请问backdoor.VB.ncl是什么毒？我每次杀了毒重新启动后，再查毒仍旧有这个毒，谁能帮帮我？

灰鸽子后门

在前面的帖子里去看看

Logfile of HijackThis v1.99.1
Scan saved at 15:02:10, on 2005-08-15
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
D:\RISING\RAV\CCENTER.EXE
D:\RISING\RAV\RAVMOND.EXE
D:\RISING\RAV\RAVMON.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
D:\RISING\RAV\RAVTIMER.EXE
C:\PROGRAM FILES\MICROSOFT SQL SERVER\80\TOOLS\BINN\SQLMANGR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
D:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL\BINN\SQLSERVR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SERVICES.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SERVICES.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX00.225\HIJACKTHIS.EXE

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: BrowseHelper Class - {6D9CBAF0-281A-49AF-B89E-E8A110E126F0} - C:\KV2003\KVSHELL_1.DLL (file missing)
O2 - BHO: (no name) - {3D898C55-74CC-4B7C-B5F1-45913F368388} - C:\WINDOWS\SYSTEM\MEWIN.DLL (file missing)
O2 - BHO: URLMonitor Class - {3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92} - C:\WINDOWS\SYSTEM\HAP.DLL
O2 - BHO: DownloadValue Class - {616D4040-5712-4F0F-BCF1-5C6420A99E14} - C:\WINDOWS\SYSTEM\WINHTP.DLL
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O3 - Toolbar: 杀毒王工具栏 - {50ED6ACB-A649-4E70-B7EC-F67EAD93FFC0} - C:\KV2003\KVSHELL_1.DLL (file missing)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [RavTimer] D:\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\RunServices: [RsCcenter] D:\RISING\RAV\CCENTER.EXE
O4 - HKLM\..\RunServices: [RavMond] D:\RISING\RAV\RAVMOND.EXE
O4 - HKLM\..\RunServices: [RavMon] D:\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Startup: SQL Server.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\scm.exe
O8 - Extra context menu item: 使用网际快车下载 - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\TENCENT\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\TENCENT\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\TENCENT\QQ\SendMMS.htm
O8 - Extra context menu item: 收藏此页到ViVi - http://vivi.sina.com.cn/collect/click.php?agent=ddt
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra button: 用友 - {83241FE4-9972-11D3-BDC2-000021EA4FD8} - E:\WF821\DESKTOP\RUNIE.EXE
O16 - DPF: {C3474273-859B-444A-AA12-FA4BF8D0DCD7} (U8WebClient.clsClient) - http://daxiang.oicp.net/U8WebClient.CAB
O16 - DPF: {6492FC27-EB93-4109-8187-431EAAE90ACE} (DFHTJ.RFHTJ) - http://daxiang.oicp.net/ywweb/report/DFHTJ.CAB
O16 - DPF: {468F76A5-8237-40F5-B00B-192214758FA7} (DXSTJ.RXSTJ) - http://daxiang.oicp.net/ywweb/report/DXSTJ.CAB
O16 - DPF: {A29BAEB9-DAEB-41A1-B9EA-F9872F032C4F} (MyReport_xs.DMyReport_xs) - http://daxiang.oicp.net/ywweb/report/MyReport_xs.CAB
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://daxiang.oicp.net/client/isetup.cab
O16 - DPF: {DDA166FA-B3EA-4A3B-8EE2-4F552CDEEE81} (KATScan Control) - http://211.152.52.102/duba/antitrojan/update/OCX/KATScan.CAB
O16 - DPF: {37DE9DF7-1EC1-43C0-B13E-371140DAA16B} (DXSDDZX.RXSDDZX) - http://daxiang.oicp.net/ywweb/report/DXSDDZX.CAB
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {DA984A6D-508E-11D6-AA49-0050FF3C628D} (Ravonline) - http://download.rising.com.cn/QQ/QQkill/rsonline.cab
O16 - DPF: {3B0CD9C0-7F07-46AE-9FA1-8557041DF98D} (MyReport_kc.DMyReport_kc) - http://daxiang.oicp.net/ywweb/report/MyReport_kc.CAB
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.101.8.18

杀不掉啊，看看有什么问题吗里面？

引用:

【SENKA的贴子】请问backdoor.VB.ncl是什么毒？我每次杀了毒重新启动后，再查毒仍旧有这个毒，谁能帮帮我？ ...........................

断网,清空IE临时文件夹,禁用系统还原,用最新版本瑞星杀毒.
                  必要时在安全模式或DOS下全面查杀.