这几天，每次杀毒时都显示有病毒，名为：Trojan.DL.Agent.dym 被感染的文件是C:\WINDOWS\System32\sortnls  瑞星杀毒软件每次都显示删除成功，可重新起动电脑后，再杀时又出现同样的病毒，好烦，敬请高手指点。

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ RavMonRavMon Rising realtime monitor (Not verified) Beijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravmon.exe

+ RavTimerRavTimer(Not verified) Beijing Rising Technology Co., Ltd.c:\program files\rising\rav\ravtimer.exe

+ RfwMainRising Personal FireWall Main Program(Not verified) Beijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwmain.exe

C:\Documents and Settings\All Users\「开始」菜单\程序\启动

+ Adobe Reader Speed Launch.lnkAdobe Acrobat SpeedLauncher(Not verified) Adobe Systems Incorporatedc:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ RISINGRising Shell Ext Module(Not verified) Beijing Rising Technology Co., Ltd.c:\windows\system32\ravext.dll

+ Shell Extensions for RealOne PlayerRealPlayer Shell Extensions(Not verified) RealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll

+ 好看123上网精灵File not found: F:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell ExtensionPDF Shell Extension(Not verified) Adobe Systems, Inc.c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AcroIEHlprObj ClassAdobe Acrobat IE Helper Version 7.0 for ActiveX(Verified) Adobe Systems, Incorporatedc:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll

+ BandIE ClassBaiduBar Module(Not verified) Baidu.com, Inc.c:\program files\baidu\bar\baidubar.dll

+ Google Toolbar HelperGoogle IE 客户端工具栏(Not verified) Google Inc.c:\program files\google\googletoolbar1.dll

+ QQBrowserHelperObject ClassQQIEHelper Module(Not verified) 深圳市腾讯计算机系统有限公司c:\program files\tencent\qq\qqiehelper.dll

+ ThunderIEHelper Classxunleibho BHO(Not verified) Thunder Networking Technologies,LTDc:\windows\system32\xunleibho_v8.dll

+ 超级兔子上网精灵File not found: F:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL

HKLM\Software\Microsoft\Internet Explorer\Toolbar

+ 超级兔子上网精灵File not found: F:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ QQQQ(Not verified) TENCENTc:\program files\tencent\qq\qq.exe

HKLM\System\CurrentControlSet\Services

+ EnvSecc:\windows\system32\envsec.exe

+ EpsonBidirectionalServicec:\program files\common files\epson\ebapi\eebsvc.exe

+ EPSONStatusAgent2EPSON Printer Status Agent(Not verified) SEIKO EPSON CORPORATIONc:\program files\common files\epson\ebapi\sagent2.exe

+ RfwServiceRising Personal Firewall Service(Not verified) Beijing Rising Technology Corporation Limitedc:\program files\rising\rfw\rfwsrv.exe

+ RsCCenterCCenter(Not verified) risingc:\program files\rising\rav\ccenter.exe

+ WDelMgr20c:\windows\system32\drivers\wdelmgr20.exe

HKLM\System\CurrentControlSet\Services

+ BaseTDIbasetdi(Not verified) Risingc:\windows\system32\drivers\basetdi.sys

+ ExpScanerFile not found: F:\PROGRAM FILES\RISING\RAV\ExpScan.sys

+ HookContTDI HOOK Driver(Not verified) Rising tech Co. ltdc:\program files\rising\rav\hookcont.sys

+ HookRegc:\program files\rising\rav\hookreg.sys

+ HookSys(Not verified) 瑞星c:\program files\rising\rav\hooksys.sys

+ kmsinputc:\windows\system32\drivers\kmsinput.sys

+ New0c:\windows\system32\new.sys

+ NPFNPF Driver - TME extensions(Not verified) Politecnico di Torinoc:\windows\system32\drivers\npf.sys

+ PxHelp20Px Engine Device Driver for Windows 2000/XP(Not verified) Sonic Solutionsc:\windows\system32\drivers\pxhelp20.sys

+ RsFwDrvnt_fwdrv(Not verified) Risingc:\program files\rising\rfw\rsfwdrv.sys

+ UnlockerDriver4File not found: F:\Program Files\Unlocker\UnlockerDriver4.sys

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9

+ IDM_LAYERED_MSAFD Tcpip [TCP/IP]c:\windows\system32\idmmbc.dll

+ IDM_LAYERED_MSAFD Tcpip [UDP/IP]c:\windows\system32\idmmbc.dll

+ IDM_LAYERED_RSVP TCP Service Providerc:\windows\system32\idmmbc.dll

+ IDM_LAYERED_RSVP UDP Service Providerc:\windows\system32\idmmbc.dll

+ IDM_LPc:\windows\system32\idmmbc.dll

现在用HijackThis保存的一个日志再发上来，麻烦专家或各位高手给指点一下。

Logfile of HijackThis v1.99.1
Scan saved at 12:20:46, on 2005-12-8
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

运行进程:           
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rfw\rfwmain.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\drivers\WDelMgr20.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
F:\Program Files\金山词霸 2005\xdict.exe
C:\PROGRA~1\Kingsoft\FASTAI~1\KTEngine.exe
F:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\WinRAR\WinRAR.exe
D:\Personal\Temp\Rar$EX36.729\HijackThis v1.99.1 汉化版\HijackThis.exe

O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - F:\Program Files\IDM下略载厝软砑件\IDMIECC.dll (文件故障)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (没有文件) 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - F:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL (文件故障)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (没有文件) 
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - C:\Program Files\Kingsoft\FastAIT 2005\IEBand.dll
O3 - Toolbar: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: BitCometBar - {3F1ABCDB-A875-46c1-8345-B72A4567E486} - F:\Program Files\BitComet\BitCometBar\BitCometBar0.2.dll
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 超级兔子上网精灵 - {FEDF637B-F631-4583-A210-33CC828D42DB} - F:\PROGRA~1\SUPERR~1\MagicSet\HAOKAN~1.DLL (文件故障)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [RfwMain] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &使用迅雷下载 - F:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - F:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - Extra context menu item: Google 搜索(&G) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: 使用 IDM 下载 - F:\Program Files\IDM下载软件\IEExt.htm
O8 - Extra context menu item: 使用 IDM 下载所有链接 - F:\Program Files\IDM下载软件\IEGetAll.htm
O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - Extra context menu item: 百度-搜索MP3 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM
O8 - Extra context menu item: 百度-搜索图片 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM
O8 - Extra context menu item: 百度-搜索新闻 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM
O8 - Extra context menu item: 百度-搜索歌词 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM
O8 - Extra context menu item: 百度-搜索网页 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM
O8 - Extra context menu item: 百度-搜索贴吧 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM
O8 - Extra context menu item: 百度-词典搜索 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM
O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - (没有文件) 
O9 - Extra 'Tools' menuitem: 新浪UC - {2253922F-1B26-4C74-8B57-E3AEE748DBB8} - (没有文件) 
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program Files\Tencent\QQ\QQIEHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\idmmbc.dll
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {339C1EE2-1029-46B8-81F1-360217F26FC4} (VGAPlayer Control) - http://219.144.186.219/wysjyzz/1/VGAPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1130001050449
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/ravkill/rsonline.cab
O16 - DPF: {DE3496D2-AFB9-47EB-A8C2-C3B330222513} (PhotoUpload Control) - http://www.photo.163.com/PhotoUpload.cab