我的电脑中过木马病毒,杀毒之后一开机就出现 ‘加载c:\windows\system32\fnewq.dll时出错,内存分配访问无效', 点确定后电脑正常运行,但这个文件怎么都删除不了,杀毒也没用,后来我把注册表里相关键值删掉,开机却出现另外两个框‘fnewq.dll为无效的WINDOWS映象.请再检测一遍您的安装盘’和‘加载c:\windows\system32\fnewq.dll时出错,1%不是有效的win32应用程序', 安全模式下杀毒,优化,清理都试过,还是不行,昨天我跑了一下hijackthis,导出日志,大家帮我分析一下是怎么回事?
//以下是hijackthis.log
Logfile of HijackThis v1.99.1
Scan saved at 21:31:31, on 2007-4-3
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QQ2006\QQ.EXE
C:\Program Files\Thunder\Program\Thunder5.exe
D:\soft\ha_hijackthis_1991\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: 超级兔子上网精灵 - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - D:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - D:\PROGRA~1\SUPERR~1\MAGICSET\haokanbar.dll
O4 - HKLM\..\Run: [Thunder] "C:\Program Files\Thunder\Thunder.exe" /s
O4 - HKLM\..\Run: [switch] c:\windows\system32\壁纸自动换.exe
O4 - HKLM\..\Run: [Super Rabbit SRRestore] D:\Program Files\Super Rabbit\MagicSet\srrest.exe /autosave
O4 - HKLM\..\Run: [SoundMan] ; SOUNDMAN.EXE
O4 - HKLM\..\Run: [SKYNET Personal FireWall] D:\PROGRA~1\SKYNET\FIREWALL\pfw.exe
O4 - HKLM\..\Run: [KAVPersonal50] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [NvCplDaemon] ; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Super Rabbit IEPro] ; D:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: 千千静听.lnk = C:\Program Files\TTPlayer\TTPlayer.exe
O8 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: kavsvc - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
