1.00] [C:\jcb_gfzq_big5\TInfo.dll] [, 1.00] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\jcb_gfzq_big5\calcer.dll] [, 1, 0, 0, 1] [C:\jcb_gfzq_big5\Advhq.dll] [, 1, 0, 0, 1] [PID: 5056 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.0.6001.18226 (vistasp1_gdr.090302-1506)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 4624 / Vincent][C:\Program Files\K-Meleon\k-meleon.exe] [http://kmeleon.sf.net/, 1, 5, 3, 0] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\K-Meleon\nspr4.dll] [Netscape Communications Corporation, 4.6.8] [C:\Program Files\K-Meleon\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\K-Meleon\xpcom.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\xpcom_core.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\plc4.dll] [Netscape Communications Corporation, 4.6.8] [C:\Program Files\K-Meleon\plds4.dll] [Netscape Communications Corporation, 4.6.8] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\McAfee\SiteAdvisor\saPlugin.dll] [, ] [C:\Program Files\K-Meleon\components\embedcomponents.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\K-Meleon\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\K-Meleon\components\caps.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\xpc3250.dll] [Mozilla Foundation, Personal] [c:\PROGRA~1\mcafee\SITEAD~1\MCSACO~1.DLL] [, ] [C:\Program Files\K-Meleon\components\xppref32.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\necko.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\mozz.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\i18n.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\typeaheadfind.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\gklayout.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\gkgfx.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\imglib2.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\rdf.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\appcomps.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\appshell.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\chrome.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\kplugins\bmpmenu.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\bookmarks.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\favorites.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\fullscreen.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\history.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\JSBridge.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\macros.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\privacy.dll] [, 0.0.3.0] [C:\Program Files\K-Meleon\kplugins\rebarmenu.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\sessions.dll] [, 1, 0, 0, 1] [C:\Program Files\K-Meleon\kplugins\toolbars.dll] [N/A, ] [C:\Program Files\K-Meleon\kplugins\update.dll] [N/A, ] [C:\Program Files\K-Meleon\components\webbrwsr.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\gkwidget.dll] [N/A, ] [C:\Program Files\K-Meleon\components\gkgfxwin.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\docshell.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\pipboot.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\oji.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\jsj3250.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\jar50.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\perms.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\cookie.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\uconv.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\gkparser.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\txmgr.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\mork.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\editor.dll] [Mozilla Foundation, Personal] [C:\Program Files\K-Meleon\components\gkplugin.dll] [Mozilla Foundation, Personal] [PID: 4612 / Vincent][C:\Program Files\WinRAR\WinRAR.exe] [Alexander Roshal, 3.90.3] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll] [Nokia, 7, 1, 106, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL] [Nokia, 7, 1, 152, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-hk.nlr] [Nokia, 7, 1, 69, 0] [C:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 7, 1, 21, 0] [PID: 320 / Vincent][C:\Users\Vincent\AppData\Local\Temp\Rar$EX00.151\?行助手.exe] [N/A, ] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [PID: 4968 / Vincent][C:\Users\Vincent\AppData\Local\Temp\Rar$EX00.151\sr-engldr.exe] [Smallfrogs Studio, 2.7.1.1261] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [PID: 5000 / Vincent][C:\Users\Vincent\AppData\Local\Temp\Rar$EX00.151\SREbc92d74d.EXE] [Smallfrogs Studio, 2.7.1.1261] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1016] [C:\Program Files\McAfee\SiteAdvisor\saHook.dll] [, ] [C:\Users\Vincent\AppData\Local\Temp\Rar$EX00.151\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Users\Vincent\AppData\Local\Temp\Rar$EX00.151\Plugins\DelFileSREng.SRE] [N/A, ] [PID: 4912 / NETWORK SERVICE][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.0.6001.18226 (vistasp1_gdr.090302-1506)] [C:\Windows\system32\TDMEMon.dll] [Trend Micro Inc., 2.1.0.1033] ================================== ???? .TXT Error. ["%SystemRoot%\system32\NOTEPAD.EXE" %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["%SystemRoot%\hh.exe" %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock ??? N/A ================================== Autorun.inf N/A ================================== HOSTS ?? N/A ================================== ?????? ???????: SeDebugPrivilege [PID = 3744, C:\PROGRAM FILES\ACER\EMPOWERING TECHNOLOGY\SYSMONITOR.EXE] ================================== ???? [???] \\McDefragTask c:\PROGRA~1\mcafee\mqc\QcConsol.exe "C:\Windows\system32\defrag.exe" C: -f [???] \\McQcTask c:\PROGRA~1\mcafee\mqc\QcConsol.exe 14 0 [???] \\{A9C4FDD1-3764-4278-900C-359F46387CB2} C:\Windows\system32\pcalua.exe -a C:\Users\Vincent\Desktop\msime_ct_98.exe -d C:\Users\Vincent\Desktop [???] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) N/A [???] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) N/A [???] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [???] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [???] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [???] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [???] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [???] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [???] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c -i [???] \Microsoft\Windows\MobilePC\HotStart N/A [???] \Microsoft\Windows\MobilePC\TMM N/A [???] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [???] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [???] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI N/A [???] \Microsoft\Windows\Shell\CrawlStartPages N/A [???] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [???] \Microsoft\Windows\Tcpip\IpAddressConflict1 rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [???] \Microsoft\Windows\Tcpip\IpAddressConflict2 rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [???] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [???] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [???] \Microsoft\Windows\Wired\GatherWiredInfo %windir%\system32\gatherWiredInfo.vbs [???] \Microsoft\Windows\Wireless\GatherWirelessInfo %windir%\system32\gatherWirelessInfo.vbs ================================== API HOOK ?????:CreateFileW (????: ?, ??????HOOK: C:\Windows\system32\TDMEMon.dll) ?????:CopyFileExW (????: ?, ??????HOOK: C:\Windows\system32\TDMEMon.dll) ?????:CreateRemoteThread (????: ?, ??????HOOK: C:\Windows\system32\TDMEMon.dll) ?????:SetWindowsHookExA (????: ?, ??????HOOK: C:\Windows\system32\TDMEMon.dll) ?????:SetWindowsHookExW (????: ?, ??????HOOK: C:\Windows\system32\TDMEMon.dll) ================================== ???? N/A ================================== [/CODE]