First, download this program called autoruns and save it to the desktop. Then, once launched, go to options->hide microsoft entries. Look through the tabs to see if there is anything that goes with winime.exe or anything that doesn't have a description and uncheck it. BE VERY CAREFUL. IF YOU UNCHECK CERTIAN THINGS, YOU COULD DAMAGE YOUR COMPUTER.
then go into safe mode by pressing F8 while your computer is starting to boot up. Click on administrator and delete anything, including the registry keys, that goes with winime.exe. http://download.sysinternals.com/Files/Autoruns.zip
如果是數個,你也有可能是中了I-Worm.Wukill.b病毒。
該病毒採用文件夾圖標,很具誘惑性。病毒運行后,會將自己大量複製到其他目錄中。病毒首次運行時顯示"This File Has Been Damage!",然後將Mstray.exe複製到windows目錄,再在註冊表[HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\Currentversion\\Run]加入自身的啟動項,該病毒會枚舉磁碟目錄,在每個根目錄下釋放下列文件:winfile.exe(病毒主體程序,它會隱藏擴展名,而且是文件圖標)、comment.htt(利用IE漏洞調用同一個目錄下的winfile.exe,屬性為隱藏)、desktop.ini(屬性為系統+隱藏,當採用Web方式瀏覽文件夾時,系統會調用該文件,再由該文件調用comment.htt,從而激活病毒)。同時病毒還會在當前路徑下生成的自身拷貝,名稱採用上級目錄,或者是當前窗口的標題,隱蔽性極高。最後病毒會調用Outlook傳播攜帶病毒的信件。值得注意的一點是,該病毒啟動時一定會調用winime.exe程序,出現在任務管理器的「應用程序」中,可以右擊它選「轉到進程」,就能找到Mstray.exe,不過有時不是Mstray.exe,該病毒的新版本會改用其它名字,如Ki.exe或是別的名字,只要通過winime.exe就能找到它,然後結束進程樹,再殺毒。