[PID: 1032][C:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 1116][C:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1140][C:\Program Files\iVasion\WinPoET\WrOS.EXE]  <iVasion, a Routerware Company><1, 1, 2, 0>
    [C:\Program Files\iVasion\WinPoET\WrOSControl.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrFCUtil.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrEventLog.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrRTUtil.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrInterfaceManager.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrConfig.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrNetworkDriver.dll]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\Wr_Mac_Frames.DLL]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrPoetDriver.DLL]  <N/A><N/A>
    [C:\Program Files\iVasion\WinPoET\WrPacketSock.dll]  <N/A><N/A>
[PID: 1168][C:\WINNT\System32\wins.exe]  <Microsoft Corporation><5.00.2195.6696>
[PID: 1184][C:\WINNT\system32\mspmspsv.exe]  <Microsoft Corporation><7.10.00.3059>
[PID: 1200][C:\WINNT\system32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
[PID: 1224][C:\WINNT\system32\Dfssvc.exe]  <Microsoft Corporation><5.00.2195.6664>
[PID: 1260][C:\WINNT\System32\dns.exe]  <Microsoft Corporation><5.00.2195.6715>
[PID: 1280][C:\WINNT\system32\inetsrv\inetinfo.exe]  <Microsoft Corporation><5.00.0984>
[PID: 1316][C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  <Microsoft Corporation><9.107.8320.0>
[PID: 1568][E:\oracle\ora90\Apache\jdk\bin\java.exe]  <N/A><N/A>
    [E:\oracle\ora90\Apache\jdk\jre\bin\classic\jvm.dll]  <N/A><N/A>
    [E:\oracle\ora90\Apache\jdk\jre\bin\hpi.dll]  <N/A><N/A>
    [E:\oracle\ora90\Apache\jdk\jre\bin\java.dll]  <N/A><N/A>
    [E:\oracle\ora90\Apache\jdk\jre\bin\zip.dll]  <N/A><N/A>
    [E:\oracle\ora90\Apache\jdk\jre\bin\symcjit.dll]  <Symantec Corporation http://www.symantec.com><3.10.107>
    [E:\oracle\ora90\Apache\jdk\jre\bin\net.dll]  <N/A><N/A>
[PID: 1580][E:\oracle\ora90\Apache\Apache\Apache.exe]  <N/A><N/A>
    [E:\oracle\ora90\Apache\Apache\ApacheCore.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleMimeMagic.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleAuthAnon.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleCERNMeta.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleDigest.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleExpires.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleHeaders.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleProxy.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleRewrite.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleSpeling.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleStatus.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleUserTrack.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModulePerl.DLL]  <N/A><N/A>
    [E:\oracle\ora90\Apache\Perl\5.00503\bin\mswin32-x86\Perl.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\ApacheModuleSSL.DLL]  <N/A><N/A>
    [E:\oracle\ora90\Apache\Jserv\ApacheModuleJServ.dll]  <N/A><N/A>
    [e:\oracle\ora90\apache\apache\modules\mod_oiplus.dll]  <N/A><N/A>
    [E:\oracle\ora90\Apache\modose\bin\orajipa9i.dll]  <N/A><N/A>
    [E:\oracle\ora90\bin\orajip9.dll]  <N/A><N/A>
    [E:\oracle\ora90\bin\oran9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranl9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranldap9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\orannzsbb9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oracore9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranls9.dll]  <Oracle Corporation><9.0.0.0.0>
    [E:\oracle\ora90\bin\oraunls9.dll]  <Oracle Corporation><9.0.0.0.0>
    [E:\oracle\ora90\bin\orageneric9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oracommon9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oraclient9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oravsn9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\orawtc9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranro9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\orapls9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oraslax9.dll]  <Oracle Corporation><8>
    [E:\oracle\ora90\bin\orasnls9.dll]  <Oracle Corporation><9.0.0.0.0>
    [E:\oracle\ora90\bin\orasql9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oraldapclnt9.dll]  <Oracle Corporation><9.0.0.0.0>
    [E:\oracle\ora90\bin\orancrypt9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\ORATRACE9.dll]  <N/A><N/A>
    [E:\oracle\ora90\bin\oranhost9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranoname9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\orancds9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\orantns9.dll]  <Oracle Corporation><9.0.1.1.1>
    [E:\oracle\ora90\bin\oranms.dll]  <Oracle Corporation><9.0.1.0.0>
    [E:\oracle\ora90\bin\oranmsp.dll]  <Oracle Corporation><9.0.1.0.0>
    [E:\oracle\ora90\bin\modplsql.dll]  <N/A><N/A>
    [E:\oracle\ora90\bin\OCI.dll]  <Oracle Corporation><9.0.1.1.1>
[PID: 2160][C:\Program Files\Java\j2re1.4.2_07\bin\jusched.exe]  <N/A><N/A>
[PID: 2192][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\WINNT\system32\unispim.ime]  <清华紫光><2.3.0.1042>
[PID: 2124][C:\Program Files\SkyNet\FireWall\pfw.exe]  <广州众达天网技术有限公司><2.7.5.1001>
    [C:\Program Files\SkyNet\FireWall\SKYMISC.DLL]  <N/A><N/A>
    [C:\WINNT\system32\unispim.ime]  <清华紫光><2.3.0.1042>
[PID: 2220][C:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.7 built by: Lab06_N>
    [C:\WINNT\system32\unispim.ime]  <清华紫光><2.3.0.1042>
[PID: 236][C:\WINNT\System32\svchost.exe]  <Microsoft Corporation><5.00.2134.1>
    [C:\WINNT\system32\unispim.ime]  <清华紫光><2.3.0.1042>
[PID: 2264][C:\Program Files\Tencent\TT\TTraveler.exe]  <腾讯公司><3.0.0.250>
    [C:\WINNT\system32\WNWB.IME]  <深圳世强软件开发部 www.wnwb.com ><2005, 7, 5, 1>
    [C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  <腾讯公司><1, 1, 0, 5>
    [C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [C:\Program Files\Tencent\TT\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINNT\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 2788][C:\WINNT\explorer.exe]  <Microsoft Corporation><5.00.3700.6690>
    [C:\WINNT\system32\WNWB.IME]  <深圳世强软件开发部 www.wnwb.com ><2005, 7, 5, 1>
    [C:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><7.0.0.2004121400>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
[PID: 2740][C:\WINNT\system32\taskmgr.exe]  <Microsoft Corporation><5.00.2195.6620>
    [C:\WINNT\system32\WNWB.IME]  <深圳世强软件开发部 www.wnwb.com ><2005, 7, 5, 1>
[PID: 2760][F:\soft\sreng\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINNT\system32\WNWB.IME]  <深圳世强软件开发部 www.wnwb.com ><2005, 7, 5, 1>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

