Logfile of HijackThis v1.99.1
Scan saved at 15:13:28, on 07-1-4
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\DRCOM\DR.COM 宽带登录客户端\ISHARE_USER.EXE
G:\QQ\QQ.EXE
G:\QQ\TIMPLATFORM.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX00.671\HIJACKTHIS.EXE

O2 - BHO: (no name) - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\KuGoo3\KuGoo3DownXControl.ocx (file missing)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32
O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [rtvscn95] C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe
O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: 腾讯QQ.lnk = G:\QQ\QQ.exe
O8 - Extra context menu item: 添加到QQ自定义面板 - G:\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - G:\QQ\AddEmotion.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - G:\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - G:\QQ\SendMMS.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - F:\KUGOO3\KuGoo3DownX.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE (file missing)
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - F:\QQ\QQ.EXE (file missing)
O9 - Extra button: 雅虎助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist (file missing)
O9 - Extra button: 名品折扣 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816 (file missing)
O9 - Extra button: Yahoo 3.5G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail (file missing)
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg (file missing)
O9 - Extra button: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - Extra button: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra 'Tools' menuitem: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean (file missing)
O9 - Extra button: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O9 - Extra 'Tools' menuitem: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system\tcpipdog0.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\tcpipdog0.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\tcpipdog0.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\tcpipdogr0.dll
O10 - Unknown file in Winsock LSP: c:\windows\system\tcpipdogr0.dll
O11 - Options group: [!CNS]  中文上网

2007-01-04,15:19:30

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 98 SE  -

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <ScanRegistry><C:\WINDOWS\scanregw.exe /autorun>  [Microsoft Corporation]
    <TaskMonitor><C:\WINDOWS\taskmon.exe>  [Microsoft Corporation]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <SystemTray><SysTray.Exe>  [Microsoft Corporation]
    <LoadPowerProfile><Rundll32.exe powrprof.dll,LoadCurrentPwrScheme>  [Microsoft Corporation]
    <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd>  [C-Media Corporation]
    <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>  [Symantec Corporation]
    <helper.dll><C:\WINDOWS\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32>  [$]
    <CnsMin><Rundll32.exe C:\WINDOWS\DOWNLO~1\CNSMIN.DLL,Rundll32>  [北京三七二一科技有限公司]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <LoadPowerProfile><Rundll32.exe powrprof.dll,LoadCurrentPwrScheme>  [Microsoft Corporation]
    <SchedulingAgent><mstask.exe>  [Microsoft Corporation]
    <rtvscn95><C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe>  [Symantec Corporation]
    <defwatch><C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe>  [Symantec Corporation]

==================================
启动文件夹
[Adobe Gamma Loader]
  <C:\WINDOWS\Start Menu\Programs\启动\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\ADOBE\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Microsoft Office]
  <C:\WINDOWS\Start Menu\Programs\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~1\OFFICE\OSA9.EXE [Microsoft Corporation]><N>
[腾讯QQ]
  <C:\WINDOWS\Start Menu\Programs\启动\腾讯QQ.lnk --> G:\QQ\QQ.EXE [TENCENT]><N>

==================================
服务
N/A

==================================
驱动程序
N/A

==================================
浏览器加载项
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <F:\QQ\QQ.EXE, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[名品折扣]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816, N/A>
[Yahoo 3.5G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg, N/A>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH9B.OCX, Adobe Systems, Inc.>
[Update Class]
  {9F1C11AA-197B-4942-BA54-47A8489BB47F} <C:\WINDOWS\SYSTEM\IUCTL.DLL, Microsoft Corporation>
[添加到QQ自定义面板]
  <G:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <G:\QQ\AddEmotion.htm, N/A>
[上传到QQ网络硬盘]
  <G:\QQ\AddToNetDisk.htm, N/A>
[用QQ彩信发送该图片]
  <G:\QQ\SendMMS.htm, N/A>
[使用KuGoo3下载(&K)]
  <F:\KUGOO3\KuGoo3DownX.htm, N/A>

