每次一开机，瑞星就查到木马，然后删除掉。如下：
IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE ->Backdoor.Gpigeon.hw

可是无论在安全模式与否，根本找不到病毒文件阿！windows菜单下就不存在“_hook.dll”之类的文件。

求助阿。

这个清晰一点

O3 - Toolbar: i&Bar搜索引擎 - {2E7D3330-EB94-4518-B0FE-E05379A5C1DA} - C:\PROGRA~1\iBar\10002\iBar.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [popo2004] D:\popo2004\Start.exe
O4 - HKLM\..\Run: [RavTimer] D:\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] D:\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKLM\..\Run: [KernelFaultCheck] ; %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 腾讯QQ.lnk = D:\Tencent\qq\QQ.exe
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Tencent\qq\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Tencent\qq\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Tencent\qq\SendMMS.htm
O9 - Extra button: 常用网址 - {36B39F01-7B48-44AD-A165-5849CD8EF562} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra 'Tools' menuitem: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\MMSASS~1.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\qq\QQ.EXE
O9 - Extra 'Tools' menuitem: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Tencent\qq\QQ.EXE
O9 - Extra button: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Tencent\qq\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Tencent\qq\QQIEHelper.dll (file missing)
O15 - Trusted Zone: http://sy.china.cn
O15 - Trusted Zone: http://sydj.china.cn
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA3D37E3-5B14-466C-8ADF-372CE82D186A}: NameServer = 202.99.192.68,202.99.192.66
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA3D37E3-5B14-466C-8ADF-372CE82D186A}: NameServer = 202.99.192.68,202.99.192.66
O17 - HKLM\System\CS2\Services\Tcpip\..\{BA3D37E3-5B14-466C-8ADF-372CE82D186A}: NameServer = 202.99.192.68,202.99.192.66
O20 - AppInit_DLLs: APIHookDll.dll
O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\rising\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - D:\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\RISING\RAV\Ravmond.exe
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: Windows Management Instrument - Unknown owner - C:\WINDOWS\sv0host.exe

麻烦那位高手帮兄弟看看阿？？？？？

O23 - Service: Windows Management Instrument - Unknown owner - C:\WINDOWS\sv0host.exe
鸽子

好象有好几个

谢谢，我已经删除了，可是防火墙还是显示那个端口为灰鸽子

我怎么办？

是不是要删除注册表里面的内容阿