这是最近肉鸡里面收到的，10来个小文件。

fengxing

已经去除了karspersky可处理的。
另外，有人熟悉“爬虫”系统么？

Starting the file scan:

Begin scan in 'E:\新建文件夹 (2)\0d0368337bd377470b96c8dc443ce1d0.bin'
Begin scan in 'E:\新建文件夹 (2)\1be6d5a75628f844ae5b8e4bcc5942df.bin'
Begin scan in 'E:\新建文件夹 (2)\2fa8339ede48765e9f0cbbdbec614eb4.bin'
Begin scan in 'E:\新建文件夹 (2)\2fdf321e46c05bc2ae62cb969544b37b.bin'
E:\新建文件夹 (2)\2fdf321e46c05bc2ae62cb969544b37b.bin
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4856eff5.qua'!
Begin scan in 'E:\新建文件夹 (2)\7bc9a42e051781e18552558b5e06b416.bin'
Begin scan in 'E:\新建文件夹 (2)\12f4cfd62343e29706f3d077916dbd8a.bin'
E:\新建文件夹 (2)\12f4cfd62343e29706f3d077916dbd8a.bin
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4858efc1.qua'!
Begin scan in 'E:\新建文件夹 (2)\058ee6d24d85119665c4954992c91220.bin'
E:\新建文件夹 (2)\058ee6d24d85119665c4954992c91220.bin
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '482aefc4.qua'!
Begin scan in 'E:\新建文件夹 (2)\1575b06d0f76132e7090976e6f35085c.bin'
Begin scan in 'E:\新建文件夹 (2)\8747f594643fe88b29c4a4fcffde1a28.bin'
E:\新建文件夹 (2)\8747f594643fe88b29c4a4fcffde1a28.bin
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\58671a7361461c69f33b82859838aea1.bin'
E:\新建文件夹 (2)\58671a7361461c69f33b82859838aea1.bin
      [DETECTION] Is the Trojan horse TR/Trash.Gen
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\65309d1199054f53bfe18d15825ee3ee.bin'
Begin scan in 'E:\新建文件夹 (2)\c23072481c1f319d62c861ab2c5d3dc5.bin'
Begin scan in 'E:\新建文件夹 (2)\cc897d14458e4c6d9840a710812017a5.bin'
Begin scan in 'E:\新建文件夹 (2)\d9befa8bcbf0aebe9b2ad4fbf60d3b6a.bin'
E:\新建文件夹 (2)\d9befa8bcbf0aebe9b2ad4fbf60d3b6a.bin
      [DETECTION] File has been compressed with an unusual runtime compression tool (PCK/FSG). Please verify the origin of the file
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\db8b56a3b227c2c6ac4eb604c7e15bd3.bin'
E:\新建文件夹 (2)\db8b56a3b227c2c6ac4eb604c7e15bd3.bin
      [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Hupigon.Gen Backdoor server programs
      [INFO]      The file was deleted!
Begin scan in 'E:\新建文件夹 (2)\e20c118d6a13bd46c4cb10b1c140f20b.bin'


End of the scan: 2008年4月2日  10:29
Used time: 00:22 min

The scan has been done completely.

      0 Scanning directories
     16 Files were scanned
      4 viruses and/or unwanted programs were found
      3 Files were classified as suspicious:
      4 files were deleted
      0 files were repaired
      3 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
     12 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes

3806191	db8b56a3b227c2c6a...d3.bin	12.83 KB	MALWARE
3806192	12f4cfd62343e2970...8a.bin	3.35 KB	UNDER ANALYSIS
3806193	058ee6d24d8511966...20.bin	3.79 KB	UNDER ANALYSIS
3806194	1be6d5a75628f844a...df.bin	3.84 KB	UNDER ANALYSIS
3806195	8747f594643fe88b2...28.bin	4 KB	MALWARE
3806196	1575b06d0f76132e7...5c.bin	6.38 KB	UNDER ANALYSIS
3806197	7bc9a42e051781e18...16.bin	7.03 KB	UNDER ANALYSIS
3806198	c23072481c1f319d6...c5.bin	7.13 KB	UNDER ANALYSIS
3806199	d9befa8bcbf0aebe9...6a.bin	7.64 KB	UNDER ANALYSIS
3806200	2fdf321e46c05bc2a...7b.bin	7.77 KB	UNDER ANALYSIS
3806201	0d0368337bd377470...d0.bin	9.33 KB	UNDER ANALYSIS
3806202	2fa8339ede48765e9...b4.bin	11 KB	UNDER ANALYSIS
122573	e20c118d6a13bd46c...0b.bin	11.22 KB	KNOWN CLEAN
208479	cc897d14458e4c6d9...a5.bin	9.77 KB	FALSE POSITIVE
3806203	65309d1199054f53b...ee.bin	12.29 KB	UNDER ANALYSIS

[ 本帖最后由 Exia 于 2008-4-2 10:29 编辑 ]