==================================

正在运行的进程
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294947475][C:\WINDOWS\SYSTEM\MPREXE.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294852075][C:\WINDOWS\SYSTEM\MSTASK.EXE]  [Microsoft Corporation, 4.71.1972.1]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAP32.DLL]  [Symantec Corporation, 9.1.0.26]
    [C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20061206.016\NAVENG32.DLL]  [Symantec Corporation, 20061.3.0.12]
    [C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20061206.016\NAVEX32A.DLL]  [Symantec Corporation, 20061.3.0.12]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAPI32.DLL]  [Symantec Corp., 4.2.0.7]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\I2LDVP3.DLL]  [Symantec Corporation, 8.1.0.821]
[PID: 4294844519][C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVLU.DLL]  [Symantec Corporation, 8.1.0.821]
    [C:\WINDOWS\SYSTEM\CBA.DLL]  [Intel_ Corporation, 6.12.0.105 E]
    [C:\WINDOWS\SYSTEM\PDS.DLL]  [Intel_ Corporation, 6.12.0.105 E]
    [C:\WINDOWS\SYSTEM\MSGSYS.DLL]  [Intel_ Corporation, 6.12.0.105 E]
    [C:\WINDOWS\SYSTEM\NTS.DLL]  [Intel_ Corporation, 6.12.0.105 E]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294897507][C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE]  [Symantec Corporation, 8.1.0.821]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB FOLDERS\MSONSEXT.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\WINRAR\RAREXT.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SSC\VPSHELL2.DLL]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRAM FILES\3721\ALLIVEEX.DLL]  [ , 1, 0, 3, 1006]
    [C:\PROGRAM FILES\3721\AUTOLIVE.DLL]  [$, 1, 2, 0, 1330]
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\ALREX.DLL]  [$, 1, 0, 1, 1001]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL]  [北京三七二一科技有限公司, 1, 0, 4, 2]
[PID: 4294771495][C:\WINDOWS\EXPLORER.EXE]  [Microsoft Corporation, 4.72.3110.1]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMINEX.DLL]  [国风因特软件(北京)有限公司, 1, 0, 3, 5]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSIO.DLL]  [北京三七二一科技有限公司, 1, 0, 2, 8]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMINIO.DLL]  [北京三七二一科技有限公司, 1, 0, 3, 7]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294712355][C:\WINDOWS\RUNDLL32.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294748867][C:\WINDOWS\TASKMON.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294138395][C:\WINDOWS\SYSTEM\INTERNAT.EXE]  [Microsoft Corporation, 4.10.2222]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294134243][C:\WINDOWS\SYSTEM\SYSTRAY.EXE]  [Microsoft Corporation, 4.10.2222]
    [C:\WINDOWS\SYSTEM32\UDAPROP.DLL]  [C-Media Corporation, 1.0.2.2]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\WINDOWS\SYSTEM\CMICNFG.CPL]  [C-Media Corporation, 1, 0, 41, 16]
[PID: 4294115463][C:\WINDOWS\RUNDLL32.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLISCAN.DLL]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLIPROXY.DLL]  [Symantec Corporation, 8.1.0.821]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294126947][C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE]  [Symantec Corporation, 8.1.0.821]
    [C:\PROGRAM FILES\3721\ALLIVEEX.DLL]  [ , 1, 0, 3, 1006]
    [C:\WINDOWS\SYSTEM\TCPIPDOG0.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\NOTIFIER.DLL]  [$, 1, 0, 0, 5]
    [C:\PROGRAM FILES\3721\AUTOLIVE.DLL]  [$, 1, 2, 0, 1330]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
[PID: 4294164667][C:\WINDOWS\RUNDLL32.EXE]  [Microsoft Corporation, 4.10.1998]
    [C:\WINDOWS\SYSTEM\ATI3D2AG.DLL]  [ATI Technologies Inc. , 4.14.01.4011]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
[PID: 4294059279][C:\WINDOWS\SYSTEM\DDHELP.EXE]  [Microsoft Corporation, 4.06.03.0518]
[PID: 4294096911][C:\WINDOWS\SYSTEM\WMIEXE.EXE]  [Microsoft Corporation, 5.00.1755.1]
