一下子多了好多conime.exe.

显示全部楼层 · 发表于 2007-5-23 16:47:29

(xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
[C:\windows.0\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[C:\windows.0\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\racer-han-cnc\components\racer_nss4_comp.dll]  [Putian Runway, 3,3,116,192]
[C:\Program Files\racer-han-cnc\nss4.dll]  [北京润汇科技有限公司, 1, 0, 0, 4]
[C:\Program Files\racer-han-cnc\wpcap.dll]  [CACE Technologies, 3, 2, 0, 29]
[C:\Program Files\racer-han-cnc\packet.dll]  [CACE Technologies, 3, 2, 0, 29]
[C:\Program Files\racer-han-cnc\WanPacket.dll]  [CACE Technologies, 3, 2, 0, 29]
[C:\windows.0\system32\NPPTools.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MFC42u.DLL]  [Microsoft Corporation, 6.02.8071.0]
[C:\windows.0\system32\MFC42LOC.DLL]  [Microsoft Corporation, 6.00.8665.0]
[C:\windows.0\system32\npp\ndisnpp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[PID: 1044][D:\木马清道夫\Trojanwall.exe]  [风云谷, 5.5.0.1916]
[C:\windows.0\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)]
[C:\windows.0\system32\user32.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\windows.0\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\windows.0\system32\advapi32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\oleaut32.dll]  [Microsoft Corporation, 5.1.2600.2180]
[C:\windows.0\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\windows.0\system32\version.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
[C:\windows.0\system32\shell32.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
[C:\windows.0\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\wininet.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\URLMON.DLL]  [Microsoft Corporation, 6.00.2900.3072 (xpsp_sp2_gdr.070124-2319)]
[C:\windows.0\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\winmm.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IPHLPAPI.DLL]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\windows.0\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\木马清道夫\ftcapi.dll]  [fygsoft, 1.1.0.0]
[C:\windows.0\system32\hhctrl.ocx]  [Microsoft Corporation, 5.2.3790.2847 (srv03_sp1_gdr.061210-2319)]
[C:\windows.0\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\mui\0804\hhctrlui.dll]  [Microsoft Corporation, 4.74.9273]
[C:\windows.0\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSWSOCK.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WtsApi32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[D:\木马清道夫\PSAPI.dll]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\windows.0\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\System32\winrnr.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[PID: 960][C:\windows.0\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)]
[C:\windows.0\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\windows.0\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\windows.0\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSUTB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\windows.0\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.2180]
[C:\windows.0\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
[C:\windows.0\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[PID: 2044][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)]
[C:\windows.0\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\windows.0\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\windows.0\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SHDOCVW.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\CRYPTUI.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.2180]
[C:\windows.0\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\windows.0\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
[C:\windows.0\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\WLDAP32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[C:\windows.0\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
[C:\windows.0\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
[C:\windows.0\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\BROWSEUI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll]  [Kaspersky Lab, 6.0.2.621]
[C:\windows.0\system32\browselc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\appHelp.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\CLBCATQ.DLL]  [Microsoft Corporation, 2001.12.4414.308]
[C:\windows.0\system32\COMRes.dll]  [Microsoft Corporation, 2001.12.4414.258]
[C:\windows.0\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\cscui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\CSCDLL.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SETUPAPI.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3072 (xpsp_sp2_gdr.070124-2319)]
[C:\windows.0\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

显示全部楼层 · 发表于 2007-5-23 16:47:59

[C:\windows.0\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\mlang.dll]  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
[C:\windows.0\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\windows.0\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
[C:\windows.0\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\msls31.dll]  [Microsoft Corporation, 3.10.349.0]
[C:\windows.0\system32\PSAPI.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS.0\system32\msimtf.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS.0\system32\jscript.dll]  [Microsoft Corporation, 5.6.0.8831]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll]  [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.2.621]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl]  [Kaspersky Lab, 6.0.2.621]
[C:\WINDOWS.0\system32\dxtrans.dll]  [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)]
[C:\WINDOWS.0\system32\ATL.DLL]  [Microsoft Corporation, 3.05.2284]
[C:\WINDOWS.0\system32\ddrawex.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS.0\system32\DDRAW.dll]  [Microsoft Corporation, 5.03.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS.0\system32\DCIMAN32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS.0\system32\dxtmsft.dll]  [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)]
[C:\WINDOWS.0\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[C:\windows.0\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\wdmaud.drv]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\windows.0\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\midimap.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\schannel.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\basegui.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.2.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.621]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.2.621]
[C:\windows.0\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\WINDOWS.0\system32\mshtmled.dll]  [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)]
[C:\WINDOWS.0\system32\iepeers.dll]  [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)]
[C:\WINDOWS.0\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSRATING.dll]  [Microsoft Corporation, 6.00.2900.3086 (xpsp_sp2_gdr.070218-2314)]
[C:\windows.0\system32\msratelc.dll]  [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\WINDOWS.0\system32\actxprxy.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ntshrui.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MPR.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\drprov.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\ntlanman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\NETUI0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\NETUI1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\NETRAP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\SAMLIB.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\davclnt.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSGINA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINSTA.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ODBC32.dll]  [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\odbcint.dll]  [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld)]
[C:\WINDOWS.0\system32\wuapi.dll]  [Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[C:\windows.0\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3224][C:\windows.0\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)]
[C:\windows.0\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\windows.0\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\windows.0\system32\IMM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ShimEng.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\AppPatch\AcGenral.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\windows.0\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.2180]
[C:\windows.0\system32\MSACM32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
[C:\windows.0\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\comctl32.dll]  [Microsoft Corporation, 5.82 (xpsp.060825-0040)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[C:\windows.0\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2520][G:\新建文件夹 (2)\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
[C:\windows.0\system32\ntdll.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\kernel32.dll]  [Microsoft Corporation, 5.1.2600.2945 (xpsp_sp2_gdr.060704-2349)]
[C:\windows.0\system32\USER32.dll]  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\windows.0\system32\GDI32.dll]  [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\windows.0\system32\comdlg32.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SHLWAPI.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\ADVAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RPCRT4.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msvcrt.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\SHELL32.dll]  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)]
[C:\windows.0\system32\WINSPOOL.DRV]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\oledlg.dll]  [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)]
[C:\windows.0\system32\ole32.dll]  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\windows.0\system32\OLEAUT32.dll]  [Microsoft Corporation, 5.1.2600.2180]
[C:\windows.0\system32\VERSION.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\CRYPT32.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\MSASN1.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINMM.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WS2_32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WS2HELP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WININET.dll]  [Microsoft Corporation, 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050)]
[C:\windows.0\system32\IMM32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\LPK.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\USP10.dll]  [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\木马清道夫\ProcessHook.dll]  [Fygsoft and Microsoft, 1.1.0.55]
[C:\windows.0\system32\RICHED20.DLL]  [Microsoft Corporation, 5.30.23.1228]
[C:\windows.0\system32\MSCTF.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msctfime.ime]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\sfc.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\WINTRUST.dll]  [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\IMAGEHLP.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\Sensapi.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\Secur32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\wsock32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\RASAPI32.DLL]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rasman.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\NETAPI32.dll]  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106)]
[C:\windows.0\system32\TAPI32.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rtutils.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\msv1_0.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\iphlpapi.dll]  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\windows.0\system32\USERENV.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\urlmon.dll]  [Microsoft Corporation, 6.00.2900.3072 (xpsp_sp2_gdr.070124-2319)]
[C:\windows.0\System32\mswsock.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\DNSAPI.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\system32\rasadhlp.dll]  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)]
[C:\windows.0\system32\hnetcfg.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\System32\wshtcpip.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\xpsp2res.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\windows.0\system32\rsaenh.dll]  [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629)]

