一开机瑞星就提示有病毒,点击清除后,发现名称是(Backdoor.Gpigeon.2006.bgn)可是上官网查不到此病毒的信息,这是什么毒,用瑞星全盘杀毒后,再次开机上来还是有提示这个病毒,怎么办??,知情高手请帮帮忙~~~~

鸽子
下载 System Repair Engineer，
http://www.kztechs.com/sreng/download.html
1 解压缩sreng2.zip
2 运行SREng.exe
3 智能扫描=》扫描=》保存报告
4 把日志中的报告完整拷贝贴上来，不要修改

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

1-------------------

Logfile of HijackThis v1.99.1
Scan saved at 22:16:28, on 2007-4-2
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Rising\Rav\Ravmond.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
d:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\Explorer.EXE
d:\program files\rising\rfw\RfwMain.exe
D:\Program Files\Rising\Rav\RavTask.exe
D:\Program Files\Rising\Rav\Ravmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\GreenBrowser\GreenBrowser.exe
D:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
D:\Program Files\GreenBrowser\GreenBrowser.exe
G:\文件\mpmp文件等\杀毒\HijackThis.exe

O2 - BHO: WebThunder Browser Helper - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - G:\动漫\动漫下载器\WebThunderBHO_016.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: XBTB05774 - {129DD540-E5E4-4601-825A-43ED660159E0} - C:\WINDOWS\DOWNLO~1\135mp3.dll (file missing)
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - d:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\KakaTool.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [runeip] D:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [Thunder] D:\Program Files\Thunder Network\Thunder\Thunder.exe /s
O4 - HKLM\..\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Xplus_spy] "d:\Program Files\Xplus\xvcclip.exe" /min
O4 - HKCU\..\Run: [systema.exe] C:\WINDOWS\system32\systema.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - G:\文件\QQ(06-11-23)\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - G:\动漫\动漫下载器\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - G:\动漫\动漫下载器\GetAllUrl.htm
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 反向链接 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: 添加到QQ自定义面板 - G:\文件\QQ(06-11-23)\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - G:\文件\QQ(06-11-23)\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - G:\文件\QQ(06-11-23)\QQ\SendMMS.htm
O8 - Extra context menu item: 类似网页 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: 缓存的网页快照 - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: 翻译英文字词(&T) - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O9 - Extra button: 柳城天威 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.gxlctw.com (file missing)
O9 - Extra button: Offline Web 2.0 - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Offline Web 2.0 - {6D53ADB7-6AD5-4A59-BFE4-7B57D2F4AA89} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\文件\QQ(06-11-23)\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - G:\文件\QQ(06-11-23)\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

