Hi all, and thank you for "bring me home safely" at last. I don't know what exactly went (right) this time-- and I'm sorry I didn't jot them down, but here is a sketch of what happened:
NAV prompted that it's about time to "check for virus definitiond update" (happens every 3 weeks or so) so I downloaded and run the update of Jan. 6t, 2008 then suddenly I've got several "virus found and deleted" messages-- this time not with the name hackool.rootkit but other name (sorry, too excited to write down then), it could be something like (data getter) or (info grabber), in every partition in my laptop (then pc, did the same there), and I also glimpsed an "n1deiect.com". Then I had the heart to do it all over from scratch: removed Hide Files and Folder (too soon to get your last post, Broni), modified the registry (before then every value used to return to its original 2 or 0 after I edit to 01, but not anymore), restarted in safe mode, checked Show Hidden Files and Folders and looked for amvo.exe (didn't find it this time also but found and deleted amvo0.dll instead), stopped System Restore and restarted to see my hidden files and folders for the first time.
I think everything is doing good after all (or is it?) (if you say, and for the public use, I'll post HJT reports in a day or two).
Yu're right, evilfantasy; but do I still need the dummy Autorun.inf in my thumb drive? Its look freaks me out.