快来救我啊，打开防火墙即不能上网，检查网络连接正常，关闭防火墙瑞星监控提示漏洞受到攻击，日志如下，
Logfile of HijackThis v1.99.1
Scan saved at 19:00:08, on 2006-12-6
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\XP\System32\smss.exe
C:\WINDOWS\XP\system32\winlogon.exe
C:\WINDOWS\XP\system32\services.exe
C:\WINDOWS\XP\system32\lsass.exe
C:\WINDOWS\XP\system32\svchost.exe
C:\WINDOWS\XP\System32\svchost.exe
C:\WINDOWS\XP\Explorer.EXE
C:\WINDOWS\XP\system32\spoolsv.exe
C:\WINDOWS\XP\system32\svchost.exe
C:\WINDOWS\XP\VM_STI.EXE
C:\WINDOWS\XP\system32\ctfmon.exe
C:\Program Files\Tencent\QQ\QQ.exe
C:\Program Files\Tencent\QQ\TIMPlatform.exe
e:\我的教室\医药\rising\rfw\rfwsrv.exe
E:\我的教室\医药\Rising\Rav\CCenter.exe
E:\我的教室\医药\Rising\Rav\RavTask.exe
E:\我的教室\医药\Rising\Rav\RavMon.exe
E:\我的教室\医药\Rising\Rav\Ravmond.exe
E:\我的教室\医药\Rising\Rav\RsAgent.exe
C:\WINDOWS\XP\msagent\AgentSvr.exe
E:\我的教室\医药\Rising\Rav\RavStub.exe
E:\我的教室\医药\Rising\Rfw\rfwmain.exe
E:\ha_hijackthis_1991\HijackThis.exe

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\XP\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\XP\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\XP\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\XP\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [RfwMain] "E:\我的教室\医药\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [RavTask] "E:\我的教室\医药\Rising\Rav\RavTask.exe" -system
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\XP\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2910FD38-BC2D-4C55-8638-85AC36721C62}: NameServer = 218.76.138.66 218.76.138.90
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD5B0A6C-AF81-4FB7-96B1-C8FDD08F3953}: NameServer = 218.76.138.66,218.76.138.90
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - e:\我的教室\医药\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - e:\我的教室\医药\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\我的教室\医药\Rising\Rav\CCenter.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\我的教室\医药\Rising\Rav\Ravmond.exe

运行Hijackthis，把下面的选中打上钩，修复
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)

请下载SREng2（最新版） ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://www.kztechs.com/sreng/sreng2.zip
4.HijackThis1.99.1