    [C:\WINDOWS\SYSTEM\TCPIPDOG0.DLL]  [N/A, N/A]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
[PID: 4294064515][C:\PROGRAM FILES\DRCOM\DR.COM 宽带登录客户端\ISHARE_USER.EXE]  [N/A, N/A]
    [C:\WINDOWS\SYSTEM\DHCPCSVC.DLL]  [N/A, N/A]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WEB FOLDERS\MSONSEXT.DLL]  [N/A, N/A]
    [G:\QQ\QQPHONEHELPER.DLL]  [腾讯科技（深圳）有限公司, 2, 1, 2, 23]
    [G:\QQ\QQFILETRANSFER.DLL]  [Tencent, 5, 0, 202, 40]
    [G:\QQ\QQZIP.DLL]  [tencent, 0, 3, 2, 4]
    [G:\QQ\QQADDR.DLL]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 141]
    [G:\QQ\PERSONALDESKTOP.DLL]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [G:\QQ\COMMERCESMNG.DLL]  [(, 1, 0, 0, 1]
    [G:\QQ\QQMAGICFACE.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\QQPLUGIN.DLL]  [N/A, N/A]
    [G:\QQ\BQQAPPLICATION.DLL]  [N/A, N/A]
    [G:\QQ\IMAGEOLE.DLL]  [TODO: <Company name>, 1.0.0.1]
    [G:\QQ\QQSCENEMNG.DLL]  [N/A, N/A]
    [C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH9B.OCX]  [Adobe Systems, Inc., 9,0,28,0]
    [G:\QQ\LONGCONNECTION.DLL]  [tencent, 0, 3, 3, 8]
    [G:\QQ\FLASHAVATARDLL.DLL]  [(, 1, 4, 0, 1]
    [G:\QQ\QQAVATAR.DLL]  [N/A, N/A]
    [G:\QQ\QQPET.DLL]  [ , 1, 0, 0, 1]
    [G:\QQ\DIALERALLINONE.DLL]  [tencent, 1, 4, 0, 0]
    [G:\QQ\PHONEAPI.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\QRINGMNG.DLL]  [N/A, N/A]
    [G:\QQ\GROUPCONNECTION.DLL]  [Tencent, 5, 0, 202, 30]
    [G:\QQ\QQCUSTOMFACE.DLL]  [N/A, N/A]
    [G:\QQ\QQALLINONE.DLL]  [N/A, N/A]
    [G:\QQ\SCCORE.DLL]  [N/A, N/A]
    [G:\QQ\USERDEFINEDHEAD.DLL]  [(, 1, 0, 0, 1]
    [G:\QQ\QQCONFIGPLUGIN.DLL]  [(, 1, 0, 0, 1]
    [G:\QQ\QQSYSMSGMNG.DLL]  [N/A, N/A]
    [G:\QQ\QQGROUPMNG.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\QQSPACE.DLL]  [ , 1, 0, 0, 1]
    [G:\QQ\MAILSUMMARY.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\HOSTINGMGR.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\CAMERADLL.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\NEWSKIN.DLL]  [$, 1, 0, 0, 1]
    [C:\WINDOWS\SYSTEM\TCPIPDOG0.DLL]  [N/A, N/A]
    [G:\QQ\CQQAPPLICATION.DLL]  [N/A, N/A]
    [G:\QQ\QQMAINFRAME.DLL]  [N/A, N/A]
    [G:\QQ\QQRES.DLL]  [tencent, 1, 0, 0, 1]
    [G:\QQ\LOGINCTRL.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\NPKCNTC.DLL]  [INCA Internet Co., Ltd., 2005, 9, 1, 1]
    [G:\QQ\NPKPDB.DLL]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [G:\QQ\TIMPROXY.DLL]  [tencent, 0, 3, 2, 4]
    [G:\QQ\QQAPI.DLL]  [(, 1, 0, 0, 1]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
[PID: 4294109411][G:\QQ\QQ.EXE]  [TENCENT, 0, 0, 0, 0]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [G:\QQ\QQBASECLASSINDLL.DLL]  [,, 1, 0, 0, 1]
    [G:\QQ\QQHELPERDLL.DLL]  [$, 1, 0, 0, 1]
    [G:\QQ\BASICCTRLDLL.DLL]  [Tencent, 5, 0, 200, 14]
    [C:\WINDOWS\SYSTEM\DCIMAN32.DLL]  [Intel(R) Corp., Microsoft Corp., 4.03.1998]
    [G:\QQ\TIMPROXY.DLL]  [tencent, 0, 3, 2, 4]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
[PID: 4294038363][G:\QQ\TIMPLATFORM.EXE]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\SYSTEM\TCPIPDOG0.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\ALLIVEEX.DLL]  [ , 1, 0, 3, 1006]
    [C:\PROGRAM FILES\3721\AUTOLIVE.DLL]  [$, 1, 2, 0, 1330]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294373795][E:\MYIE32DC\MYIE.EXE]  [(, 3, 2, 0, 475]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSHOOK.DLL]  [北京三七二一科技有限公司, 1, 0, 4, 2]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294306927][C:\PROGRAM FILES\WINRAR\WINRAR.EXE]  [N/A, N/A]
    [C:\WINDOWS\SYSTEM\TCPIPDOG0.DLL]  [N/A, N/A]
    [C:\PROGRAM FILES\3721\HELPER.DLL]  [$, 1, 1, 2, 1328]
    [C:\WINDOWS\DOWNLOADED PROGRAM FILES\CNSMIN.DLL]  [北京三七二一科技有限公司, 1, 5, 4, 2]
    [C:\WINDOWS\SYSTEM\NETBIOS.DLL]  [N/A, N/A]
[PID: 4294198267][C:\WINDOWS\TEMP\RAR$EX01.421\SRENG\SRENG.EXE]  [Smallfrogs Studio, 2.2.6.605]