运行System Repair Engineer，点“启动项目，服务，勾选“隐藏微软服务”选中病毒服务Genuine Adv Too，LsassFTP daemon，Messenger，Remote Internet Service选择“删除所选服务”“否”最后重启。（每一个逗号隔开的就是一个病毒的服务，请逐一删除）
建议到安全模式下修复
关闭所有浏览窗口以及一些不必要的程序
运行System Repair Engineer，使用“启动项目，注册表”来删除以下选项。
（如果在注册表里无法识别那一下，可以选中一项后，点“编辑”这样会有很明细的路径）
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Microsoft Task Manager><; mstsk.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
<Microsoft System Saver><mssave.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices]
<Microsoft Task Manager><mstsk.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<AdobeReaderPro><; msngs.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Microsoft Windows 128bit Subsystem><; C:\WINNT\system32\6.tmp>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Real0ne><; C:\WINNT\system32\boys.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Sygatedsa Personal Firewall><; exe.exe>
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<AdobeReaderPro><msngs.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<KernelCheck><C:\WINNT\system32\winmer.exe>
双击我的电脑--工具---文件夹选项--查看--单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示您确定更改时，单击“是”
(请按上述步骤操作，不要略过)
然后找到如下文件并删除（如果有的话）
mstsk.exe
mssave.exe
msngs.exe
C:\WINNT\system32\6.tmp
C:\WINNT\system32\boys.exe
exe.exe
C:\WINNT\system32\winmer.exe
C:\WINNT\LsassFtpd.exE
C:\WINNT\system32\#.exe
C:\WINNT\system32\INTasks.exe
找到不到，可以搜索。以上的进程仅仅猜测，如果你知道是什么，就不要修复。
请修复后，回到正常模式下再扫份报告粘上来。

谢谢各位，

我不知删错了什么，重起后蓝屏，怎么也进不去，只好从新装白辛苦了