爱·妖姬

20080402 024151        扫描 '单击右键扫描' 已启动。
20080402 024151        在 'D:\testt1.rar\58671a7361461c69f33b82859838aea1.bin' 中检测到 病毒/间谍软件 'Mal/Emogen-E' 。
20080402 024152        在 'D:\test15.rar\db8b56a3b227c2c6ac4eb604c7e15bd3.bin' 中检测到 病毒/间谍软件 'Mal/Emogen-E' 。
20080402 024152        在 'D:\test15.rar\12f4cfd62343e29706f3d077916dbd8a.bin' 中检测到 病毒/间谍软件 'Mal/TibsPk-A' 。
20080402 024152        在 'D:\test15.rar\058ee6d24d85119665c4954992c91220.bin' 中检测到 病毒/间谍软件 'Mal/TibsPk-A' 。
20080402 024152        在 'D:\test15.rar\8747f594643fe88b29c4a4fcffde1a28.bin' 中检测到 病毒/间谍软件 'Mal/Packer' 。
20080402 024152        已确认文件 "D:\test15.rar\c23072481c1f319d62c861ab2c5d3dc5.bin" 为可疑文件（类型 'Sus/UnkPacker'）。
                请向 Sophos 寄送一份样本。
20080402 024152        在 'D:\test15.rar\d9befa8bcbf0aebe9b2ad4fbf60d3b6a.bin' 中检测到 病毒/间谍软件 'Mal/TibsPk-A' 。
20080402 024152        扫描 '单击右键扫描' 已完成。
20080402 024152        扫描'单击右键扫描'摘要：
                已扫描项目：8
                错误：0
                已隔离项目：2
                已处置项目：0

leonfg

Scan Log
Version of virus signature database: 2993 (20080401)
Date: 2008-04-02  Time: 10:50:20
Scanned disks, folders and files: C:\Documents and Settings\GUNDAM\桌面\testt1;C:\Documents and Settings\GUNDAM\桌面\test15
C:\Documents and Settings\GUNDAM\桌面\test15\058ee6d24d85119665c4954992c91220.bin - probably unknown NewHeur_PE virus [7] - deleted - quarantined
C:\Documents and Settings\GUNDAM\桌面\test15\12f4cfd62343e29706f3d077916dbd8a.bin - probably unknown NewHeur_PE virus [7] - deleted - quarantined
C:\Documents and Settings\GUNDAM\桌面\test15\1575b06d0f76132e7090976e6f35085c.bin - Win32/TrojanDownloader.Agent.NWS trojan - cleaned by deleting - quarantined [1]
C:\Documents and Settings\GUNDAM\桌面\test15\c23072481c1f319d62c861ab2c5d3dc5.bin » FSG v2.0 - unpack error
Number of scanned objects: 16
Number of threats found: 3
Number of cleaned objects: 3
Time of completion: 10:50:32  Total scanning time: 12 sec (00:00:12)

Notes:
[1] Object has been deleted as it only contained the virus body.
[7] Object is probably infected with an unknown virus.

啊弥陀佛

跑不起来,都是BIN文件

我是小菜鸟

红伞杀之，不解压缩了，有事

sam.to

已隔離: 病毒 Packed.Win32.CryptExe (修改)        檔案: C:\Documents and Settings\kato9096\桌面\test15.rar/2fa8339ede48765e9f0cbbdbec614eb4.bin//PE_Patch

上报卡巴

guoshu520

用费尔
第一个压缩包没反应
第二个
Heuri.Suspicious.ERNM        启发式扫描        C:\Documents and Settings\LuckyStar\桌面\test15.rar>>c23072481c1f319d62c861ab2c5d3dc5.bin        Manual scan
Heuri.Suspicious.ERNM        启发式扫描        C:\Documents and Settings\LuckyStar\桌面\test15.rar>>8747f594643fe88b29c4a4fcffde1a28.bin        Manual scan
TrojanDownloader.VB.iqc.hwyp        木马        C:\Documents and Settings\LuckyStar\桌面\test15.rar>>12f4cfd62343e29706f3d077916dbd8a.bin        Manual scan
Heuri.Suspicious.ERNM        启发式扫描        C:\DOCUMENTS AND SETTINGS\LUCKYSTAR\LOCAL SETTINGS\TEMP\TWIEXF\C23072481C1F319D62C861AB2C5D3DC5.BIN        Manual scan
TrojanDownloader.VB.hqz.lucx        木马        C:\DOCUMENTS AND SETTINGS\LUCKYSTAR\LOCAL SETTINGS\TEMP\TWIEXF\D9BEFA8BCBF0AEBE9B2AD4FBF60D3B6A.BIN        Manual scan
TrojanDownloader.Agent.NWS.dcdo        木马        C:\DOCUMENTS AND SETTINGS\LUCKYSTAR\LOCAL SETTINGS\TEMP\TWIEXF\1575B06D0F76132E7090976E6F35085C.BIN        Manual scan
Heuri.Suspicious.ERNM        启发式扫描        C:\Documents and Settings\LuckyStar\桌面\test15.rar>>058ee6d24d85119665c4954992c91220.bin        Manual scan

glacier

晕，NOD只查了三个出来

gaojun7206

对象名称 威胁的名称: 最终的状态
C:\Documents and Settings\Administrator\桌面\test\12f4cfd62343e29706f3d077916dbd8a.bin DeepScan:Generic.Malware.dld!!.81E327CA 被删除的
C:\Documents and Settings\Administrator\桌面\test\058ee6d24d85119665c4954992c91220.bin DeepScan:Generic.Malware.dld!!.C227A797 被删除的
C:\Documents and Settings\Administrator\桌面\test\1575b06d0f76132e7090976e6f35085c.bin Trojan.AntiAV.B 被删除的