开机就有8isy8is.exe 我也知道到是什么 是未知的东西删了重启又出现了

后来我进不安全模式 发现进不去。。只得重新装系统了了

装了以后能进安全模式装好了我就睡觉了 晚上家里人玩结果早上开机又有了一个n8tevg.exe

结果进不去安全模式了。 。发现这2个东西都在同一个目录下面 名字不一样 我看都像 一个东西。。现在又进不去安全模式了 进去检查完文件后就黑屏到重启了 帮帮啊。。我不想在装系统了

mizuki.ys168.com下载System Repair Engineer扫个日志上来，一次贴不完分段贴，不要修改

CODE]

2007-01-01,13:09:02

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <AME_CSA><rundll32 amecsa.cpl,RUN_DLL>  [Alcatel Microelectronics]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AmeLanPc / AmeLanPc][Running/Manual Start]
  <system32\DRIVERS\AmeLanPc.sys><Alcatel Microelectronics>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\E:\QQ2006\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>

==================================
浏览器加载项
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[易趣购物]
  {BE9C13C3-9E46-4db1-BC05-BD8DA44599F2} <http://adfarm.mediaplex.com/ad/ck/4080-22910-9640-151?cn=song;icon;hp&mpro=http://www.ebay.com.cn, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[PowerPlr Control]
  {2354A44B-3CEB-4829-9940-545B03103538} <C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>

==================================
正在运行的进程
[PID: 452][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 668][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 692][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 888][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 988][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1032][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1380][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8198]
    [C:\WINDOWS\system32\nvshell.dll]  [N/A, N/A]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1492][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1608][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5.1.00]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
[PID: 1616][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\amecsa.cpl]  [Alcatel Microelectronics, 2, 0, 0, 20]
    [C:\WINDOWS\system32\MultLang.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
[PID: 1624][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
[PID: 1644][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
[PID: 1688][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8198]
[PID: 1728][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 352][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][E:\QQ2006\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [E:\QQ2006\CoralAssist.DLL]  [Coral Team, 4.5.0 build 20060515]
    [E:\QQ2006\CoralQQ.DLL]  [Coral Team, 4.5.4 Build 20061001]
    [E:\QQ2006\ipsearcher.dll]  [N/A, 1.0.0.4]
    [E:\QQ2006\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\QQAPI.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [E:\QQ2006\LoginCtrl.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [E:\QQ2006\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [E:\QQ2006\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [E:\QQ2006\QQMainFrame.dll]  [N/A, N/A]
    [E:\QQ2006\CQQApplication.dll]  [N/A, N/A]
    [E:\QQ2006\NewSkin.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\HostingMgr.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\CameraDll.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\MailSummary.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQSpace.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQAllInOne.dll]  [N/A, N/A]
    [E:\QQ2006\GroupLive.dll]  [N/A, N/A]
    [E:\QQ2006\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [E:\QQ2006\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQCustomFace.dll]  [N/A, N/A]
    [E:\QQ2006\QQSysMsgMng.dll]  [N/A, N/A]
    [E:\QQ2006\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQPlugin.dll]  [N/A, N/A]
    [E:\QQ2006\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [E:\QQ2006\QQAvatar.dll]  [N/A, N/A]
    [E:\QQ2006\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [E:\QQ2006\QQPet.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QRingMng.dll]  [N/A, N/A]
    [E:\QQ2006\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [E:\QQ2006\VPortal.dll]  [, 1, 0, 0, 4]
    [E:\QQ2006\BQQApplication.dll]  [N/A, N/A]
    [E:\QQ2006\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [E:\QQ2006\CommercesMng.dll]  [, 1, 0, 0, 1]
    [E:\QQ2006\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
    [E:\QQ2006\QQSceneMng.dll]  [N/A, N/A]
    [E:\QQ2006\QQPhoneHelper.dll]  [腾讯科技（深圳）有限公司, 2, 1, 2, 23]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [E:\QQ2006\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
[PID: 1332][E:\QQ2006\TIMPlatform.exe]  [tencent, 0, 3, 1, 8]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [E:\QQ2006\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
[PID: 560][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3964][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 288][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]
[PID: 2164][C:\Documents and Settings\CDM\My Documents\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [E:\QQ2006\q06g.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\1i3o9.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
61.141.31.11 www.kzdh.com
61.141.31.11 www.7255.com
61.141.31.11 www.7322.com
61.141.31.11 www.7939.com
61.141.31.11 www.piaoxue.com
61.141.31.11 www.feixu.net
61.141.31.11 www.6781.com
61.141.31.11 www.7b.com.cn
61.141.31.11 7b.com.cn
61.141.31.11 www.918188.com
61.141.31.11 hao.allxue.com
61.141.31.11 good.allxue.com
61.141.31.11 baby.allxue.com
61.141.31.11 www.allxue.com
61.141.31.11 about.lank.la
61.141.31.11 www.x114x.com
61.141.31.11 www.37ss.com
61.141.31.11 www.7k.cc
61.141.31.11 www.73ss.com
61.141.31.11 www.hao123.com
61.141.31.11 www.81915.com
61.141.31.11 222.88.90.22
61.141.31.11 www.9991.com
61.141.31.11 www.my123.com
61.141.31.11 www.haokan123.com
61.141.31.11 www.5566.net
61.141.31.11 www.gjj.cc
61.141.31.11 www.2345.com
127.0.0.1 dl.hao318.com
61.141.31.11 www.123wa.com
61.141.31.11 www.ku886.com
61.141.31.11 www.5icrack.com
61.141.31.11 www.jjol.cn
127.0.0.1 www.rising.com.cn
127.0.0.1 tool.ikaka.com
127.0.0.1 www.ikaka.com
127.0.0.1 update.rising.com.cn
127.0.0.1 online.rising.com.cn
127.0.0.1 up.rising.com.cn
127.0.0.1 go.rising.com.cn
127.0.0.1 it.rising.com.cn
127.0.0.1 rising.com.cn
127.0.0.1 ikaka.com
127.0.0.1 www.360safe.com
61.141.31.11 www.xinhai168.com
61.141.31.11 ooooos.com
61.141.31.11 www.ooooos.com
61.141.31.11 www.8757.com
61.141.31.11 4199.5009.com
61.141.31.11 220.181.34.241

==================================
API HOOK
警告！System Repair Engineer 提醒
你下面的函数内容与预期值不符，他
们可能被一些恶意的软件所修改：
入口点错误：RegEnumValueA
入口点错误：RegEnumValueW

==================================


[/CODE]

扫描完毕了。。还有老提示有4199流氓 杀不掉 用优化大师流氓清除杀的

大大看看啊

大大们？？帮帮啊 。。有救没

删除了重启 还是有n8tevg.exe

御载QQ

重启按F８进入安全模式下
显示隐藏文件
删除：
E:\QQ2006\q06g.dll
C:\WINDOWS\system32\1i3o9.dll
8isy8is.exe

查找HOSTS文件，用记事打开，清除里面的
只留这一项：127.0.0.1

删除后再换个文件夹重装QQ