2--------------------

O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {046B2A7D-013B-4D37-BE96-E8F693CDEBAA} (DWSmartWebInstaller Control) - http://dn.dreamwiz.com/ActiveX/dwsmart/DWSmartWebInstaller.cab
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} - http://www.clubbox.co.kr/neo.fld/NowStarter.cab
O16 - DPF: {07B6D899-28AA-416B-925A-F5EA188936E0} (SCX Control) - http://www.supercleani.com/in/SuperCleaniX.cab
O16 - DPF: {20C2C286-BDE8-441B-B73D-AFA22D914DA5} (PowerList Control) - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {2354A44B-3CEB-4829-9940-545B03103538} (PowerPlr Control) - http://movie.sun116.com/plugin/PowerPlr.ocx
O16 - DPF: {29AD8C7D-9EA0-4CA1-A93D-F207E88EEDEE} (DrPcX Control) - http://www.drpcgo.com/pc/DrPcAct.cab
O16 - DPF: {30348281-949B-4E9F-8A99-44EC423EB66D} (MoxtvUploadX Control) - http://u11.mofile.com/cn/upload/MoxtvFX.CAB
O16 - DPF: {3676996C-D8C6-4356-B4BE-3A80400C606E} ({3676996C-D8C6-4356-B4BE-3A80400C606E}) - http://vod.ktxp.com/BoBo_ActiveX.ocx
O16 - DPF: {474AD63A-9B7E-40FE-8E4E-7067CC0F8D3D} (IB_OnAir.IBOnAir) - http://ionair.sbs.co.kr/onair/IB_OnAir.CAB
O16 - DPF: {51C99F40-9E0E-4BF1-A92A-77121CC01AD0} (IMBCClient Control) - http://touch.imbc.com/ocx/Online.cab
O16 - DPF: {52FF336D-A05D-4A14-A3A1-7B6B4B427F88} (UploadControl Control) - http://blog.163.com/bin/UploadControl.cab
O16 - DPF: {60B33001-5F10-4A94-A7E4-77A3D8F5C78E} (OnAirClient Control) - http://ionair.sbs.co.kr/onair/OnAirClient.cab
O16 - DPF: {6AD54F1E-D241-48B4-ACFF-37BA1B1BF7AD} (SMInstallCom Class) - http://ax.spymedic.co.kr/control/SpyMedicWebInst.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152762035119
O16 - DPF: {74AECDB8-2B54-4ED4-83D5-2676E0FE51B3} (MnetAxplay.UCPlay) - http://www.mnet.com/_Global/Player/MnetAxplay.CAB
O16 - DPF: {765A88D3-EB24-4A26-ACCF-1F754DB281FE} (pcbaksaActiveFormX Control) - http://pcbagsa.com/down/pcbaksaActiveFormProj1.cab
O16 - DPF: {7FC751A9-492D-41B1-9F8D-D2C8809D8907} (EmoWebInstallerCtl Class) - http://img.365ren.com/tv/cabs/EmoWebInstaller.cab
O16 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://upload.photo.163.com/163Uploader.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/cab9_1/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C} (MagicLockOCX Control) - http://magiclock.yozii.com/MagicLockOCX.cab
O16 - DPF: {A984ED9F-E8DA-44E5-BC18-C14B9ABEF79D} (photo_uploader Control) - http://upload.photo.163.com/photoup.cab
O16 - DPF: {B1BAA0F2-3317-48E2-A56A-F6D8F96C5E68} (MofileConatct Control) - http://www.mofile.com/activex/MoCon.CAB
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C2C16510-10F4-46FE-A82C-4846435EBDEB} (p3muzset Class) - http://casx.musiccity.co.kr/damoim/dll/p3damoimset.cab
O16 - DPF: {D4B8CB6E-3445-4553-B717-750CEFA98B3E} (ADScanInstaller Control) - http://down.adscan.co.kr/adscan/activex/ADScanInstaller.cab
O16 - DPF: {D9306BD1-2325-4C28-8632-B02330C1BB02} (PhotoUploadCtrlMini Control) - http://blog.163.com/bin/PhotoUploadCtrlMini.cab
O16 - DPF: {DA787D51-FB62-4AF5-989D-AF4AA38DDB18} (JukeOnSet Class) - http://www.joos.co.kr/joos_music/player/cab/installer.cab
O16 - DPF: {E41F7EA0-F9A0-4768-9B0E-13E7D8F676D0} (DRMDel Control) - http://license.sbs.co.kr/DRMDel/DRMDel.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2007/OL2006.cab
O16 - DPF: {EDEDED2E-A0A6-4085-BC52-A95255A96DBD} (CyImgChinaCtl Class) - http://fs1.cyworld.com.cn/common/activex/CyImgChina.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AE5B3EE-1859-4A24-A40B-18C7F70FA369}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EB53097E-CAA2-4CC7-ABC5-7736EFAF1735}: NameServer = 61.235.164.13 61.235.164.18
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: WebClient XML - Unknown owner - C:\WINDOWS\system32\webcxml.exe

C:\WINDOWS\system32\webcxml.exe
删除

太谢谢了,我马上去删..