==================================
文件关联
.TXT  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [C:\WINDOWS\winhlp32.exe %1]
.INI  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  OK. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.JS  OK. [C:\WINDOWS\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================

Winsock 提供者
MS.w95.spi.osp
    C:\WINDOWS\SYSTEM\mswsosp.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MS.w95.spi.tcp
    C:\WINDOWS\SYSTEM\TcpIpDog0.dll(N/A, N/A)
MS.w95.spi.udp
    C:\WINDOWS\SYSTEM\TcpIpDog0.dll(N/A, N/A)
MS.w95.spi.raw
    C:\WINDOWS\SYSTEM\TcpIpDog0.dll(N/A, N/A)
MS.w95.spi.rsvptcp
    C:\WINDOWS\SYSTEM\TcpIpDogR0.dll(N/A, N/A)
MS.w95.spi.rsvpudp
    C:\WINDOWS\SYSTEM\TcpIpDogR0.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================

没人吗

说的什么???///

SECSTICK主机抗拒绝服务系统是CHINSEC针对目前流行的全连接无特征DDoS攻击设计的一款软件产品：防护技术在不断的完善，新的攻击技术也层出不穷。拒绝服务攻击从以前单一的大流量耗带宽，发展到如今的高连接无特征。给抗拒绝服务领域提出了更高的挑战。CHINSEC利用数据挖掘技术在看似没有特征的异常连接中找出有价值的信息，以对网络连接进行筛选，关闭恶意连接达到防护目的。SECSTICK主机抗拒绝服务系统和操作系统紧密结合全过程跟踪每个连接，较网络抗拒绝服务系统更全面的了解主机状态从精度上弥补网络抗拒绝服务系统所难以完成的任务。

?????????????