1   1  /  1  页   跳转

紧急求救Trojan.DL.VBS.Agent.coj病毒

收藏
hyx7921
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2007-05-16
  • 来自:
发表于: 2007-05-16 11:14 | 只看楼主 短消息 资料
字号: 1楼

紧急求救Trojan.DL.VBS.Agent.coj病毒

今早来单位,开机,进所有论坛,几乎所有网站的所有论坛都出现下面的对话框,瑞星升级到今天早上的版本,还是解决不了问题!请高手们帮一下啊~

附件附件:

下载次数:169
文件类型:image/pjpeg
文件大小:
上传时间:2007-5-16 11:14:25
描述:
预览信息:EXIF信息



最后编辑2007-05-16 11:24:57
分享到:
gototop
 
hyx7921
头像
初生襁褓狮
  • 帖子:2
  • 注册: 2007-05-16
  • 来自:
发表于: 2007-05-16 11:25 | 只看楼主 短消息 资料
字号: 2楼

近期注册表日志
H:\QQ\QQS024TP.exeHKEY_CLASSES_ROOT\INIFILE\SHELL\OPEN\COMMAND2007-04-28 08:17修改同意修改
C:\WINDOWS\system32\spoolsv.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNpdfFactory Pro 分配器 v2C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe2007-05-05 08:39修改同意修改
D:\Program Files\MagicSet\winspeed.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCESuper Rabbit Winspeed"D:\Program Files\MagicSet\winspeed.exe" /autokill:12007-05-11 08:21修改同意修改
C:\DOCUME~1\hou1\LOCALS~1\Temp\Rar$EX00.641\AVG Anti-Spyware 7.5正式版.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN!AVG Anti-Spyware"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized2007-05-12 13:46修改同意修改
C:\DOCUME~1\hou1\LOCALS~1\Temp\Rar$EX38.625\汉化新世纪汉化补丁.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart Pagehttp://www.2345.com/indexdo.htm2007-05-12 13:53修改同意修改
C:\DOCUME~1\hou1\LOCALS~1\Temp\Rar$EX38.625\汉化新世纪汉化补丁.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart Pagehttp://www.2345.com/indexdo.htm2007-05-12 13:53修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNTkBellExe; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN!AVG Anti-Spyware; "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwosa; C:\DOCUME~1\hou1\LOCALS~1\Temp\woso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNztsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\ztso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNmhsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\mhso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNfysa; C:\DOCUME~1\hou1\LOCALS~1\Temp\fyso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNjtsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\jtso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwlsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\wlso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwgsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\wgso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwmsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\wmso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNqjsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\qjso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNrxsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\rxso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNwdsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\wdso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNtlsa; C:\DOCUME~1\hou1\LOCALS~1\Temp\tlso.exe2007-05-15 08:01修改同意修改
D:\Program Files\MagicSet\srms.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNqcsszjcz; c:\chenhu2\chenqxms.exe2007-05-15 08:01修改同意修改
d:\Program Files\HFEE\SVOHOST.EXEHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEMDisableRegistryTools2007-05-15 08:01修改同意修改
d:\Program Files\HFEE\SVOHOST.EXEHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEMDisableTaskMgr2007-05-15 08:01修改同意修改
d:\Program Files\HFEE\SVOHOST.EXEHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORERNoViewContextMenu2007-05-15 08:01修改同意修改
C:\WINDOWS\system32\Rundll32.exeHKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNCTFMON.EXE2007-05-16 08:09删除同意修改
C:\WINDOWS\system32\chendel.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNqcsszjcz2007-05-16 08:11删除同意修改
H:\program\陈桥五笔\setup_540516.EXEHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCEwextract_cleanup0rundll32.exe C:\WINDOWS\system32\advpack.dll,DelNodeRunDLL32 "C:\DOCUME~1\hou1\LOCALS~1\Temp\IXP000.TMP\"2007-05-16 08:13修改同意修改
C:\DOCUME~1\hou1\LOCALS~1\Temp\svchost32.exeHKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNztsaC:\DOCUME~1\hou1\LOCALS~1\Temp\ztso.exe2007-05-16 08:24修改同意修改
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNmhsaC:\DOCUME~1\hou1\LOCALS~1\Temp\mhso.exe2007-05-16 08:24修改拒绝修改
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNqjsaC:\DOCUME~1\hou1\LOCALS~1\Temp\qjso.exe2007-05-16 08:25修改拒绝修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:43添加拒绝修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWSdefault2007-05-16 09:43添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELLdefault2007-05-16 09:43添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:43添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:44删除同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELLdefault2007-05-16 09:44删除同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWSdefault2007-05-16 09:44删除同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:45添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWSdefault2007-05-16 09:45添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELLdefault2007-05-16 09:45添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:45添加同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELL\EDITdefault2007-05-16 09:45删除同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWS\SHELLdefault2007-05-16 09:45删除同意修改
C:\Program Files\Internet Explorer\IEXPLORE.EXEHKEY_CLASSES_ROOT\.HTM\OPENWITHLIST\MICROSOFT WORD FOR WINDOWSdefault2007-05-16 09:45删除同意修改
gototop
 
snowy2008713
头像
初生襁褓狮
  • 帖子:21
  • 注册: 2006-09-18
  • 来自:
发表于: 2007-05-16 11:34 | 短消息 资料
字号: 3楼

我这也是打开网页都显示中了Trojan.DL.VBS.Agent.cog病毒,郁闷啊,用瑞星杀也不行,怎么解决啊,那位高手指教一下啊?
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT