不开IE，在任务管理器中就有一个IEXPLORE.EXE进程,用瑞星查杀后显示是Backdoor.GPigeon.vhp,路径为IEXPLORE.EXE>>C:\Program Files\Internet Explorer\IEXPLORE.EXE
重启之后还是又有了，杀不掉！！
用“灰鸽子”专用检测清除工具说是 “模块覆盖型”的灰鸽子病毒。
我用HijackThis弄了一份日志，请高手帮忙看一哈！谢谢了~~

HijackThis_815汉化版扫描日志 V1.99.1
保存于      18:47:51, 日期 2006-9-22
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
D:\Rising\Rav\Ravmond.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
D:\Oracle\BIN\TNSLSNR.exe
D:\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
D:\Rising\Rav\RavTask.exe
D:\Rising\Rav\Ravmon.exe
D:\SKYNET\FIREWALL\pfw.exe
C:\WINDOWS\system32\ctfmon.exe
D:\HijackThis\HijackThis.exe

O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v11.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe Creative Suite 2\Adobe Reader 7.0\ActiveX\AcroIEHelper.dll (file missing)
O3 - IE工具栏增项: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - D:\金山快译2006\IEBand.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [RavTask] "D:\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [SKYNET Personal FireWall] D:\SKYNET\FIREWALL\pfw.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - d:\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - d:\Thunder\getallurl.htm
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - NT 服务: Oracle OLAP 9.0.1.0.1 (OLAPServer) - Oracle Corporation - D:\Oracle\bin\xsolap.exe
O23 - NT 服务: Oracle OLAP Agent - Unknown owner - D:\Oracle\bin\xsaagent.exe
O23 - NT 服务: OracleOraHome90ClientCache - Unknown owner - D:\Oracle\BIN\ONRSD.EXE
O23 - NT 服务: OracleOraHome90HTTPServer - Unknown owner - D:\Oracle\Apache\Apache\Apache.exe
O23 - NT 服务: OracleOraHome90PagingServer - Unknown owner - D:\Oracle/bin/pagntsrv.exe
O23 - NT 服务: OracleOraHome90SNMPPeerEncapsulator - Unknown owner - D:\Oracle\BIN\ENCSVC.EXE
O23 - NT 服务: OracleOraHome90SNMPPeerMasterAgent - Unknown owner - D:\Oracle\BIN\AGNTSVC.EXE
O23 - NT 服务: OracleOraHome90TNSListener - Unknown owner - D:\Oracle\BIN\TNSLSNR.exe
O23 - NT 服务: Remoote Access Connection - Unknown owner - C:\WINDOWS\SVHOST.EXE (file missing)
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\Rising\Rav\Ravmond.exe
O23 - NT 服务: svchoct.exe (Windows Time  ) - Unknown owner - C:\WINDOWS\system32\Hacker.com.cn.exe
O23 - NT 服务: Visibroker Smart Agent (xsSmartAgent) - Unknown owner - D:\Oracle\bin\osagent.exe

O23 - NT 服务: Remoote Access Connection - Unknown owner - C:\WINDOWS\SVHOST.EXE (file missing)
O23 - NT 服务: svchoct.exe (Windows Time ) - Unknown owner - C:\WINDOWS\system32\Hacker.com.cn.exe

控制面板--管理工具--服务--找到Remoote Access Connection ，svchoct.exe 服务名，双击把启动类型改为已禁止。
重新启动计算机

运行--regedit，定向到：
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00X\Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
找到Remoote Access Connection ，svchoct.exe 并删除

删除文件
C:\WINDOWS\SVHOST.EXE
C:\WINDOWS\system32\Hacker.com.cn.exe

楼主，太感谢了~终于搞定打~~呵呵