新抓U盘病毒capxteo.exe

2008-9-16 16:10:42        http://bbs.kafan.cn/attachment.p ... capxteo.exe//NSPack        ThunderS Module        拒绝: Worm.Win32.AutoRun.ahy               
2008-9-16 16:10:42        http://bbs.kafan.cn/attachment.p ... capxteo.exe//NSPack        ThunderS Module        已检测到: Worm.Win32.AutoRun.ahy               
kis2009直接制止！

zwenchang

魔法盾成功进行拦截   

Palkia

病毒        2008-09-16  18:08:29        C:\Documents and Settings\Administrator\桌面\病毒.rar\autorun.inf        BAT.UCCT.a        清除成功       
病毒        2008-09-16  18:08:29        C:\Documents and Settings\Administrator\桌面\病毒.rar\.vbs        DOS.VBE.an.10000        清除成功       
病毒        2008-09-16  18:08:29        C:\Documents and Settings\Administrator\桌面\病毒.rar\capxteo.exe        Win32.Troj.Autorun.sz.141420        清除成功

Kitman

Begin scan in 'C:\Users\TOSHIBA\Downloads\瓷馮'
C:\Users\TOSHIBA\Downloads\瓷馮\.vbs
    [DETECTION] Contains recognition pattern of the VBS/Autorun.AL VBS script virus
    [NOTE]      A backup was created as '49459c69.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\瓷馮\autorun.inf
    [DETECTION] Contains recognition pattern of the VBS/Worm.Runauto.A.1 VBS script virus
    [NOTE]      A backup was created as '49439cb0.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!
C:\Users\TOSHIBA\Downloads\瓷馮\capxteo.exe
    [DETECTION] Is the TR/Crypt.NSPI.Gen Trojan
    [NOTE]      A backup was created as '493f9c9c.qua'  ( QUARANTINE )
    [NOTE]      The file was deleted!

[ 本帖最后由 Kitman 于 2008-9-16 19:45 编辑 ]

尤金卡巴斯基

2008/9/17 18:13:35        已清除        木马程序 Trojan.VBS.Agent.an        G:\Temp\Virus\病毒.rar/.vbs               
2008/9/17 18:13:35        已清除        病毒 Worm.Win32.AutoRun.ahy        G:\Temp\Virus\病毒.rar/capxteo.exe//NSPack

infohy

re
我在下载之前特地把KAV2009关闭了 然后下载打开运行 微点也识别了，呵呵

btw我：
弱问，怎么抓这么小的图啊？我只会PrintScreenSysRq抓图

allinwonderi

[Scanning : C:\Download Files]


C:\Download Files\病毒.rar<RAR>:capxteo.exe <- Trojan.Autorun.Sz : No action
C:\Download Files\病毒.rar<RAR>:.vbs <- Trojan.VBS.Manual.x : No action

allinwonderi

[发现安全风险： ]        <W32/AutoRun.B.gen!Eldorado (not disinfectable, 普通)>        C:\Download Files\病毒.rar->capxteo.exe->(NSPack)->(PE_Patch)
[发现特洛伊木马：]        <VBS/Agent.F (确切, not disinfectable)>        C:\Download Files\病毒.rar->.vbs
[发现特洛伊木马：]        <IS/Autorun (确切, not disinfectable)>        C:\Download Files\病毒.rar->autorun.inf

---------------------------------------------------------------------
扫描已结束:        2008-9-17, 20:46:53
用时:        0:00:03

扫描结果:

已扫描的文件:                 7
已感染的对象:         3
已清除的对象:         0
已隔离的文件:         0
---------------------------------------------------------------------

allinwonderi

linyin1367

Nod32全杀了。。。