Logfile of HijackThis v1.99.1
Scan saved at 16:55:53, on 2005-9-12
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\PROGRAM FILES\RISING\RAV\RavStub.exe
C:\WINDOWS\System32\msiexec.exe
C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
C:\PROGRA~1\RISING\RAV\RAVMON.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\RISING\RAV\Rav.exe
C:\PROGRA~1\RISING\RAV\RsAgent.exe
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IDDTInitObj Class - {15DDE989-CD45-4561-BF99-D22C0D5C2B74} - C:\WINDOWS\downlo~1\ddtinit.dll
O2 - BHO: Mms shortcut send - {43A8AFD1-5C9C-4ADB-BABB-407254BC0F34} - C:\WINDOWS\DOWNLO~1\SENSKY~1.DLL
O2 - BHO: KillObj Class - {66C28884-4E5D-494B-80C9-CAA27528FD6D} - C:\WINDOWS\downlo~1\ddtkillw.ocx
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - C:\WINDOWS\downlo~1\DDTONG~1.DLL
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: 发送本机彩信 - {6945BB0B-5555-4A6E-8CFC-CE6E0ABCCC40} - http://sam.xinhuanet.com/xinhua_cxdiy/step01.jsp?ally_id=1001 (file missing)
O9 - Extra 'Tools' menuitem: 发送本机彩信 (&M) - {6945BB0B-5555-4A6E-8CFC-CE6E0ABCCC40} - http://sam.xinhuanet.com/xinhua_cxdiy/step01.jsp?ally_id=1001 (file missing)
O9 - Extra button: 百度搜索伴侣 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: 新浪点点通 - {F60C7D81-8471-4D40-AAFE-56D318F34C2D} - C:\WINDOWS\downlo~1\DDTONG~1.DLL
O11 - Options group: [!IESearch] !IESearch
O16 - DPF: shortcut - http://news.xinhuanet.com/caixin/shortcutxinhua.CAB
O16 - DPF: {448A5F6B-8C03-4B54-A338-F00237C508AD} (WEBChatRoomOCX Control) - http://chat.51uc.com/cab/WEBChatRoom_1_38.cab
O16 - DPF: {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} (BDSrchHook Class) - http://bar.baidu.com/update/IESearch.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://www.mydrivers.com/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hnrbdam.cn
O17 - HKLM\System\CCS\Services\Tcpip\..\{603C2121-0C80-4FBF-9110-D45220D2C61A}: NameServer = 10.10.15.8,10.10.15.9
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hnrbdam.cn
O17 - HKLM\System\CS1\Services\Tcpip\..\{603C2121-0C80-4FBF-9110-D45220D2C61A}: NameServer = 10.10.15.8,10.10.15.9
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hnrbdam.cn
O17 - HKLM\System\CS2\Services\Tcpip\..\{603C2121-0C80-4FBF-9110-D45220D2C61A}: NameServer = 10.10.15.8,10.10.15.9
O18 - Protocol: mp3 - {BC207F7D-3E63-4ACA-99B5-FB5F8428200C} - C:\WINDOWS\DOWNLO~1\BDSrHook.dll
O20 - AppInit_DLLs: apihookdll.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe

现在所有盘,都有自动播放!~
双击不能打开了啊!~~

Trojan.Rootkit.m
这个毒

现在硬盘双击打不开!怎么办

现在硬盘只能点右键,打开!
双击不能打开!
双击提示说未找到COMMAND.EXE
还有就是右键多了个自动播放!~
怎么把它还原到原来的状态啊!