显示全部楼层 · 发表于 2007-5-23 16:48:33

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS.0\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost

==================================
API HOOK
RVA  错误： LoadLibraryA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xBAE5EAF0)
RVA  错误： LoadLibraryExA (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xBAE5ECD0)
LoadLibraryExW (危险等级: ,  被下面模块所HOOK: )
RVA  错误： LoadLibraryW (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0xBAE5EBE0)
入口点错误：FreeLibrary (危险等级: 一般,  被下面模块所HOOK: Dest Addr: 0x5F00002D)
RVA  错误： GetProcAddress (危险等级: 高,  被下面模块所HOOK: Dest Addr: 0xBAE5EDE0)

==================================
隐藏进程
N/A

==================================

[/CODE]

显示全部楼层 · 发表于 2007-5-23 16:49:43

谢谢，全部贴完。请您给看看。

显示全部楼层 · 发表于 2007-5-23 16:58:30

怎么装的系统啊系统分区怎么会出现windows.0呢。。。。。这个是什么文件夹啊！
而且看你的日志也不像是中毒了啊！
最好的办法你重装系统吧!

显示全部楼层 · 发表于 2007-5-23 17:06:25

发表于 2007-5-23 16:58 资料个人空间短消息加为好友
怎么装的系统啊系统分区怎么会出现windows.0呢。。。。。这个是什么文件夹啊！
而且看你的日志也不像是中毒了啊！
最好的办法你重装系统吧!

是这样的，我原来的是SP1的，后来在网上下了个深度优化飘零2合一的，这样在正常的WINDOWS后边就又有了个WINDOWS。0

显示全部楼层 · 发表于 2007-5-23 17:07:46

我个人认为最好的办法就是重新安装一定要格式化C盘！这样装完比较干净！！！

显示全部楼层 · 发表于 2007-5-23 17:10:02

日志未看出异常，我记得有人说和深度的xp有关，但是不确定。你可以尝试我找到的终结此进程的方法：

彻底删除禁止conime.exe启动运行方法
作者: 古佰(jention) 时间： 2006-04-20 21:45:10 留言个人文集

编辑编辑器引用
第一步首先结速conime.exe进程，然后在system32中找到conime.exe将其删除。
第二步修改注册表找到："HKEY_CURRENT_USER\Console"中的"LoadConIme"修改为"0"即可
--------------------------------------
conime.exe进程说明：conime.exe是输入法编辑器，允许用户使用标准键盘就能输入复杂的字符与符号! conime.exe同时可能是一个bfghost1.0远程控制后门程序。此程序允许攻击者访问你的计算机，窃取密码和个人数据。建议立即删除此进程。”
以前总是不知什么时候这个进程就悄悄启动了，后来才发现往往在运行cmd.exe之后会出现。但是conime.exe并不是cmd.exe的子进程，它的的父进程ID并没有在任务管理器中显示。
conime经常会被病毒利用感染，建议删除。

显示全部楼层 · 发表于 2007-5-23 17:18:39

换系统吧，最好原版，我个人认为

显示全部楼层 · 发表于 2007-5-23 17:20:56

我是刚装的，而且我的盘是SP1的，要想升级成SP2的，还得装飘零的，这样就又成了多个WINDOWS。0了。
还请教您一个问题，本来是装了GHOST的，可前几天我还原的时候，到了70%的时候，自动关机了。试了好几次都这样。而且买电脑的时候，里边就予装有个还原精灵，原来也是可以用的，但这次GHOST坏了后，这个还原精灵也不能用了，也是还原到70%左右的时候，突然关机。
现在真不知该怎样办了。

[已解决] 一下子多了好多conime.exe.