每次登录XP系统，再出现输入用户名密码的对话框之前总会出现一个全是乱码的提示框，只能点确定，不点就关闭不了。进入系统后cpu占用100%, 进程里有个iexplore.exe进程不断的出现和消失。

以下是卡卡助手扫描结果：
Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 09:41:22, on 2006-07-04
Platform: Microsoft Windows XP Professional  (Build 2600)
MSIE: Internet Explorer v6.00  (6.00.2600.0000 (xpclient.010817-1148))


Running processes:
[Explorer.EXE]
CommandLine = C:\WINDOWS\Explorer.EXE

[regedit.com]
CommandLine = "C:\WINDOWS\regedit.com"

[taskmgr.exe]
CommandLine = taskmgr.exe

[KkScan.exe]
CommandLine = "C:\Program Files\Rising\KakaToolBar\KkScan.exe"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%systemRoot%\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://searchbar.findthewebsiteyouneed.com
R3 - Default URLSearchHook is missing
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1      http://www.martfinder.com/index.htm
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra Button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra Button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/windows/ie_intl/cn/start/
O16 - DPF: DirectAnimation Java Classes - file://C:\WINDOWS\System32\dajava.cab
O16 - DPF: Internet Explorer Classes for Java - file://C:\WINDOWS\System32\iejava.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{066B25B3-EF18-48DC-9DD3-FBCA34260D00}: NameServer = 85.255.116.28,85.255.112.124
O17 - HKLM\System\CCS\Services\Tcpip\..\{F52C5CA0-328B-4FE9-97C0-4D6121D8006A}: NameServer = 85.255.116.28,85.255.112.124
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\System32\wiascr.dll
O20 - Winlogon Notify: artm_newreg
O20 - Winlogon Notify: IME
O20 - Winlogon Notify: MCD
O20 - Winlogon Notify: NavLogon
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - C:\WINDOWS\System32\dcom_24.dll
O22 - SharedTaskScheduler: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - C:\WINDOWS\System32\dcom_24.dll
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) - Macrovision - C:\WINDOWS\System32\drivers\cdac11ba.exe
O23 - Service: C-DillaSrv (C-DillaSrv) - C-Dilla Ltd - C:\WINDOWS\System32\drivers\cdantsrv.exe
O23 - Service: Command Service (cmdService) -  - C:\WINDOWS\dG9naGliYQ\command.exe
O23 - Service: DefWatch (DefWatch) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Local Windows Service (Local Windows Service) -  - C:\WINDOWS\System32\vtray.exe"
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Windows Update Manager (UpdateManager) -  - C:\WINDOWS\update\updmgr.exe /updatemgr
O23 - Service: winavguard (winavguard) -  - "C:\WINDOWS\winavguard.exe"

里面的020的第一个，因为病毒正在运行，我在注册表里面怎样也删不掉。改注册标程序名字或类型，病毒会自动生成一个新的regedit.exe文件

请高手指点，多谢多谢~！

另外进入安全模式也是如此。
有什嘛办法能够停掉这个病毒的运行嘛？
用卡卡查进程，只显示三个进程：Explorer.exe(C:\windows\Explorer.EXE), KillProce.exe,还有一个可疑的rundll32.exe程序，结束后还会运行几次，每次调用的文件都不一样，但最后还会结束掉，不再出现，但iexplore.exe进程还是不断的出现消失

下面是用hijackthis又做的扫描
Logfile of HijackThis v1.99.1
Scan saved at 9:42:30, on 2006-7-4
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\regedit.com
C:\WINDOWS\System32\taskmgr.exe
C:\Documents and Settings\ygb\桌面\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R3 - Default URLSearchHook is missing
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra 'Tools' menuitem: kele8 - {84920E5F-3788-49cd-A274-E365578DF174} - http://www.kele8.com/ (file missing)
O9 - Extra button: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D0A29C6C-AA71-4423-8C4A-5998B774C448} (IEDown Class) - http://download.ourgame.com/IEDown4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{066B25B3-EF18-48DC-9DD3-FBCA34260D00}: NameServer = 85.255.116.28,85.255.112.124
O17 - HKLM\System\CCS\Services\Tcpip\..\{F52C5CA0-328B-4FE9-97C0-4D6121D8006A}: NameServer = 85.255.116.28,85.255.112.124
O17 - HKLM\System\CS1\Services\Tcpip\..\{066B25B3-EF18-48DC-9DD3-FBCA34260D00}: NameServer = 85.255.116.28,85.255.112.124
O17 - HKLM\System\CS2\Services\Tcpip\..\{066B25B3-EF18-48DC-9DD3-FBCA34260D00}: NameServer = 85.255.116.28,85.255.112.124
O19 - User stylesheet: C:\WINDOWS\windows.dat
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll
O20 - Winlogon Notify: IME - C:\WINDOWS\system32\vjrifier.dll (file missing)
O20 - Winlogon Notify: MCD - C:\WINDOWS\system32\lvnm0951e.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O21 - SSODL: DCOM Server - {2C1CD3D7-86AC-4068-93BC-A02304BB8C34} - C:\WINDOWS\System32\dcom_24.dll
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

请高手能给个解决方案，多谢

多谢多谢！！！成功干掉artm_new.dll.现在起机症状正常。赶紧再杀遍毒，估计别的也少不了。
多谢提供killbox这样好东西，多谢！