我的机器前段时间中了病毒，一开网页就会弹出垃圾网页，当时在安全模式下用瑞星杀毒并没发现存在病毒。？？今天又上网，机器突然弹出对话框说是在一个路径下找不到某个文件，接着就自动关机了。再开机，就发现瑞星不启动了，双击也无效，说是找不到RsGuiLib.dll文件，我从另一台机器上复制了一个到我机器上还是打不开。而且我的初始网页也被篡改为www.9505.com，我在注册表里查找该网址并修改，仍旧没用。请各位高手帮帮忙，该怎样处理，万分感谢！！！

下面是扫描的日志文件：
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      22:35:27, 日期 2006-10-4
操作系统：  Windows 2000 SP3 (WinNT 5.00.2195)
浏览器：    Internet Explorer v6.00 (6.00.2600.0000)

当前运行的进程：         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINNT\system32\internat.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Winamp\winamp.exe
C:\WINNT\regedit.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\conime.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\cmd.exe
C:\Program Files\FlashGet\flashget.exe
C:\Program Files\HijackThis1991汉化版\HijackThis1991zww.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} -

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} -

C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} -

C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\Program

Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} -

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -

C:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: System Helper - {B88DBC3F-41FB-40AE-AFB0-4220E842B710} - C:\WINNT\system32\flash9.dll
O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Program Files\Xi\Net

Transport\NTIEHelper.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINNT\System32\msdxm.ocx
O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -

C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - (no file)
O3 - IE工具栏增项: 百度超级搜霸 - {B580CF65-E151-49C3-B73F-70B13FCA8E86} -

C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} -

C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - 启动项HKLM\\Run: [nwiz] nwiz.exe /install
O4 - 启动项HKLM\\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] C:\WINNT\system32\Rundll32.exe NMGameX.dll,LiveProcess

/aa
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - 启动项HKLM\\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - 启动项HKLM\\Run: [rundll32] rundll32 rscfg.dll s
O4 - 启动项HKLM\\RunOnce: [CnsAssecblk] regsvr32.exe /s

C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YASSEC~1.DLL
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll3327074] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll3334494] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\ydragsearch.dll3342486] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ydragsearch.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsnetproto.dll3343798] regsvr32

/s C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yzsnetproto.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll3346712] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll3350197] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll3392167] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\ynotifier.dll
O4 - 启动项HKLM\\RunOnce: [YahooC:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll3392347] regsvr32 /s

C:\PROGRA~1\Yahoo!\ASSIST~1\yscrblock.dll
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\YNOTIF~1.DLL]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\YNOTIF~1.DLL
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\YSCRBL~1.DLL]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\YSCRBL~1.DLL
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yasbar.dll
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YZSNET~1.DLL]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YZSNET~1.DLL
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yphtb.dll
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\YDRAGS~1.DLL
O4 - 启动项HKLM\\RunOnce: [Register_C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll]

C:\WINNT\system32\regsvr32.exe /s C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\yangling.dll
O4 - HKCU\..\Run: [Internat.exe] internat.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目: Download all by Net Transport -

C:\PROGRA~1\XI\NETTRA~1\NTAddList.html
O8 - IE右键菜单中的新增项目: Download by Net Transport - C:\PROGRA~1\XI\NETTRA~1\NTAddLink.html
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 添加到雅虎订阅(&Y) - res://C:\Program

Files\Yahoo!\Assistant\Assist\yrss.dll/YRSSMENUEXT
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
O8 - IE右键菜单中的新增项目: 解霸实时播放 - C:\HEROSOFT\Hero3000\MPURLGET.HTM
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} -

C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - 浏览器额外的“工具”菜单项: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} -

C:\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -

C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program

Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program

Files\Tencent\QQ\QQ.EXE
O9 - 浏览器额外的按钮: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -

C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的“工具”菜单项: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -

C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 浏览器额外的按钮: 易趣购物 - {DE607143-AC19-423e-863A-3D70ABDF119A} -

http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607143-AC19-423e-863A-3D70ABDF119A} -

http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - C:\Program

Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} -

C:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing)
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://zs.kingsoft.com/KOSInit.cab
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) -

https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O16 - DPF: {ECCBA953-80E5-11D3-9285-0080ADB811C5} (safeInput Class) -

https://pbank.95559.com.cn/personbank/ocx/safe.cab
O18 - 列举现有的协议: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} -

C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} -

C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} -

C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ipp - (no CLSID) - (no file)
O18 - 列举现有的协议: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - 列举现有的协议: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} -

C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} -

C:\WINNT\System32\inetcomm.dll
O18 - 列举现有的协议: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - 列举现有的协议: msdaipp - (no CLSID) - (no file)
O18 - 列举现有的协议: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: sysimage - {76E67A63-06E9-11D2-A840-006008059382} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -

C:\WINNT\System32\mshtml.dll
O18 - 列举现有的协议: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} -

C:\WINNT\System32\msdxm.ocx
O23 - NT 服务: .Net Boot Service - Unknown owner - C:\WINNT\system32\big5_gb2312.exe (file missing)
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. -

C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: eMagUpdt - Unknown owner - (no file)
O23 - NT 服务: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company -

C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINNT\System32\nvsvc32.exe
O23 - NT 服务: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - c:\program

files\rising\rfw\rfwproxy.exe