我家里的电脑中了灰鸽子。每次重启，瑞星都能发现并清除。但是再次重启时，又会发现。实在烦！而且系统运行速度明显没有以前快了。请帮帮我

Logfile of HijackThis v1.99.0
Scan saved at 16:26:14, on 2006-08-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
d:\program files\rising\rfw\RfwMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
d:\Program Files\Rising\Rav\RAVTASK.EXE
d:\Program Files\Rising\Rav\Ravmond.exe
d:\Program Files\Rising\Rav\RAVMON.EXE
d:\Program Files\Rising\Rav\RavStub.exe
C:\Documents and Settings\wh\桌面\050223HijackThis\050223HijackThis\HijackThis V1.99.0汉化版\HijackThis.exe

R3 - URLSearchHook: (no name) - {09F43127-F8CE-4552-9540-D5DAE688E22C} - C:\WINDOWS\system32\Zqhck.dll (file missing)
R3 - URLSearchHook: (no name) - {A2FD4EC5-9E29-4B57-8505-1C56199C0A9D} - C:\WINDOWS\system32\Xwdueh.dll (file missing)
R3 - URLSearchHook: (no name) - {C7BAAAD8-1008-4C17-901F-F67C06FBF068} - C:\WINDOWS\system32\Heegru.dll (file missing)
R3 - URLSearchHook: (no name) - {0721FE60-8523-4752-8581-1845B98C794E} - C:\WINDOWS\system32\Eibdsh.dll (file missing)
R3 - URLSearchHook: (no name) - {1D3C53CB-25CE-452D-92C8-1DEE29103EE3} - C:\WINDOWS\system32\Zaell.dll (file missing)
R3 - URLSearchHook: (no name) - {274D4C19-4C6D-42CE-8DDF-58A29DFCCA08} - C:\WINDOWS\system32\Vzma.dll (file missing)
R3 - URLSearchHook: (no name) - {43133D07-D0C9-440C-BDC8-C3C9C5EDC01B} - C:\WINDOWS\system32\Amxu.dll (file missing)
R3 - URLSearchHook: (no name) - {F59BF831-E5DC-4F01-816E-2F5FE1CC5B6F} - C:\WINDOWS\system32\Bscs.dll (file missing)
R3 - URLSearchHook: (no name) - {E3067734-E546-44D5-B62C-7ABF631CA2BE} - C:\WINDOWS\system32\Kxwlkc.dll (file missing)
R3 - URLSearchHook: (no name) - {8F360524-2A56-45D2-8B66-047B21B83A53} - C:\WINDOWS\system32\Fiqrr.dll (file missing)
R3 - URLSearchHook: (no name) - {EB248991-DB6B-43AB-9E27-D037C41F2CE2} - C:\WINDOWS\system32\Jskb.dll (file missing)
R3 - URLSearchHook: (no name) - {05E8AE1E-B342-4C68-8944-73C54487F517} - C:\WINDOWS\system32\Wqsfu.dll (file missing)
R3 - URLSearchHook: (no name) - {B63493E0-986D-4AA1-85B6-8161595E5D58} - C:\WINDOWS\system32\Wfsvui.dll (file missing)
R3 - URLSearchHook: (no name) - {0B494F5F-A910-453E-B66A-F3A55A2C0B8E} - C:\WINDOWS\system32\Oqyo.dll (file missing)
R3 - URLSearchHook: (no name) - {CB633BA2-914D-4044-BFE3-A49E1F3BEB41} - C:\WINDOWS\system32\Ijuyls.dll (file missing)
R3 - URLSearchHook: (no name) - {6CB4EA0F-F127-47DE-8FC6-A00196362A03} - C:\WINDOWS\system32\Dkxiy.dll (file missing)
R3 - URLSearchHook: (no name) - {F3F47944-4873-4A1D-84CD-115EC143231D} - C:\WINDOWS\system32\Qotxm.dll (file missing)
R3 - URLSearchHook: (no name) - {EF71C3D7-FA5C-47B1-9FE0-A2133EF5456F} - C:\WINDOWS\system32\Accjnd.dll (file missing)
R3 - URLSearchHook: (no name) - {52EBDA1B-6C7A-479E-A1DC-6397FABB8CF7} - C:\WINDOWS\system32\Jrgg.dll (file missing)
R3 - URLSearchHook: (no name) - {7E0034B0-B24D-4941-B031-0161B4D7A8AD} - C:\WINDOWS\system32\Hxaf.dll (file missing)
R3 - URLSearchHook: (no name) - {D1279730-45CA-4C0D-A4C8-3542C5A14DF7} - C:\WINDOWS\system32\Lqmup.dll (file missing)
R3 - URLSearchHook: (no name) - {6F2421C8-8E8F-4C0B-8981-CBE11D5C72CE} - C:\WINDOWS\system32\Kdsdga.dll (file missing)
R3 - URLSearchHook: (no name) - {47DC5DBC-69F9-4E51-ACF8-0D49FB52D869} - C:\WINDOWS\system32\Iqvqci.dll (file missing)
R3 - URLSearchHook: (no name) - {F139D95C-9B12-46D0-B8D1-1ADA0691F96D} - C:\WINDOWS\system32\Vclkbh.dll (file missing)
R3 - URLSearchHook: (no name) - {6D44CA0E-07D5-4263-A74F-96189D1FD2BB} - C:\WINDOWS\system32\Gpwlwl.dll (file missing)
R3 - URLSearchHook: (no name) - {D4888AD6-DDA5-4AF8-895D-452F5F73C048} - C:\WINDOWS\system32\Qujnid.dll (file missing)
