Logfile of HijackThis v1.99.1
Scan saved at 22:53:01, on 2006-4-1
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

R3 - Default URLSearchHook is missing
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINNT\System32\xunleibho_v14.dll
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55}? - (no file)
O2 - BHO: QuickBtn - {1A199C20-DE2B-4838-AE3F-B5257ECE2B7E} - C:\Program Files\CoolWebsite\QuickLink.dll
O2 - BHO: (no name) - {40E3A34A-3282-41F8-AD2C-051BAB96AD4A}? - (no file)
O2 - BHO: VnetCookie Class - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - d:\PROGRA~1\chinanet\VNETTR~1.DLL
O2 - BHO: (no name) - {4E83D567-4697-4F7B-B1F0-A513B01DB89A}? - (no file)
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B}? - (no file)
O2 - BHO: (no name) - {6E28339B-7A2A-47B6-AEB2-46BA53782373}? - (no file)
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINNT\System32\kakatool.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [ExFilter] Rundll32.exe "C:\PROGRA~1\CNNIC\Cdn\Update\cdnspie.dll,ExecFilter solo"
O4 - HKLM\..\Run: [RfwMain] "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\getallurl.htm
O9 - Extra button: 实用网址导航 - {1D901067-2529-4A9B-9B6B-7A1DB3A44CB5} - C:\Program Files\CoolWebsite\QuickLink.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - d:\Program Files\Tencent\QQ\QQIEHelper.dll
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Seekmo/ie/bridge-c15.cab
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Media Player Server - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Program Files\rising\Rav\Ravmond.exe

系统活动进程
C:\WINNT\SYSTEM32\SMSS.EXE
C:\WINNT\SYSTEM32\CSRSS.EXE
C:\WINNT\SYSTEM32\WINLOGON.EXE
C:\WINNT\SYSTEM32\SERVICES.EXE
C:\WINNT\SYSTEM32\LSASS.EXE
D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
D:\PROGRAM FILES\RISING\RAV\RAVMOND.EXE
D:\PROGRAM FILES\RISING\RFW\RFWSRV.EXE
C:\WINNT\SYSTEM32\SVCHOST.EXE
C:\WINNT\SYSTEM32\SPOOLSV.EXE
C:\WINNT\SYSTEM32\SVCHOST.EXE
D:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
D:\PROGRAM FILES\RISING\RAV\RAVSTUB.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINNT\SYSTEM32\NVSVC32.EXE
C:\WINNT\SYSTEM32\MSTASK.EXE
C:\WINNT\SYSTEM32\WBEM\WINMGMT.EXE
D:\PROGRAM FILES\CHINANET\VNETCLIENT.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINNT\EXPLORER.EXE
C:\WINNT\LOADQM.EXE
D:\PROGRAM FILES\RISING\RFW\RFWMAIN.EXE
D:\PROGRAM FILES\RISING\RAV\RAVMON.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\DOCUMENTS AND SETTINGS\苏丹\桌面\RSDETECT.EXE
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\THUNDER.EXE

未知家族病毒分析
扫描结果:
C:\Program Files\Internet Explorer\IEXPLORE.EXE --> 与 Backdoor.Gpigeon 97%相似.
D:\Program Files\Thunder Network\Thunder\Thunder.exe --> 与 Backdoor.Gpigeon.Key 42%相似.

怎么杀都不行请帮帮我啊！！！！