家里两台电脑 今天把那台电脑系统重装了（只做了C盘） 可做完后我没装网卡驱动的时候 我开了下网页可以打开 但不能上网 等我把网卡驱动装完 IE浏览器却怎么也打不开了
并且很多程序也不能打开 提示这个东西 不是有效的WIN32 应用程序

并且连SRE都不能打开了 提示被病毒修改过（新装的系统） 我是重新装后 才打开后扫描的 并且还是通过QQ传到这个电脑上 我才发的


这是刚做完系统 就装了显卡和网卡驱动 其他什么都没装才扫描的


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<ATIModeChange><Ati2mdxx.exe> [(Verified)Microsoft Windows Publisher]
<ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [Microsoft Corporation]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
<C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[DHCP Client / Dhcp][Running/Auto Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation>
[COM+ Event System / EventSystem][Running/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Server / lanmanserver][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation>
[Windows Installer / MSIServer][Stopped/Manual Start]
<C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Network Connections / Netman][Running/Manual Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation>
[Remote Access Connection Manager / RasMan][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation>
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
<C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation>
[Print Spooler / Spooler][Stopped/Manual Start]
<C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation>
[Telephony / TapiSrv][Stopped/Manual Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation>
[WebClient / WebClient][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation>

==================================

驱动程序
[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
<system32\drivers\aec.sys><Microsoft Corporation>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[DigitalChina DCN-530TX Fast Ethernet Adapter Windows Driver / DCN530][Running/Manual Start]
<system32\DRIVERS\DCN530N5.SYS><Digitalchina Networks Limited.>
[HTTP / HTTP][Running/Manual Start]
<System32\Drivers\HTTP.sys><Microsoft Corporation>
[IP Network Address Translator / IpNat][Running/Manual Start]
<system32\DRIVERS\ipnat.sys><Microsoft Corporation>
[MRxSmb / MRxSmb][Running/System Start]
<system32\DRIVERS\mrxsmb.sys><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rdbss / Rdbss][Running/System Start]
<system32\DRIVERS\rdbss.sys><Microsoft Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[Srv / Srv][Stopped/Manual Start]
<system32\DRIVERS\srv.sys><Microsoft Corporation>
[SynTPS / SynTPS][Running/System Start]
<system32\drivers\SynTPS.sys><Synaptics, Inc.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ViaIde / ViaIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>

==================================
浏览器加载项
N/A

==================================
正在运行的进程
[PID: 420][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 476][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\winsrv.dll] [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[PID: 1192][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2869 (xpsp.060316-1523)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\WINDOWS\system32\BROWSEUI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\SHDOCVW.dll] [Microsoft Corporation, 6.00.2900.2919 (xpsp_sp2_gdr.060529-0150)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\LINKINFO.dll] [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)]
[C:\WINDOWS\c_630.nls] [N/A, ]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\iphlpapi.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\WINDOWS\system32\MLANG.dll] [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)]
[PID: 1620][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] [ATI Technologies, Inc., 6.14.10.4000]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2869 (xpsp.060316-1523)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS] [ATI Technologies, Inc., 6.14.10.4000]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308]
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] [ATI Technologies, Inc., 6.14.10.4000]
[PID: 1636][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2869 (xpsp.060316-1523)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600][F:\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2869 (xpsp.060316-1523)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\WINDOWS\system32\WININET.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\urlmon.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\DNSAPI.dll] [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)]
[C:\WINDOWS\system32\CLBCATQ.DLL] [Microsoft Corporation, 2001.12.4414.308]
[PID: 1384][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\USER32.dll] [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)]
[C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation, 5.1.2600.2818 (xpsp_sp2_gdr.051228-1427)]
[C:\WINDOWS\system32\ole32.dll] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)]
[C:\WINDOWS\system32\SHELL32.dll] [Microsoft Corporation, 6.00.2900.2869 (xpsp.060316-1523)]
[C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation, 6.00.2900.2904 (xpsp_sp2_gdr.060509-0218)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

==================================

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

你的电脑里有病毒，可能仅仅借助杀毒软件，不可能彻底清除，重新安装系统是免不了的。不过你最好这样做，才能彻底清除病毒，虽然损失不小。
搜索c盘以外的其他分区所有的.exe和.com文件，全部删除。对有个别文件无法删除的情况，也不要紧，格c分区后重新装好系统，先不要进行其他操作，包括打开任何文件夹。重新搜索c分区以外其他分区的所有.exe和.com文件，全部删除。然后再安装驱动和到知名网站重新下载相应的软件进行安装。

威金病毒发作的症状和你所述非常相似。我曾用此办法彻底清除了威金、熊猫烧香等病毒。

啊 ？ 所有分区的EXE和COM 都删
那不差不多相当于所有盘都格了？

我还不如直接全格了

再说 我是已经重装完系统 出现的毛病

你想不重新做系统弄好的可能性不大，你中的是威金蠕虫类的病毒，新装的系统，只要你通过双击打开C盘以后的任何盘，你的系统就全是病毒了，想损失小点就装完系统后，用右键打开C盘以后的盘，在文件夹选项里的查看选项卡里，设置显示所有文件和文件夹，包括系统隐藏文件，删除根目录下的隐藏属性的所有可执行文件，和AUTO开头的所有文件后，装杀毒软件，更新病毒库，全盘杀毒后再进行其他操作就可以了。

好像是这么回事

我问别人 也是说隐藏的EXE和INF什么的 也是让我删除

是不是隐藏的EXE或AUTO全要删除？

是的! 右建打开C盘 删下面所有的可执行文件和auto 开头的文件!`

是不是要再次重做系统后 然后右键打开其他盘 把隐藏的全显示 然后再删呢？

现在删没用吧？