R3 - URLSearchHook: (no name) - {057C24E2-9F20-4EB8-9F33-4C596C2BDE80} - C:\WINDOWS\system32\Efdjuu.dll (file missing)
R3 - URLSearchHook: (no name) - {FF82B05C-5370-4777-904F-169A809772E6} - C:\WINDOWS\system32\Wkfzk.dll (file missing)
R3 - URLSearchHook: (no name) - {241F789D-6660-4E05-BFA4-D6EC358A2358} - C:\WINDOWS\system32\Xymis.dll (file missing)
R3 - URLSearchHook: (no name) - {F050E4C2-1947-470E-9BC7-03CBE15C98F6} - C:\WINDOWS\system32\Ekhulw.dll (file missing)
R3 - URLSearchHook: (no name) - {DDC00E9B-90CB-4215-825E-943067996344} - C:\WINDOWS\system32\Wprjrv.dll (file missing)
R3 - URLSearchHook: (no name) - {418788B7-897C-4F96-B671-2EFD599EBD3B} - C:\WINDOWS\system32\Lcrr.dll (file missing)
R3 - URLSearchHook: (no name) - {92149946-FF56-441A-BC88-82F371242139} - C:\WINDOWS\system32\Lahe.dll (file missing)
R3 - URLSearchHook: (no name) - {55C7B94D-B0B1-4AF4-A87F-2F02A8998627} - C:\WINDOWS\system32\Fxnjn.dll (file missing)
R3 - URLSearchHook: (no name) - {E90D85CD-BD05-4CE4-AA1F-4D6ED8B2C28A} - C:\WINDOWS\system32\Gugrhe.dll (file missing)
R3 - URLSearchHook: (no name) - {6ED79D88-3AD3-4945-A45C-4B6B8FBBE40B} - C:\WINDOWS\system32\Olys.dll (file missing)
R3 - URLSearchHook: BDSrchHook Class - {2C5AA40E-8814-4EB6-876E-7EFB8B3F9662} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll (file missing)
R3 - URLSearchHook: (no name) - {58F7215D-91B1-403E-987D-262D48519975} - C:\WINDOWS\system32\Zuff.dll (file missing)
R3 - URLSearchHook: (no name) - {CCAD88C6-5CB1-4DA0-9083-EB7EE5A3AEAB} - C:\WINDOWS\system32\Tgxc.dll (file missing)
R3 - URLSearchHook: (no name) - {9D4D8C91-FD32-4A68-9232-05D6AA139D7C} - C:\WINDOWS\system32\Syxtu.dll (file missing)
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\Adplus\SSAddr1.dll
O2 - BHO: 搜搜地址栏搜索 - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\Adplus\SSAddr1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [C-Media Mixer] ; Mixer.exe /startup
O4 - HKLM\..\Run: [RavTask] "d:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] ; "d:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [stup.exe] C:\PROGRA~1\TENCENT\Adplus\stup.exe
O4 - HKLM\..\Run: [StormCodec_Helper] "d:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: 在Foxmail中添加该RSS频道/频道组 - res://C:\WINDOWS\system32\fmrsslink.dll/201
O9 - Extra button: 词霸 - {9A687CA6-D585-4947-9ED9-BE96071F5CD9} - d:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\cdnns.dll' missing
O11 - Options group: [TBH] 搜搜地址栏搜索
O15 - Trusted Zone: http://www.icbc.com.cn
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1007/aliedit.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150248731001
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D4B823C-1F39-4290-A9EF-A647A194FBBF}: NameServer = 210.22.70.227 210.22.70.98
O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - d:\Program Files\Kingsoft\Powerword 2003\XDictExB.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Rising Proxy  Service - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service - Beijing Rising Technology Co., Ltd. - d:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: WINLASS - Unknown - C:\WINDOWS\windocjxzaq.exe

O23 - Service: WINLASS - Unknown - C:\WINDOWS\windocjxzaq.exe
鸽子..安全模式...打开注册表编辑器，展开：HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
搜索 WINLASS 删除..
删除
C:\WINDOWS\windocjxzaq.exe

修复所有R3项...然后删除R3对应的文件...

卸载搜搜地址栏...

O23 - Service: WINLASS - Unknown - C:\WINDOWS\windocjxzaq.exe
鸽子
安全模式...打开注册表编辑器，展开：HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services搜索WINLASS删除
再删除C:\WINDOWS\windocjxzaq.exe